لایسنس ESA, CISCO, ESA

CISCO ESA

ٌٌُwsa
ESA

Cisco Email Security Appliance CISCO ESA

CISCO ESA ( Email Security Appliance )

محافظت از سرویس‌دهی به کاربران در برابر حملات ایمیلی

سرویس ایمیل ابزار مه ESA Email Security Appliance ، اما همین CISCO ESA ابزار مهم می‌تواند حاوی تهدیدات خطرناکی نیز باشد. بنا بر گزارش‌های آماری ایمیل گروه Radicati در سال‌های 2012 تا 2016، میانگین هزینه هر نقض امنیتی برابر با 4.5 میلیون دلار است و ایمیل‌های ورودی محبوب‌ترین مسیر تهدید برای نقض‌های امنیتی هستند. حملات پیچیده و بسیار هدفمند از اطلاعات شخصی و تاکتیک‌های مهندسی اجتماعی برای فریب کاربران استفاده می‌کنند و آنها را به سایت‌های مخربی که حاوی بدافزار هستند هدایت می‌نمایند.

 Cisco-Zero-Hour-Virus-and-Malware-Protecto

Cisco-Zero-Hour-Virus-and-Malware-Protecto

برای تهیه لایسنس  ESA با کارشناسان ما در داده پرداز سپهر آسیا تماس بگیرید

امروزه، برای پاسخ به تهدیدات مبتنی بر ایمیل، و محافظت در برابر  حملات موجود و در حال تکامل، به یک مجموعه‌ی اختصاصی از منابع، فن‌آوری‌ها و تخصص نیاز است. قابلیت‌های Cisco Email Security Appliance یا به اختصار ESA برای ایمنی Inbox کاربران، همواره یک قدم فراتر از این تهدیدات عمل کرده است. این تجهیز پرکاربرد با امنیت بالایی از Inbox کاربر در برابر Spam، بدافزارهای پیشرفته، Phishing و از بین رفتن داده‌ها محافظت می‌کند. علاوه بر این، ویژگی Advanced Malware Protection یا به اختصار AMP با یک Simple Add-On License از طریق مسدود کردن تهدیدات، کاهش دامنه‌ حمله و اصلاح سریع، قبل، بعد و در طول حمله، محافظت مداومی فراهم می‌سازد؛ این ویژگی هم‌اکنون همراه با تجهیز Threat Grid به طور کامل با AMP Private Cloud License به‌صورت On-Premises قابل نصب است. این موضوع برای مشتریانی اهمیت دارد که الزامات Policy سخت‌گیرانه‌ای دارند و اجازه استفاده از AMP به صورت Cloud عمومی را ندارند.

ESA-Advance-Malware-Protection

ESA-Advance-Malware-Protection

پیاده سازی دفاع چند لایه برای مقابله با تهدیدات متعدد

خدمات Cisco Talos که با  قابلیت‌های Cisco Email Security Appliance یکپارچه‌سازی شده است به‌صورت 24 ساعته فعالیت ترافیک جهانی را نمایش می‌دهد. داشتن این اطلاعات کاربر را قادر به تجزیه و تحلیل ناهنجاری‌ها، کشف تهدیدات جدید و مانیتورینگ روندهای ترافیک می‌سازد. همچنین، بروزرسانی خودکار Policy هر سه تا پنج دقیقه در دستگاه‌های شبکه اعمال می‌گردد.

جلوگیری از رسیدن Spam به Inbox کاربر بسیار ساده است. یک دفاع چند لایه، لایه بیرونی فیلترینگ مبتنی بر اعتبار و صحت فرستنده و لایه داخلی فیلترینگ که تجزیه و تحلیل عمیقی از پیام ارائه می‌دهد را با یک‌دیگر ترکیب می‌کند. کاربر همچنین می‌تواند با Forged Email Detection (تشخیص ایمیل جعلی) در برابر حملات Spoofing از خود محافظت کند. این حملات هدفمند بر روی مدیران اجرایی که تحت عنوان هدفهای ارزشمند هم شناخته می‌شوند، تمرکز دارند. این ویژگی Logهای مفصلی را در مورد همه‌ی اعمال و اقدامات انجام شده فراهم می‌کند.
از قابلیت‌های Cisco Email Security Appliance کاربر می‌تواند:

