Call a Specialist Today! 800-886-5369

Blue Coat Mail Threat Defense
Secure Email Against Targeted Phishing Attacks

 

Blue Coat Products
Blue Coat ThreatBLADES
Blue Coat Mail Threat Defense
Please Call for Pricing!

More pricing below, click here!

Overview:

Secure email against targeted phishing attacks. Blue Coat Mail Threat Defense protects against email-borne malware in links and attachments that are activated by unsuspecting end users. Deployed inline as a cloud-based service or a premise-based appliance, the solution extracts malicious content prior to delivery and without disrupting the existing message flow, while enforcing enterprise security policies. It integrates seamlessly with the Blue Coat Advanced Threat Detection ecosystem and supplements existing email security tools.

Protect Office 365 Mail Embeds, Attachments

Mail Threat Defense protects against targeted attacks and phishing for enterprises migrating to Office 365. By deeply scanning embedded URLs and file attachments in email messages prior to delivery at the cloud mail server, then taking policy-based actions to sanitize the messages based on the risk scores received, enterprises vastly reduce the opportunity for end users to inadvertently introduce a devastating malware breach into the organization launched from an errant click.

Expose More Email Threats

Mail Threat Defense blocks all known email-based threats and automatically delivers never-before-seen, unique, and zero-day malware for sandbox detonation, comprehensive analysis, and targeted risk scoring to block unknown threats. It scans embedded file attachments and URL links for malware, then takes actions based on corporate security policy.

Positioned inline after the SPAM filter, Mail Threat Defense integrates with other email security solutions, preserving and enhancing the value of prior electronic mail security investments.

Pre-Filters and Rejects the Knowns

Mail Threat Defense applies a variety of sophisticated techniques to quickly pre-filter and reject both known good and known bad files and URLs:

  • URL Filtering
  • File Hash Reputation
  • Anti-Virus Detection
  • Static Code Analysis

Safe messages proceed to end users.

Analyzes the Unknowns

Unknown files and URLs are extracted and sent to the Blue Coat Malware Analysis Appliance, an advanced multi-stage sandbox, for identification and risk scoring in precisely tailored gold-image detonation chambers. It performs recursive analysis on the primary file or URL plus any subsequent “dropped” files and callback URLs:

  • Static Code Analysis
  • Dynamic / Behavioral Analysis
  • Reputational Analysis
  • YARA Rules Analysis

Configurable Security Policies

Security policies allow enterprises to balance message delivery speed, user preference, and business security needs. Based on risk scores, policies can:

  • Remove malicious attachments
  • Remove/replace malicious links
  • Add malicious content warnings
  • Quarantine malicious messages

Who Benefits?

Email End User (Employee) Fast, accurate receipt of legitimate business (and some personal) messages with all links and attachments intact
Message Infrastructure Engineer Rapid delivery of safe messages scanned for malicious links and attachments
Mail Security Analyst Minimization of the email attack vector in circumventing enterprise defenses
Security Auditor Easy access and retention to logging of all events
Desktop Support Engineer Reduced trouble tickets; reduced downtime for desktop and remote users
Executive (CISO, CTO, IS Director) Comprehensive multi-vector threat protection; fortification against the end-user weakest link in the security chain. Proof of ROI.

Email is one of the most common attack vectors used by hackers to get into your corporate network. Attackers will send targeted communications “phishing” for information they can use to perpetrate other attacks and establish a foothold in your organization they can use to spread. They may try to trick your users into providing sensitive data – such as usernames and passwords, financial records, etc. – or get them to click on a link or open a file that contains malicious code that automatically infects the endpoint. To protect against these types of attacks, you need a solution that is capable of identifying and preventing the varied phishing methods attackers deploy – you need Blue Coat Mail Threat Defense.

Blue Coat Mail Threat Defense protects against email-borne malware in links and attachments that are activated by unsuspecting end users. The solution can identify and extract malicious content from an email before it is delivered to the user to neutralize the attack. As a result, you can effectively enforce corporate security policies and keep your resources safe, without impacting the user’s experience.

Features & Benefits:

Blue Coat Defeats Targeted Attacks

Mail Threat Defense inspects and analyzes all email messages for malicious content before they arrive in the targeted user’s in-box. If there is malware contained within embedded URL links or file attachments, Mail Threat Defense will identify it and actively block, alter, or quarantine the message, based on the severity of the threat and your corporate security policy. The solution has no impact on the user experience, beyond ensuring they only receive sanitized, safe messages in their inbox.

Eliminates Known Attacks

Mail Threat Defense scans embedded file attachments and URL links to identify known malware and takes action based on your corporate security policy. The solution also identifies files and URLs that are known to be good and sends those safe messages on to the user. Mail Threat Defense applies a variety of sophisticated techniques to quickly identify both known bad and good files and URLs, including:

  • URL Filtering
  • File Hash Reputation
  • Anti-Virus Detection
  • Static Code Analysis

The solution leverages Blue Coat’s Global Intelligence Network, which is monitoring and codifying the threats encountered by users worldwide, to constantly update and improve these techniques.

