Spam and Virus Protection

ProSight Email Guard from Progent uses the services and infrastructure of leading data security companies to provide centralized management and comprehensive protection for all your inbound and outbound email. The hybrid architecture of ProSight Email Guard combines a Cloud Protection Layer with an on-premises security gateway appliance to deliver world-class defense against spam, viruses, spoofing, phishing, spyware, Denial of Service (DoS) attacks, Directory Harvest Attacks (DHAs), and other email-borne threats.

ProSight Email Guard's Cloud Protection Layer acts as a first line of defense and keeps the vast majority of threats from reaching your security perimeter. This reduces your vulnerability to external attacks and conserves system resources. Email Guard's on-premises security gateway provides a deeper layer of inspection for inbound email. For outbound email, the local security gateway offers anti-virus and anti-spam filtering, policy-based Data Loss Prevention (DLP), Data Leakage Protection, Content Filtering and outbound email encryption. The local email security gateway can also manage your Exchange Server deployment to monitor and protect internal email traffic that never reaches your security gateway.

ProSight Email Guard works with any email platform and offers enhanced features for Exchange Server.

The architecture of the ProSight Email Guard solution includes four main components that stand between the Internet and the email server at your data center:

• Update Center
• Cloud Protection Layer
• Email Guard Security Gateway Appliance
• Message Center

Update Center
The Update Center is a technology center staffed 24x7x365 by security experts who gather emails, URLs, binaries and other data collected from thousands of collection points worldwide, aggregate and analyze this information, and develop defenses, rules and signatures to update ProSight Email Guard's defense mechanism in order to provide zero-hour protection against the latest email-borne threats. Advanced filtering techniques and heuristic rules analysis used by the Update Center include reputation analysis, intent analysis, and predictive sender profiling. The result is a spam and virus filtering solution that blocks a very high percentage of threats yet delivers a very low number of false positives.

Cloud Protection Layer
The Cloud Protection Layer, which is kept current by the Update Center, provides spam and virus prefiltering using advanced technologies that include anti-fraud intelligence and blocking polymorphic viruses that can change their signatures to escape detection. Made up of multiple hardened datacenters worldwide, the Cloud Protection Layer has the capacity to handle Denial of Service attacks as well as email surges that occur during specific periods of the day. Because this cloud-based service stands between the Internet and the Email Guard security gateway, the majority of malicious email can be eliminated before it reaches your security perimeter. To help with disaster recovery and email continuity, the Cloud Protection Layer offers spooling. If your on-premises data center is disrupted, the spooling feature can store all inbound email in the cloud for up to 96 hours or direct it to an alternate destination while you repair the problem.

ProSight Email Guard Security Gateway Hardware Appliance
The ProSight Email Guard Security Gateway is a physical rack-mountable appliance that provides comprehensive protection for inbound, outbound and internal email. The gateway is automatically updated in real time by the Update Center without requiring management intervention. One of the gateway's deep inspection features is a multi-pass OCR engine that protects against image spam, where text is embedded within a graphic in order to hide content from spam filters. Another feature for filtering inbound email is link protection, which automatically evaluates and rewrites fraudulent URLs contained in a message. A plug-in agent for Microsoft Exchange Server offers virus protection for internal email traffic that does not access the gateway, for example emails from Outlook Web Access.

The ProSight Email Guard Security Gateway offers Data Loss Prevention (DLP) by allowing administrators to enforce content policies for outbound email in order to keep sensitive corporate information from being inadvertently leaked. The gateway can also be configured to block invalid bounce messages, which are outbound non-delivery reports to forged email addresses. In addition, the gateway offers a variety of encryption features for outbound email and supports inbound and outbound rate control. The Email Guard Security Gateway is available in several models to match your capacity requirements and security needs and can be clustered for higher performance and availability.

Message Center
The Message Center is a cloud-based service for encrypting outbound email. Emails that match policy are sent securely from the Email Guard Security Gateway to the Message Center. At the Message Center, the sender's email is encrypted using Advanced Encryption Service with a 256-bit cipher (AES-256) and stored for retrieval. The Message Centers sends the recipient a notification that includes a link to visit in order to retrieve the message. The link requires a web browser using HTTPS. The recipient selects a password and the Message Center delivers the encrypted message.