  • Phishing و تهدیدات ادغام‌شده را متوقف کند.
  • Graymail را شناسایی کرده و با گزینه “Safe Unsubscribe” برچسب بزند.
  • الزامات را برای پیام‌رسانی با امنیت بالا و با رمزگدازی قابل اعتماد و امن برآورده کند. (کلیدها در On-Premise یا Cloud ذخیره می‌شوند.)
  • با مقررات صنعتی و دولتی برای پیشگیری از دست رفتمرفتن داده‌ها تطابق داشته باشد.
  • در برابر تهدیدات پیشرفته و حملاتِ هدفمند، دفاع کند.
  • کاربرانی را که URLهای مخرب را باز کرده‌اند ردیابی کند.
  • Policyهای پرجزئیاتی را برای ایمیل‌ها تنظیم و اعمال نماید.

با انتخاب در بین پیاده‌سازی‌های تجهیز فیزیکی، مجازی، مبتنی بر Cloud و یا Hybrid، کاربر می‌تواند راه حلی را برای رفع نیازهای کسب و کارش پیدا کند.

مزایای و قابلیت‌های ESA Cisco Email Security Appliance

  • حفاظت از ایمیل به صورت سریع‌تر و جامع‌تر، چندین ساعت یا چندین روز زود‌تر از رقبا
  • دسترسی به یکی از بزرگترین شبکه‌های هوش تهدیدات (Threat Intelligence) با Cisco Talos، که براساس تجزیه‌‌وتحلیل‌های جمعی Real-Time ساخته شده است.
  • محافظت از پیامهای خروجی از طریق On-device Data Loss Prevention یا به اختصار DLP، رمزگذاری ایمیل و یکپارچه‌سازی اختیاری با راهکار Enterprise DLP متعلق به RSA.
  • کاهش هزینه کلی مالکیت با Footprint اندک، پیاده‌سازی آسان و اداره خودکار که در طولانی‌مدت موجب صرفه‌جویی در هزینه‌ها می‌گردد.
  • حصول حداکثری انعطاف‌پذیری در پیاده‌سازی که با انواع پیاده‌سازی On-premises و Cloudو یاس Hybrid ممکن می‌شود.

برای کسب اطلاعات بیشتر به صفحه Cisco Email Security Appliance  ESA دیدن بفرمایید. 

Cisco Email Security Appliance  ESA

Feature

Benefit

Global threat intelligence

Get fast, comprehensive email protection backed by Talos, one of the largest threat detection networks in the world. Talos provides broad visibility and a large footprint, including:

●  600 billion emails per day
●  16 billion web requests per day
●  1.5 million malware samples

Talos provides a 24-hour view into global traffic activity. It analyzes anomalies, uncovers new threats, and monitors traffic trends. Talos helps prevent zero-hour attacks by continually generating rules that feed updates to customers’ email security solutions. These updates occur every three to five minutes, delivering industry-leading threat defense.

Reputation filtering

Block unwanted email with reputation filtering, which is based on threat intelligence from Talos. For each embedded hyperlink, a reputation check is performed to verify the integrity of the source. Websites with known bad reputations are automatically blocked. Reputation filtering stops 90 percent of spam before it even enters your network, allowing the solution to scale by analyzing a much smaller payload.

Spam protection

Spam is a complex problem that demands a sophisticated solution. Cisco makes it easy. Secure Email blocks unwanted emails using a multilayered scanning architecture delivering the highest spam catch rate of greater than 99 percent, with a false-positive rate of a less than a one in one million.

The antispam functionality in Secure Email uses the Cisco Context Adaptive Scanning Engine (CASE). This engine examines the complete context of a message, including what content the message contains, how the message is constructed, who is sending the message, and where the call to action of the message takes you. By combining these elements, Secure Email stops the broadest range of threats with industry-leading accuracy.

