Views:
Cloud Email Gateway Protection provides the following features and benefits:

Sender Filter

Cloud Email Gateway Protection allows you to filter senders of incoming email messages. You can specify the senders to allow or block using specific email addresses or entire domains and specify the type of sender addresses collected to match the approved and blocked sender lists.
For details, see Managing sender filter.

Email Reputation Services

Cloud Email Gateway Protection makes use of Trend Micro Email Reputation Services (ERS) Standard Service and Advanced Service. Email Reputation Services use a standard IP reputation database and an advanced and dynamic IP reputation database (a database updated in real time). These databases have distinct entries, allowing Trend Micro to maintain a very efficient and effective system that can quickly respond to new sources of spam.
For details, see Understanding IP reputation.

Domain-based Message Authentication, Reporting and Conformance (DMARC)

As an email validation system to detect and prevent email spoofing, Domain-based Message Authentication, Reporting and Conformance (DMARC) is intended to fight against certain techniques used in phishing and spam, such as email messages with forged sender addresses that appear to originate from legitimate organizations. DMARC fits into the inbound email authentication process of Cloud Email Gateway Protection, allowing you to define DMARC policies, including the actions to take on messages that fail DMARC authentication.

Multitiered Virus, Spam, Correlated Intelligence, and Content Filtering

Cloud Email Gateway Protection leverages the Trend Micro Virus Scan Engine to compare the files with the patterns of known viruses and integrates Predictive Machine Learning to detect new, previously unidentified, or unknown malware through advanced file feature analysis. Cloud Email Gateway Protection also supports integration with Virtual Analyzer, a cloud-based virtual environment designed for manage and analyze objects submitted by Trend Micro products.
To combat sophisticated attacks for enhanced inbound protection, Cloud Email Gateway Protection leverages the Correlated Intelligence feature to correlate suspicious signals from various sources to detect phishing security risks and anomalies.
Furthermore, Cloud Email Gateway Protection detects phishing, spam, Business Email Compromise (BEC) scams, graymail and social engineering attacks and examines the message contents to determine whether the message contains inappropriate content.
You can configure domain-level and organization-level policies to detect various security risks and anomalies by scanning email messages and then performing a specific action for each security risk detected.
For details, see Configuring policies.

Virtual Analyzer

Virtual Analyzer is a cloud sandbox designed for analyzing suspicious files and URLs. Sandbox images allow observation of files and URLs in an environment that simulates endpoints on your network without any risk of compromising the network.
Cloud Email Gateway Protection sends suspicious files or URLs to Virtual Analyzer when a file or URL exhibits suspicious characteristics and signature-based scanning technologies cannot find a known threat. Virtual Analyzer performs static analysis and behavior simulation in various runtime environments to identify potentially malicious characteristics. During analysis, Virtual Analyzer rates the characteristics in context and then assigns a risk level to the sample based on the accumulated ratings.
For details on Virtual Analyzer settings, see Configuring virus scan criteria and Configuring Web Reputation criteria.

Data Loss Prevention

Data Loss Prevention (DLP) safeguards an organization's digital assets against accidental or deliberate leakage. DLP evaluates data against a set of rules defined in policies to determine the data that must be protected from unauthorized transmission and the action that DLP performs when it detects transmission. With DLP, Cloud Email Gateway Protection allows you to manage your incoming email messages containing sensitive data and protects your organization against data loss by monitoring your outbound email messages.
For details, see Data Loss Prevention.

File Password Analysis

Based on user-defined passwords, Cloud Email Gateway Protection can extract password-protected archive files and open password-protected document files in email messages to investigate any malicious or suspicious content in those messages.
For details, see File password analysis.

Suspicious Objects

Suspicious objects are objects with the potential to expose systems to danger or loss. After Cloud Email Gateway Protection is registered to Trend Micro Apex Central, Apex Central synchronizes the suspicious object lists consolidated from its managed Trend Micro products with Cloud Email Gateway Protection at a scheduled time interval.
For details, see Apex Central.

Email Continuity

Cloud Email Gateway Protection provides protection against email loss if your email server goes down. If your server becomes unavailable due to a crash or network connectivity problem, Cloud Email Gateway Protection automatically transfers inbound traffic to a backup server until your server is back online. This enables end users to read, forward, download and reply to email messages on the End User Console.
For details, see Email Continuity.

Logs and Reports

Cloud Email Gateway Protection provides detailed logs to help you analyze system security and improve protection solutions. You can view and search logs to track messages for inbound and outbound traffic, and to track all messages for a specific sender, recipient, policy rule or detection. Cloud Email Gateway Protection allows you to forward syslog messages to an external syslog server in a structured format, which allows third-party application integration.
Cloud Email Gateway Protection provides reports to assist in mitigating threats and optimizing system settings. You can generate reports based on a daily, weekly, monthly or quarterly schedule.
For details, see Reports.

Message Quarantine

Quarantined messages are blocked as detected spam or other inappropriate content before delivery to an email account. Messages held in quarantine can be reviewed and manually deleted or delivered on the administrator console. Furthermore, end users can view and manage their own quarantined messages on the End User Console.
For details, see Understanding quarantine.