Uncovers New Attacks

Mail Threat Defense can identify never-beforeseen, unique and zero-day malware It extracts any unknown files and URLs it detects and sends them to the Blue Coat Malware Analysis Appliance for identification and risk scoring. The Blue Coat Malware Analysis Appliance is an advanced, multi-stage sandbox that uses precisely tailored, gold-image detonation chambers to perform recursive analysis on any primary files or URLs, plus any subsequent “dropped” files and callback URLs. It uses:

  • Static Code Analysis
  • Dynamic/Behavioral Analysis
  • Reputational Analysis
  • YARA Rules Analysis

The solution will then provide a targeted risk score for the malware it has discovered, so you can effectively address and mitigate the risk posed by this previously unknown threat.

Provides Configurable Security Policies

The security policies of Mail Threat Defense enable you to balance message delivery speed, user autonomy desires and business security needs. Based on the verdicts and malicious risk scores determined by the solution, you can enact policies that block, alter, quarantine or detect / alert on the malware. As a result, you can:

  • Remove malicious attachments
  • Remove / Replace malicious links
  • Add malicious content warnings
  • Quarantine malicious messages

Deployment Modes

The solution can be deployed inline, as a cloud-based service or an on-premises appliance. It is typically positioned behind the firewall, after the SPAM filter, to ensure it can inspect all mail before it is delivered to the user. Note, the solution can also be deployed passively, alerting you as soon as email malware is detected. It seamlessly integrates with any other email security solutions you have to preserve and enhance the value of your investments.

Mail Threat Defesne S400 Diagram

At a Glance

Defeats Targeted Attacks

  • Ability to identify attacks in embedded file attachments and URL links
  • Delivers screened and sanitized email messages to end users

Eliminates Known Attacks

  • Uses sophisticated techniques to quickly identify both known bad and good files and URLs
  • Leverages the global intelligence network to stay up-to-date on the latest threats

Uncovers New Attacks

  • Uses precise detonation chambers to uncover new, zero-day attacks. Understands the risk level of new attacks with targeted malicious risk scoring

Provides Configurable Security Policies

  • Supports the unique security enforcement need of the organization
  • Balances message delivery speed, user autonomy desires and business needs

Specifications:

Mail Threat Defense Appliance
Malware Analysis Appliance
MTD S400-10
MAA S400-10
MTD S400-20
MAA S400-10
Performance
Advanced Mail Analysis Up to 300,000 emails / day Up to 500,000 emails / day
System
Disk Drivers 3 x 1 TB 6 x 1 TB
RAM 24 GB 48 GB
Onboard Ports
  • (2) 1000Base-T Copper ports
  • 1000Base-T Copper, System Management Port
  • (1) 1000 Base-T Copper, BMC Management Port
  • (2) 10Gb Base-T Copper ports
  • 1000Base-T Copper, System Management Port
  • (1) 1000Base-T Copper, BMC Management Port
Optional NICS 2x10Gb Base-T Copper 2x10Gb Base-T Copper
Physical Properties MTD S400, MAA S400
Dimensions and Weight
Dimensions 572mm x 432.5mm x 42.9mm ( 22.5in X 17.03in X 1.69in) (chassis only)
643mm x 485.4mm x 42.9mm (25.3in x 19.11in x 1.69in) (chassis with extensions
1 RU height
Weight (Maximum) Approx. 12.8 kg (28 lbs) +/- 5%
Operating Environment
Power Dual redundant and hot swappable power supplies, AC power 100-240V, 50-60Hz, 4A (DC power available)
Maximum Power 450 Watts
Thermal Rating Typical: 1086 BTU/hr, Max: 1381 BTU/hr
Temperature 5°C to 40°C (41°F to 104°F) at sea level
Humidity 20 to 80% relative humidity, non-condensing
Altitude Up to 3048m (10,000ft)
Mail Threat Defense Appliances
Regulations Safety Electromagnetic Compliance (EMC)
International CB – IEC60950-1, Second Edition CISPR22, Class A; CISPR24
USA NRTL – UL60950-1, Second Edition FCC part 15, Class A
Canada SCC – CSA-22.2, No.60950-1, Second Edition ICES-003, Class A
European Union (CE) CE – EN60950-1, Second Edition EN55022, Class A; EN55024; EN61000-3-2; EN61000-3-3
Japan --- VCCI V-3, Class A
Mexico NOM-019-SCFI by NRTL Declaration ---
Argentina S Mark – IEC 60950-1 ---
Taiwan BSMI – CNS-14336-1 BSMI – CNS13438, Class A
China CCC – GB4943.1 CCC – GB9254; GB17625
Australia/New Zealand AS/NZS 60950-1, Second Edition AS/ZNS-CISPR22
Korea   KC – RRA, Class A
Russia CU – IEC 60950-1 GOST-R 51318.22, Class A; 51318.24; 51317.3.2; 51317.3.3
Environmental RoHS-Directive 2011/65/EU, REACH-Regulation No 1907/2006
Product Warranty Limited, non-transferable hardware warranty for a period of one (1) year from date of shipment.
BlueTouch Support contracts available for 24/7 software support with options for hardware support.

Documentation:

Download the Blue Coat Mail Threat Defense Datasheet (PDF).

Pricing Notes:

Blue Coat Products
Blue Coat ThreatBLADES
Blue Coat Mail Threat Defense
Please Call for Pricing!