The recipient only needs to establish a password for the first encrypted email received from the message center. Any replies are also sent via the Message Center to maintain security. Encryption key management is handled automatically by the Message Center, and the keys used to encrypt the data are stored in separate areas to provide physical security. Email traffic between the Email Guard Security Gateway and the Message Center and between the Message Center and the recipient are encrypted via SMTP over TLS.

In addition to policy-based encryption, Email Guard also provides an add-in for Microsoft Exchange Server that allows users to specify encryption from within Outlook.

Management Features
The ProSight Email Guard security gateway is integrated with a web-based management portal that provides a simple, centralized interface for viewing and managing all devices, services, policies and configurations. The cloud management tool offers global, domain-level, and individual user policy control. User-level policy management includes block lists, allow lists, quarantining, scoring thresholds, tagging and Bayesian analysis. At the domain level, you can manage policy for inbound and outbound quarantines, outbound encryption, plus block and allow lists based on IP address or sender/recipient email address or domain. Other management features include reports, graphs, statistics; recipient validation via LDAP; support for multiple domains; and delegated domain administration and help desk role.

Download the ProSight Email Guard Datasheet
To view the ProSight Email Guard datasheet, click: ProSight Email Guard Cloud-managed Services Datasheet (94 Kb PDF file).

Other Managed Services Available from Progent
In addition to ProSight Email Guard, Progent offers other affordably-priced ProSight managed service packages that address key components of your information system such as security, backup/recovery, virtual server hosting, IT documentation management, and network infrastructure management. By partnering with leading technology innovators, Progent can offer small and mid-size businesses the benefits of the same advanced technology used by global enterprises. Managed services available from Progent include:

• ProSight LAN Watch: Server and Desktop Remote Monitoring and Management
  ProSight LAN Watch is Progent's server and desktop remote monitoring managed service that incorporates state-of-the-art remote monitoring and management technology to keep your IT system running efficiently by tracking the health of vital computers that drive your information system. When ProSight LAN Watch detects a problem, an alarm is sent automatically to your designated IT management staff and your assigned Progent engineering consultant so that all potential problems can be addressed before they can disrupt your network. Learn more about ProSight LAN Watch server and desktop monitoring services.

• ProSight LAN Watch with NinjaOne RMM: Centralized RMM for Networks, Servers, and Desktops
  ProSight LAN Watch with NinjaOne RMM software delivers a centralized, cloud-based platform for managing your network, server, and desktop devices by providing tools for performing common tedious jobs. These include health checking, update management, automated remediation, endpoint deployment, backup and recovery, A/V defense, secure remote access, standard and custom scripts, resource inventory, endpoint status reporting, and troubleshooting assistance. When ProSight LAN Watch with NinjaOne RMM uncovers a serious problem, it sends an alert to your specified IT personnel and your Progent technical consultant so emerging problems can be taken care of before they interfere with productivity. Find out more about ProSight LAN Watch with NinjaOne RMM server and desktop monitoring consulting.

• ProSight WAN Watch: Network Infrastructure Remote Monitoring and Management
  ProSight WAN Watch is an infrastructure management service that makes it simple and affordable for small and mid-sized organizations to map out, monitor, enhance and debug their networking appliances such as routers, firewalls, and wireless controllers plus servers, printers, client computers and other networked devices. Incorporating state-of-the-art Remote Monitoring and Management (RMM) technology, WAN Watch ensures that infrastructure topology diagrams are kept updated, copies and manages the configuration information of virtually all devices on your network, monitors performance, and sends alerts when potential issues are discovered. By automating time-consuming network management processes, ProSight WAN Watch can knock hours off common chores like network mapping, expanding your network, locating devices that need critical updates, or identifying the cause of performance issues. Find out more about ProSight WAN Watch infrastructure monitoring and management consulting.