Forged email detection

Forged email detection protects against BEC attacks focused on executives, who are considered high-value targets. Forged-email detection helps you block these customized attacks and provides detailed logs on all attempts and actions taken.

Cisco Advanced Phishing Protection

CAPP stops identity deception–based attacks such as social engineering, imposters, and BEC by combining global Cisco Talos threat intelligence with local email intelligence and advanced machine learning techniques to model trusted email behavior on the Internet, within organizations and between individuals.

●  Integrates machine learning techniques to drive daily model updates, maintaining a real- time understanding of email behavior to stop identity deception.
●  Combines rapid Domain Message Authentication Reporting and Conformance (DMARC), advanced display name protection, and look-alike domain imposter–driven detection to stop BEC attacks.
●  Models account takeover threat behavior to block attacks originating from compromised email accounts.
●  Deploys as a lightweight sensor via the cloud or on-premises in the customer’s environment as a hosted Virtual Machine (VM) of choice or bare-metal installs. Please refer to Table 7 for virtual machine hardware specifications. A cloud-based sensor is provisioned as part of Cisco Cloud Email Security deployment.
●  Supports dual-delivery mode. In this mode, the sensor accepts copies of email messages over Simple Mail Transfer Protocol (SMTP) and extracts metadata in a streaming fashion.

Cisco Domain Protection

CDP for external email helps prevent phishing emails from being sent using a customer domain(s). It automates the process of implementing the DMARC email authentication standard to better protect employees, customers, and suppliers from phishing attacks using a customer domain(s). This protects the customers’ brand identity as well as increases email marketing effectiveness by reducing phishing messages from reaching inboxes.

Virus defense

By offering a high-performance virus scanning solution integrated at the gateway, Secure Email provides a multilayered, multivendor approach to virus filtering.

Graymail detection and safe unsubscribe

Graymail consists of marketing, social networking, and bulk messages. The graymail detection feature precisely classifies and monitors graymail entering an organization. An administrator can then take appropriate action on each category. Often graymail has an unsubscribe link where end users can indicate to the sender that they would like to opt-out of receiving such emails. Since mimicking a unsubscribe mechanism is a popular phishing technique, users should be wary of clicking these unsubscribe links.

The safe unsubscribe solution provides:

●  Protection against malicious threats masquerading as unsubscribe links.
●  A uniform interface for managing all subscriptions.

Better visibility for email administrators and end users into such emails.

Cisco Secure Endpoint and Secure Malware Analytics

Secure Endpoint and Secure Malware Analytics provide file reputation scoring and blocking, file sandboxing, and file retrospection for continuous analysis of threats. Users can block more attacks, track suspicious files, mitigate the scope of an outbreak, and remediate quickly. Secure Email also integrates with Secure Endpoint, which shares threat intelligence across a customer’s entire environment, unifying security across endpoints, network, email, the cloud, and the web.

Through these integrations, Secure Endpoint automatically correlates files, telemetry data, behavior, and activity to proactively defend against advanced threats across all possible vectors.

Mailbox Auto-Remediation for Office 365 customers helps remediate breaches faster and with less effort. Customers simply set their email security solution to take automatic actions on those infected emails.

Customers can purchase an additional license to deploy their Secure Endpoint system completely on-premises with the Secure Endpoint private cloud. This, along with Secure Malware Analytics brings the entire Secure Endpoint offering completely on-premises.

SecureX

Our architectural approach to integrated security products means effective threat intelligence sharing and more. SecureX threat response provides a faster, more synchronized response across the entire portfolio.

URL-related protection and control

Users are protected against malicious URLs with URL filtering, scanning of URLs in attachments, and managed (shortened) URLs. Appropriate policies are applied to the messages based on the reputation or category of the URLs.

Outbreak filters

Outbreak filters defend against emerging threats and blended attacks. They can issue rules on any combination of six parameters, including file type, file name, file size, and URLs in a message. As Talos learns more about an outbreak, it can modify rules and release messages from quarantine accordingly. Outbreak filters can also rewrite URLs linked in suspicious messages. When clicked, the new URLs redirect the recipient through the Cisco Web Security proxy.

