Trend Micro Email
Security provides the following features
and benefits:
Sender Filter
Trend Micro Email
Security allows you to filter senders of
incoming email messages. You can specify the senders to allow or block using specific
email
addresses or entire domains and specify the type of sender addresses collected to
match the
approved and blocked sender lists.
For details, see Managing sender filter.
Email Reputation Services
Trend Micro Email
Security makes use of Trend Micro Email Reputation Services (ERS) Standard Service and
Advanced Service. Email Reputation Services use a standard IP reputation database
and an
advanced and dynamic IP reputation database (a database updated in real time). These
databases have distinct entries, allowing Trend Micro to
maintain a very efficient and effective system that can quickly respond to new sources
of
spam.
For details, see Understanding IP reputation.
Domain-based Message Authentication, Reporting and Conformance (DMARC)
As an email validation system to detect and prevent email spoofing,
Domain-based Message Authentication, Reporting and Conformance (DMARC) is intended
to fight
against certain techniques used in phishing and spam, such as email messages with
forged
sender addresses that appear to originate from legitimate organizations. DMARC fits
into the
inbound email authentication process of Trend Micro Email
Security,
allowing you to define DMARC policies, including the actions to take on messages that
fail
DMARC authentication.
For details, see Domain-based message authentication, reporting & conformance (DMARC).
Multitiered Virus, Spam, Correlated Intelligence, and Content Filtering
Trend Micro Email
Security leverages the Trend Micro Virus Scan Engine to compare the files with the
patterns of known viruses and integrates Predictive Machine Learning to detect new,
previously unidentified, or unknown malware through advanced file feature analysis.
Trend Micro Email
Security also supports integration with Virtual Analyzer, a
cloud-based virtual environment designed for manage and analyze objects submitted
by Trend Micro products.
To combat sophisticated attacks for enhanced inbound protection, Trend Micro Email
Security leverages the Correlated Intelligence feature to correlate suspicious signals from
various sources to detect phishing security risks and anomalies.
Furthermore, Trend Micro Email
Security detects phishing,
spam, Business Email Compromise (BEC) scams, graymail and social engineering attacks
and
examines the message contents to determine whether the message contains inappropriate
content.
You can configure domain-level and organization-level policies to detect various security
risks and anomalies by scanning email messages and then performing a specific action
for each security risk detected.
For details, see Configuring policies.
Virtual Analyzer
Virtual Analyzer is a cloud sandbox designed for analyzing suspicious files and
URLs. Sandbox images allow observation of files and URLs in an environment that simulates
endpoints on your network without any risk of compromising the network.
Trend Micro Email
Security sends suspicious files or URLs
to Virtual Analyzer when a file or URL exhibits suspicious characteristics and
signature-based scanning technologies cannot find a known threat. Virtual Analyzer
performs
static analysis and behavior simulation in various runtime environments to identify
potentially malicious characteristics. During analysis, Virtual Analyzer rates the
characteristics in context and then assigns a risk level to the sample based on the
accumulated ratings.
For details on Virtual Analyzer settings, see Configuring virus scan criteria and Configuring Web Reputation criteria.
Data Loss Prevention
Data Loss Prevention (DLP) safeguards an organization's digital assets against
accidental or deliberate leakage. DLP evaluates data against a set of rules defined
in
policies to determine the data that must be protected from unauthorized transmission
and the
action that DLP performs when it detects transmission. With DLP, Trend Micro Email
Security allows you to manage your incoming email
messages containing sensitive data and protects your organization against data loss
by
monitoring your outbound email messages.
For details, see Data Loss Prevention.
File Password Analysis
Based on user-defined passwords, Trend Micro Email
Security
can extract password-protected archive files and open password-protected document
files in
email messages to investigate any malicious or suspicious content in those messages.
For details, see File password analysis.
Suspicious Objects
Suspicious objects are objects with the potential to expose systems to danger
or loss. After Trend Micro Email
Security is registered to Trend Micro
Apex Central, Apex Central synchronizes the
suspicious object lists consolidated from its managed Trend Micro products with Trend Micro Email
Security at a scheduled time
interval.
For details, see Apex Central.
Email Continuity
Trend Micro Email
Security provides protection against email
loss if your email server goes down. If your server becomes unavailable due to a crash
or
network connectivity problem, Trend Micro Email
Security automatically
transfers inbound traffic to a backup server until your server is back online. This
enables
end users to read, forward, download and reply to email messages on the End User
Console.
For details, see Email Continuity.
Logs and Reports
Trend Micro Email
Security provides detailed logs to help you analyze system security and improve protection
solutions. You can view and search logs to track messages for inbound and outbound
traffic, and to track all messages for a specific sender, recipient, policy rule or
detection. Trend Micro Email
Security allows you to forward syslog messages to an external syslog server in a structured
format, which allows third-party application integration.
For details, see Logs in Trend Micro Email
Security.
Trend Micro Email
Security provides reports to assist in
mitigating threats and optimizing system settings. You can generate reports based
on a
daily, weekly, monthly or quarterly schedule.
For details, see Reports.
Message Quarantine
Quarantined messages are blocked as detected spam or other inappropriate
content before delivery to an email account. Messages held in quarantine can be reviewed
and
manually deleted or delivered on the administrator console. Furthermore, end users
can view
and manage their own quarantined messages on the End User Console.
For details, see Understanding quarantine.