• ProSight Reporting: In-depth Reporting for Ticketing and Network Monitoring Platforms
  ProSight Reporting is a growing suite of real-time management reporting tools designed to work with the industry's leading ticketing and network monitoring platforms including ConnectWise Manage, ConnectWise Automate, Customer Thermometer, Auvik, and SentinelOne. ProSight Reporting incorporates Microsoft Graph and utilizes color coding to surface and contextualize key issues like inconsistent support follow-through or machines with missing patches. By identifying ticketing or network health concerns concisely and in near-real time, ProSight Reporting improves productivity, lowers management overhead, and saves money. For more information, visit ProSight Reporting for ticketing and network monitoring applications.

• ProSight Data Protection Services: Backup and Recovery Services
  Progent has worked with leading backup technology providers to create ProSight Data Protection Services (DPS), a family of management offerings that deliver backup-as-a-service (BaaS). ProSight DPS products manage and monitor your data backup processes and allow non-disruptive backup and fast restoration of critical files/folders, apps, system images, and virtual machines. ProSight DPS helps you avoid data loss resulting from hardware failures, natural disasters, fire, malware such as ransomware, human error, malicious employees, or application glitches. Managed backup services in the ProSight DPS portfolio include ProSight DPS Altaro VM Backup, ProSight 365 Total Backup (formerly Altaro 365 Backup), ProSight ECHO Backup using Barracuda purpose-built storage, and ProSight DPS MSP360 Cloud and On-prem Backup. Your Progent service representative can assist you to determine which of these fully managed services are best suited for your network.

• ProSight Duo Multi-Factor Authentication: ID Confirmation, Endpoint Remediation, and Secure Single Sign-on (SSO)
  Progent's Duo authentication managed services incorporate Cisco's Duo technology to protect against password theft by using two-factor authentication (2FA). Duo enables one-tap identity confirmation with Apple iOS, Google Android, and other out-of-band devices. Using Duo 2FA, when you log into a secured online account and enter your password you are asked to verify your identity on a unit that only you possess and that is accessed using a different network channel. A broad range of devices can be used for this second form of authentication such as a smartphone or watch, a hardware token, a landline phone, etc. You can register multiple validation devices. For details about Duo two-factor identity authentication services, see Duo MFA two-factor authentication services for access security.

• Progent's Outsourced/Shared Service Center: Help Desk Managed Services
  Progent's Help Desk managed services permit your information technology team to outsource Help Desk services to Progent or split responsibilities for Service Desk support seamlessly between your in-house network support group and Progent's nationwide roster of certified IT support technicians, engineers and subject matter experts (SMEs). Progent's Shared Help Desk Service provides a transparent supplement to your internal support staff. User interaction with the Service Desk, delivery of support, problem escalation, ticket creation and tracking, performance measurement, and management of the service database are consistent whether issues are resolved by your in-house IT support group, by Progent's team, or a mix of the two. Read more about Progent's outsourced/co-managed Help Center services.

• Progent Active Protection Against Ransomware: AI-based Ransomware Detection and Remediation
  Progent's Active Defense Against Ransomware is an endpoint protection solution that utilizes next generation behavior analysis tools to defend endpoint devices and physical and virtual servers against modern malware attacks such as ransomware and file-less exploits, which easily escape traditional signature-based anti-virus products. Progent Active Security Monitoring services protect on-premises and cloud resources and provides a single platform to manage the complete threat progression including filtering, infiltration detection, mitigation, remediation, and post-attack forensics. Top capabilities include one-click rollback with Windows VSS and automatic system-wide immunization against new threats. Read more about Progent's ransomware defense and cleanup services.

• ProSight IT Asset Management: Network Documentation Management
  ProSight IT Asset Management service is a cloud-based IT documentation management service that allows you to capture, maintain, retrieve and protect data about your IT infrastructure, processes, business apps, and services. You can instantly locate passwords or serial numbers and be alerted automatically about upcoming expirations of SSL certificates or domains. By cleaning up and managing your network documentation, you can save as much as 50% of time spent looking for vital information about your IT network. ProSight IT Asset Management includes a centralized location for storing and sharing all documents required for managing your business network such as standard operating procedures (SOPs) and self-service instructions. ProSight IT Asset Management also offers advanced automation for collecting and associating IT data. Whether you're making improvements, performing regular maintenance, or reacting to an emergency, ProSight IT Asset Management gets you the knowledge you require the instant you need it. Find out more about ProSight IT Asset Management service.