The website content is then actively scanned, and outbreak filters will display a block screen to the user if the site contains malware.

Web interaction tracking

Web interaction tracking is a fully integrated solution that allows IT administrators to track the end users who click on URLs that have been rewritten by Secure Email. Reports show:

●  Top users who clicked on malicious URLs.
●  The top malicious URLs clicked by end users.

Date and time, rewrite reason, and action taken on the URLs.

Data security for sensitive content in outgoing emails

Secure Email offers effective DPL and email encryption. Centralized management and reporting simplifies data protection.

DLP

Protect outbound messages with Secure Email DLP. Comply with industry and government regulations worldwide and prevent confidential data from leaving your network. Choose from an extensive policy library of more than 100 expert policies covering government, private sector, and company-specific regulations. The predefined DLP policies are included with Secure Email and simplify the application of content-aware outbound email policy. Remediation choices include encrypting, adding footers and disclaimers, adding Blind Carbon Copies (BCCs), notifying, and quarantining. For companies needing a complex custom policy, the building blocks of the predefined policies are readily available to make the process quick and easy.

Encryption

Give senders control of their content, even after messages have been sent. With email encryption, senders don’t fear mistyped recipient addresses, mistakes in content, or time-sensitive emails because they can always lock a message. The sender of an encrypted message receives a read receipt once a recipient opens a message, and highly secure replies and forwards are automatically encrypted to maintain end-to-end privacy and control. There is no additional infrastructure to deploy. For enhanced security, message content goes straight from your gateway to the recipient, and only the encryption key is stored in the cloud.

Meet encryption requirements for regulations such as the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), or the Sarbanes-Oxley Act (SOX)—as well as state privacy regulations and European directives—without burdening the senders, recipients, or email administrators.

Offer encryption not as a mandate but as a service that’s easy to use and gives the sender complete control.

Manageability

Universal device support

Make sure all users can access messages when needed, regardless of whether they are on smartphones, tablets, laptops, or desktop computers. Universal device support is designed to ensure that highly secure messages can be read by any recipient, no matter what device is used to open the message. Dedicated plug-in applications offer an enhanced user experience for Microsoft Outlook and on Apple iOS and Google Android smartphones and tablets.

System overview dashboard

Monitor and report on outbound messages from a centralized, custom system overview dashboard. Unified business reporting offers a single view for comprehensive insight across your organization. Get the details of any report for advanced visibility.

Detailed message tracking

Track a message by envelope recipient, envelope sender, subject, attachments, and message events including DLP policy or IDs. When you send a message to Secure Email, the message tracking database is populated within a minute or two, and you can see what happened to the messages that are crossing the system at every step of processing.

Secure Awareness Training

Provides flexibility and support to effectively deploy phishing simulations and awareness training, as well as measure and report results. It focuses on user behavior training to make long-term changes and empowers the security operations team with the ability to address real-time threats.

High-quality content that includes a course builder with 150+ learning modules to choose from, role-based learning, and highly interactive content with gamification to keep users engaged.

Intuitive phishing simulator that provides out-of-the-box phishing scenarios that reflect real-life cyber and phishing threats, which are integrated with training for just-in-time feedback.

Multilingual content and platform with support for 40+ languages (narration and text) to make security awareness programs available globally.

Communications and reinforcement materials provided by large libraries of predesigned content and templates for internal campaign promotion and content reinforcement (including videos, posters, and newsletters).

Consultative approach with unique offerings, including CISO coaching, managed services, and content customization, to help organizations develop and optimize a security awareness strategy.

  • داده پرداز سپهر آسیا 
  • لایسنس   WSA
  • لایسنس  ESA   
  • لایسنس  NGFW
  • لایسنس سیسکو
  • لایسنس اسپلانک
  • لایسنس ManageEngine
  • لا یسنس فایروال
  • license Firewall cisco 

نوشته های مرتبط

دیدگاهتان را بنویسید

نشانی ایمیل شما منتشر نخواهد شد. بخش‌های موردنیاز علامت‌گذاری شده‌اند *