Secure Email Gateway (SEG)
Protect all email environments with Cellopoint Secure Email Gateway (SEG) against email-borne threats before they reach your mailboxes
Gateway-based Inbound Email Security
AI-powered Detection
Leverages AI and machine learning model to effectively stop phishing, ransomware, and BEC scams.
License with Maintenance
Flexible module licensing includes an initial fee for first-year license access, followed by maintenance fees.
Flexible Deployments
Deployable on on-premises hardware or VMs and public clouds like AWS, GCP, and Azure.
Block all email threats with Cellopoint’s SEG
Cellopoint Secure Email Gateway (SEG) is deployed in front of the email server. Utilizing the proprietary CelloOS™ and the advanced CelloCloud™ system, it features a multi-layer scanning mechanism for pre-delivery protection. This approach effectively thwarts all email threats, including advanced malware, ransomware, spam, viruses, phishing, BEC, spyware, email bombs, and relay attacks. It provides robust protection across cloud services like Microsoft 365, Exchange Online, and Google Workspace, or on-premises platforms such as Microsoft Exchange and Zimbra.
SEG modules at a glance
SEG offers five modules: Anti-Spam, Anti-Virus, Anti-APT-URL, Anti-APT-File, and Anti-BEC, which can be flexibly selected based on your requirements and budget. Suitable for organizations preferring to manage their own on-premises infrastructure or deploy in a public cloud.
First Layer: Anti-Spam (AG)
-
Connection Control: Inspects initial SMTP connections to block 50% to 80% threats before they reach the email gateway, preserving network resources, optimizing performance, and conserving storage capacity.
-
DoS (Denial of Service) Defense: Protects against attacks aiming to overwhelm and disrupt the email system, ensuring continuous and reliable email service.
-
SRL (Sender Reputation List): Monitors global sender IP addresses 24/7/365 through the CGAC (Cellopoint Global Anti-Spam Center), assigning reputation scores to instantly block abnormal sender sources.
-
Anti-Relay: Prevents unauthorized use of an email server to relay large volumes of spam or unsolicited emails, thus avoiding IP blacklisting by RBLs.
-
Greylisting: Temporarily rejects emails from unknown senders to identify legitimate mail servers and block automated spam-sending programs.
-
SPF (Sender Policy Framework): Verifies sender identity to prevent sender email address spoofing.
-
Multi-Layer Spam Filtering: Uses the CelloCloud™ database to collect and analyze spam characteristics to maintain a spam defense rate of over 99.9%.
Second Layer: Anti-Virus (AV)
Multi-Layer Virus Scan: Uses advanced antivirus engines to provide virus scanning and online virus pattern updates, effectively eliminating various known email viruses, worms, spyware, trojans, ransomware, and other malware.
It provides three-phased defense: pre-click, time-of-click (ToC), and post-click, effectively detecting and blocking phishing URLs and malicious URLs that may trigger credential phishing, malware downloads, and the latest QR code phishing attacks.
-
Pre-click Protection: Utilizes Cellopoint's 125 types of URL threat intelligence to scan all URLs, swiftly comparing them against the latest URL blacklists and whitelists, and quarantining phishing and malicious links.
-
Time-of-Click (ToC) Protection: Rewrites suspicious URLs and offers real-time Time-of-Click (ToC) detection upon user interaction to prevent delayed attacks.
-
Post-click Protection: Performs retrospective scanning on URLs to ensure security after they have been clicked.
Anti-APT-File module provides the following mechanisms to intercept attachments containing the latest, unknown advanced malware:
-
Dynamic Sandbox Scanning: Suspicious attachments are securely encrypted and sent to the sandbox for software execution and monitoring.
-
Full-System Emulation: Within the sandbox, simulates and executes entire computer systems, including Windows, Android, Office documents, and PDF files, swiftly detecting and capturing latent malicious programs.
-
Correlation and Threat Scoring: Conducts threat level analysis and provides feedback to the SEG for quarantine or release decisions.
-
Professional Forensic Summary Report: Includes threat scoring, the software's names and actions, network activities, process histories, and registry changes.
Business Email Compromise (BEC) refers to attackers impersonating trusted recipients and using social engineering tactics to deceive recipients into transferring funds or providing confidential information. Cellopoint's Anti-BEC detects BEC scams that traditional security gateways may miss through the following technologies:
-
Sender Authentication: SPF, DKIM, and DMARC identity verification.
-
BEC Verification Database: Uses intelligent detection to identify anomalies and allows users to verify the authenticity of suspicious emails through alerts.
-
Display Name Anomaly Detection: Detects anomalies like "Masom Wang <mason.wang@cellopoint.com>” which impersonates "Mason Wang <mason.wang@cellopoint.com>”
-
Sender Account Anomaly Detection: Detects anomalies like "Mason Wang <mason_wang@cellopoint.com>” which impersonates "Mason Wang <mason.wang@cellopoint.com>”
-
Cousin Domain Detection: Detects cousin domains (look-alike domains) like "Mason Wang <mason.wang@cellop0int.com>” which impersonates "Mason Wang <mason.wang@cellopint.com>”
-
User Behavior Analytics (UBA): Uses artificial intelligence (AI) algorithms and Human-Computer Interaction (HCI) technology to analyze user email behavior patterns, detecting and responding to anomalies.
-
AI Modeling: Utilizes AI algorithms to model individual email communication behaviors, identifying normal patterns and legitimate senders to recognize anomalous or spoofed senders.
-
Alerting or Quarantine: Abnormal emails are quarantined directly, while suspicious emails are quarantined with alerts sent to recipients for verification. Fraud confirmations help refine the detection engine through machine learning.