• Progent's Patch Management: Software/Firmware Update Management Services
  Progent's managed services for software and firmware patch management offer organizations of all sizes a versatile and cost-effective alternative for evaluating, validating, scheduling, applying, and tracking updates to your ever-evolving IT network. Besides maximizing the security and reliability of your computer environment, Progent's software/firmware update management services allow your IT team to focus on line-of-business projects and activities that derive the highest business value from your network. Read more about Progent's software/firmware update management support services.

• ProSight Active Security Monitoring: Endpoint Protection and Ransomware Defense
  Progent's ProSight Active Security Monitoring is an endpoint protection (EPP) service that utilizes SentinelOne's next generation behavior-based analysis technology to guard physical and virtual endpoints against new malware assaults like ransomware and file-less exploits, which easily get by traditional signature-based anti-virus tools. ProSight ASM protects local and cloud resources and provides a single platform to automate the complete malware attack progression including protection, detection, containment, cleanup, and post-attack forensics. Top capabilities include single-click rollback using Windows Volume Shadow Copy Service (VSS) and automatic system-wide immunization against newly discovered attacks. Progent is a SentinelOne Partner, dealer, and integrator. Read more about Progent's ProSight Active Security Monitoring (ASM) endpoint protection and ransomware defense.

• ProSight Enhanced Security Protection: Endpoint Security and Exchange Filtering
  ProSight Enhanced Security Protection services deliver affordable in-depth security for physical servers and VMs, workstations, smartphones, and Microsoft Exchange. ProSight ESP uses adaptive security and modern behavior analysis for continuously monitoring and reacting to cyber assaults from all vectors. ProSight ESP delivers two-way firewall protection, intrusion alerts, endpoint control, and web filtering via cutting-edge tools incorporated within one agent accessible from a unified control. Progent's security and virtualization consultants can help you to plan and implement a ProSight ESP environment that addresses your company's specific needs and that helps you achieve and demonstrate compliance with legal and industry information protection standards. Progent will assist you specify and implement policies that ProSight ESP will enforce, and Progent will monitor your network and react to alerts that call for immediate action. Progent's consultants can also assist your company to set up and test a backup and disaster recovery system like ProSight Data Protection Services (DPS) so you can recover rapidly from a potentially disastrous security attack like ransomware. Read more about Progent's ProSight Enhanced Security Protection unified physical and virtual endpoint protection and Microsoft Exchange email filtering.

• ProSight Virtual Hosting: Hosted VMs at Progent's Tier III Data Center
  With ProSight Virtual Hosting service, a small or mid-size organization can have its critical servers and apps hosted in a protected Tier III data center on a high-performance virtual host set up and maintained by Progent's IT support experts. With Progent's ProSight Virtual Hosting model, the customer owns the data, the operating system software, and the apps. Because the system is virtualized, it can be moved immediately to an alternate hardware environment without requiring a lengthy and technically risky configuration process. With ProSight Virtual Hosting, you are not tied a single hosting provider. Learn more about ProSight Virtual Hosting services.

ProSight Network Audits
Progent's ProSight Network Audits offer a fast and low-cost alternative for small and medium-size businesses to get an objective evaluation of the health of their IT system. Based on some of the top remote monitoring and management platforms available, and overseen by Progent's world-class group of information technology experts, ProSight Network Audits help you see how closely the configuration of your essential network devices adhere to industry leading practices. Both the Basic and Advanced options for ProSight Network Audit services are offered at a low, one-time cost and provide instant ROI such as a more manageable Active Directory (AD) environment. Both also include one year of advanced remote network monitoring and management (RMM). Benefits can include lower-cost network management, better compliance with government and industry security standards, more efficient utilization of network assets, faster problem resolution, more dependable backup and recovery, and less downtime. Read more about Progent's ProSight Network Audits IT infrastructure review.

