Proofpoint Email Protection

Proofpoint Email Protection is an email security solution for businesses that secures inbound and outbound email and provides protection against phishing, malware, and ransomware attacks and controls unsolicited inbound email (spam).

Proofpoint Email Protection is billed as a next-generation email security solution that is available as an on-premises installation on physical or virtual appliances, a cloud-based email security solution, or hybrid deployment. Proofpoint offers a service level agreement for its cloud deployment that guarantees 99.999% service availability, 99% spam detection, 100% protection from known malware, and less than 1-minute of latency for inbound email.

Proofpoint Email Protection Features

The easiest way for cybercriminals to gain access to corporate data is to target employees via email. Email is the most common attack vector used in cyberattacks. More than 90% of cyberattacks start with a malicious email. Businesses must defend against phishing, ransomware, viruses, Trojans, and email impersonation attacks such as business email compromise (BEC). An advanced email security solution is required to block these email-based threats to ensure they are not delivered to inboxes where they can be opened by employees.

Anti-Spam Protection

Proofpoint Email Protection uses a multi-layered approach to email security to detect unsolicited bulk email. In addition to scanning email headers and message content for known signatures of spam, a reputation analysis is performed to assess local and global IP addresses to determine whether inbound emails should be accepted, quarantined, or rejected. Administrators can set spam tolerance thresholds and use custom rules for the entire organization, groups, or individual users.

Emails classified as bulk, unsolicited emails are sent to a separate, low-priority folder and are categorized by type. To reduce the burden on IT teams, end users can be given access to graymail sent to their email account and can decide whether to promote the messages and send them to the inbox or demote them to quarantine.

Threat Protection

Proofpoint Email Protection uses signature-based detection methods to identify known malware, viruses, and ransomware threats and ensure they are not delivered to inboxes but email many threats do not involve malware. Phishing and email impersonation attacks involve no malware but can still result in a costly data breach.

To identify threats such as phishing emails, impostor emails, and adult content, the solution assesses sender reputations by analyzing hundreds of thousands of email attributes. The solution is supported by Proofpoint’s proprietary Stateful Composite Scoring Service (SCSS). SCSS is a machine learning algorithm used to analyze and classify emails that do not involve malware. SCSS is used to develop a baseline of an organization’s normal email flow. Once the baseline is established, any message that falls outside the norm will be classified and quarantined. The machine learning component improves over time and responds to changing attack tactics.

Email Management

Proofpoint Email Protection includes a smart search feature that allows administrators to find log data based on dozens of different search criteria, with searches taking seconds rather than minutes. The solution has an extensive reporting suite that includes 60+ real-time reports to give administrators visibility into mail flow and email trends and proactively address email issues.

The standard solution includes basic email encryption and data loss protection features, with optional extras available offering more advanced capabilities such as Proofpoint Targeted Attack Protection, Email Encryption, and Email Data Loss Prevention (DLP), all of which are integrated into the same management console.