Progent's ProSight Ransomware Preparedness Report
The ProSight Ransomware Preparedness Report service is an affordable service based on a phone discussion with a Progent backup/recovery consultant. The interview is designed to assess your company's preparedness to block ransomware or recover quickly following an assault by a ransomware variant like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Conti or Nephilim. Progent will consult with you personally to gather information concerning your existing antivirus tools and backup/recovery procedures, and Progent will then produce a written Basic Security and Best Practices Report document describing how you can apply best practices to create an efficient AV and backup/recovery system that minimizes your vulnerability to a ransomware attack and meets your business needs. For more information, visit The ProSight Ransomware Preparedness Report.

Contact Progent for More Information about ProSight Email Guard Security Gateway Services
If you are interested in using Progent's ProSight Email Guard security gateway or need help with any aspect of email infrastructure or security, call 800-993-9400 or visit Contact Progent.

Ransomware 24x7 Hot Line: Call 800-462-8800
Progent's Ransomware 24x7 Hot Line is designed to guide organizations to complete the time-critical first phase in responding to a ransomware assault by containing the malware. Progent's online ransomware engineer can assist you to identify and isolate infected servers and endpoints and protect undamaged assets from being compromised. If your system has been penetrated by any version of ransomware, don't panic. Get help quickly by calling Progent's Ransomware Hot Line at 800-462-8800. For details, visit Progent's Ransomware 24x7 Hot Line.

Glossary of Terms Related to Spam Filtering Technology

AES-256
The Advanced Encryption Standard (AES) is a cyber security specification adopted by the National Institute of Standards and Technology (NIST). AES-256 offers the highest level of encryption available within the AES family.

Allow List
Also called a whitelist, contains email addresses or domain names that are exempted from being blocked by a spam filter.

Anti-fraud Intelligence
Linguistic analysis to protect against fraudulent emails, which can take the form of spear phishing, spoofing, fee frauds or bogus offers of help.

Bayesian Analysis
A linguistic algorithm that develops profiles of the words and phrases used in legitimate email collected from specific users or organizations and determines whether new email from these sources fit their linguistic profile. Emails that are out of character have a higher likelihood of being spam.

Block List
Also called a blacklist, contains email addresses or domain names that are to be blocked by a spam filter.

Content Filtering
Most commonly refers to the ability to block or whitelist websites based on category, reputation, use of encryption, specified URL or other characteristics. In the context of ProSight Email Guard, content filtering refers to the ability to block, allow or quarantine an email message based on the results of scanning specified components of the message including subject, headers, body, attachments, sender, and recipient. (See Content Policies.)

Content Policies
Content policies allow administrators to define email filtering based on any combination of subject, headers, body, attachments, sender, or recipient. For example, specified keywords, categories or character sets can be automatically detected and blocked. Based on content policy, administrators can configure their email security gateway to block, allow or quarantine inbound or outbound email and to encrypt outbound email. Careful management of content policies can keep an organization from being blacklisted as a source of spam and other malware.

Data Leakage Protection
Often used as an alternative to data loss prevention (DLP), but can imply that compromised data retains its availability to authorized users and keeps its integrity. (See Data Loss Prevention.)

Data Loss Prevention (DLP)
Data loss prevention (DLP) for email entails scanning the content of email messages and attachments and blocking the transmission of sensitive information. DLP allows administrators to establish and enforce policies that block or encrypt outbound email that could carry inappropriate information. DLP features included in ProSight Email Guard can also help organizations avoid reputation loss and stay in compliance with industry security standards and government regulations such as HIPAA and Sarbanes-Oxley.

Delegated Administration
With ProSight Email Guard, control of domain-level settings can be assigned to the Domain Admin role, which has the most permissions, the Helpdesk role, with fewer permissions, or the Governance, Risk Management and Compliance (GRC) Account role, which has a specific role with limited permissions. The User role allows users to view and manage their own account and their quarantine inbox and related settings. Delegation significantly reduces the burden of email administration by safely offloading certain management responsibilities.

Denial of Service (DoS) Attack
An attack designed to bring down a network by flooding it with useless traffic. DDOS (Distributed Denial of Service) is an attack by multiple systems, often compromised by a Trojan, on a single system.

Directory Harvest Attack (DHA)
Scripted attempts designed to steal directory information from unprotected email servers. Spammers send messages with a generic address to your SMTP mail server. For example, spammers will try sending 'ed@acme.com,' 'sue@acme.com' or other names until the server recognizes a name and accepts a message. Spammers combine dictionaries of common names and tabulate which addresses work and which do not. The technique can yield an overwhelming number of delivery requests, consuming server processing power. Spammers then sell the compiled list of valid email addresses to other spammers, resulting in spam for new and unused accounts. False Positive
A valid email incorrectly identified as spam. Without any tuning, ProSight Email Guard has a false positive rate of 0.01 percent, one of the lowest in the industry.

Hardened Datacenter
Highly secure, fault-tolerant facilities housing IT equipment connected to telecommunications networks. The facilities accommodate web servers, email servers, switches, routers, mass storage and other critical equipment and feature redundancy, backup power, and physical security. Cloud-based infrastructure can combine multiple hardened datacenters in separate geographic regions for high availability and disaster recovery.

Heuristic Rules Analysis
A branch of artificial intelligence whereby expert systems use programs that are self-learning and improve with experience. With spam filtering, the more messages processed the better the results.

HTTPS
The use of Secure Socket Layer (SSL) or Transport Layer Security (TLS) under standard HTTP layering to provide secure web access through encryption.

Image Spam
Image spam, which at one point represented around one third of all Internet traffic, is a technique that hides text, typically a URL, by embedding it within an image. ProSight Email Guard uses an Optical Character Reader (OCR) engine to detect this threat. The Update Center also maintains Internet traps known as "honeypots" to build blacklists of image spam senders.

Intent Analysis
Multi-level analysis that recursively follows web links, email addresses and phone numbers embedded in email messages to determine whether they are associated with legitimate entities. Intent analysis also analyzes domain attributes to profile email campaigns.

Key Management
Email encryption requires the sender and recipient to exchange their encryption keys before sending or receiving protected emails. Key management is complex and includes the creation, distribution, safe storage, exchange and use of encryption keys. ProSight Email Guard's cloud-based solution for email encryption stores keys centrally and manages them automatically without burdening administrators or users.

LDAP
The Lightweight Directory Access Protocol (LDAP) is an open, industry-standard application protocol for accessing and maintaining distributed directory information services over an IP network. ProSight Email Guard's Exchange Accelerator/LDAP Verification feature uses the LDAP support built into Microsoft Exchange to protect against dictionary attacks, which attempt to break into a system by trying every word in a hacker's "dictionary" of possible passwords.

Link Protection
ProSight Email Guard's Link Protection, when activated, automatically rewrites any URL embedded within an inbound email and directs it to a safe URL before delivering the email. If the recipient clicks on the embedded URL, ProSight Email Guard evaluates the link for validity and reputation. If the domain appears to be valid, the user is directed to that website. If the URL is suspicious, the user is directed to a warning page which shows the actual link and explains why the URL was blocked.

OCR Engine
Embedding text in images is an established technique used by spammers to avoid detection by the text processing mechanisms in anti-spam engines. An optical character recognition (OCR) engine allows a spam filter to analyze the text rendered inside an image. Before submitting images to the OCR engine, ProSight Email Guard uses a variety of image processing technologies to normalize images whose text has been obfuscated with speckling, shading or color manipulation. The Update Center also uses advanced image processing algorithms to create fingerprints that can be used to block messages containing image spam.

Phishing
A scam that usually involves a fraudulent email purporting to come from a legitimate sender such as a bank and that either contains links to a spoofed website or else tries to talk the recipient into disclosing private information such as a password or social security number. ProSight Email Guard detects Phishing scams by using a specialized Bayesian database. Attacks that include information that suggests familiarity or friendship with the recipient are known as Spear Phishing and account for about 91% of email attacks.

Polymorphic Viruses
A virus that self encrypts by changing its signature to avoid detection by simple virus scanners. ProSight Email Guard relies on a supercomputing grid that uses a partial checksum approach to identify the unchanged signature portions of a virus body.

Predictive Sender Profiling
Identifying suspicious behaviors from sources who currently have clean reputations, for example newly infected bots on otherwise legitimate computers.

Quarantining
A quarantined email can be sent to an individual quarantine inbox assigned to the recipient or to a global quarantine mailbox designated by the administrator. Individuals can have quarantine accounts on the ProSight Email Guard security gateway, which takes the load off the email server, or on their regular mailbox. In this case, ProSight Email Guard alters the subject text of quarantined messages to show that the message could be spam.

Rate Control
The ability to pace inbound or outbound email from a single IP address or email address based on pre-configured frequency thresholds. Delivery of messages from sources that exceed the threshold is delayed in order to stabilize system performance.

Reputation Analysis
The use of databases that include the IP of addresses for known spammers, safe email senders, and web addresses known to be associated with spam. Email from IP addresses with poor reputations or whose content includes web addresses with poor reputations can be identified and handled according to spam policies.

Scoring Thresholds
After an email passes through the ProSight Email Guard security gateway it is given a score ranging from 1 to 10 representing the likelihood that the message is spam. The administrator can use scoring thresholds to automate how messages are managed by choosing to allow, tag, quarantine or block emails depending on their score.

Security Perimeter
The outermost edge, such as a firewall or security gateway, over which the enterprise has control over an email message before the message is received from or passed to the Internet.

Signatures
Also called a fingerprint, a series of bytes within a virus that uniquely identifies it and that can be searched for by anti-virus filters.

Spam
Unsolicited and unwanted email usually sent in bulk as part of marketing campaigns but sometimes sent with malicious intent.

Spoofing
A phishing technique whereby an attacker uses an IP address that appears to come from a trusted host. One of the most notorious examples is the exploit from service@aol.com. Spoofing attacks often include links to a fraudulent, or spoofed, web site that impersonates a familiar web site.

Spooling
A disaster recovery feature whereby incoming email is stored temporarily in the cloud or redirected in the event that your on-premises data center is disrupted. ProSight Email Guard's Cloud Protection Layer can store all your inbound email for up to four days or direct it to an alternative destination if your email server becomes unavailable. Meanwhile, Progent can provide expert online or onsite support to bring your local system back into service quickly.

Spyware
Software that collects and possibly shares information about a person without specified consent. Common forms of spyware include cookies, adware and Trojans. The collected information is typically used for marketing, but can also be used more maliciously. Major corporations (e.g., Facebook) use spyware routinely and legally. ProSight Email Guard includes technology that provides real-time protection from malicious spyware attacks.

SMTP
Short for Simple Mail Transfer Protocol, a protocol for sending email messages between servers. SMTP email servers are a common target of Directory Harvest Attacks.

Tagging
A technique for helping users to identify filtered email that meets some criteria for being spam. Tagged emails are delivered with a customized label appended to the subject field, e.g., [BULK]. This allows users to make their own determination about how to deal with them.

TLS
The Transport Layer Security (TLS) encryption protocol allows secure communication over the Internet. The ProSight Email Guard security gateway supports SMTP over TLS to encrypt email traffic between sites over the Internet.

Viruses
Computer code that can replicate itself. Viruses are commonly spread via email and allow an attacker to steal or destroy data or take control of an infected system. Types of viruses include Trojans and worms.

Zero-hour Protection
The ability to develop and distribute defenses against newly discovered spam and viruses within minutes rather than days. The hybrid infrastructure of ProSight Email Guard is designed to provide this capability.

Also See:

• ProSight Email Guard Overview
• Frequently Asked Questions about ProSight Email Guard
• ProSight Email Guard Datasheet