Email is the main attack vector used by cyberattackers to trick employees into doing things they need to penetrate systems, steal money and confidential information or disrupt business processes. This is the primary channel through which ransomware, malware and spam are distributed – and also how the most complex, targeted attacks gain access to your infrastructure. Some attack scenarios involve not only inbound emails from outside the perimeter but also intranet-travelling communications sent from compromised accounts which exploit trust between colleagues and partners.
Kaspersky Security for Microsoft Exchange Server can deal with every email-based attack scenario. It offers native integration with the leading on-premises emailing platform and secures both perimeter-crossing and intra-system email traffic. It delivers world-class anti-malware, anti-phishing and anti-spam protection using an award-winning stack of malware-detection engines, comprehensive anti-phishing and anti-BEC capabilities and intelligent spam detection, as well as a host of other features that help to protect your entire corporate network, freeing you up to focus on your core business.
Kaspersky Security for Microsoft Exchange Server incorporates the latest version of Kaspersky's award-winning anti-malware engine and is fed by real-time information from the cloud-based Kaspersky Security Network (KSN). The result is unequalled levels of protection performance - detecting and removing dangerous objects, including exploits, malicious scripts and all other forms of known, unknown and advanced malware.
Embedding malicious scripts into attached documents is a technique used in some of the most lethal malware ever developed, such as the ExPetr/Petya/NotPetya cryptor. Kaspersky Security for Microsoft Exchange scans a wide range of document types, including MS Office files and PDFs, for any form of embedded malicious content. On detection, the infected file attachment is blocked.
Kaspersky Security for Microsoft Exchange offers flexible, user-friendly settings to ensure spam and anti-malware protection that meets your business security goals.
Using the extended protection option, the application can detect and delete not only known malicious programs, but also potentially harmful programs (such as spyware or remote administration kits).
Kaspersky Security for Exchange protects against the broadest range of ransomware, including emerging and complex types.
Neural network-based analysis supported by real-time cloud-based sender domain and URL checking protects against even the most convincing email phishing. This includes cases of Business Email Compromise where trust in known business associates and companies is abused to make targeted phishing even more convincing.
Cyberattackers use various techniques to spoof or disguise an email’s source information in order to trick the recipient into believing that it comes from a trusted sender. Kaspersky’s threat expertise ensures that all these techniques are spotted, leaving no chance for human error.
A number of popular email client apps - especially those that haven’t been updated - may contain flaws which let attackers alter sender information, effectively spoofing the email source. Kaspersky’s anti-phishing engine detects these attempts and uses them against the attacker, blocking their phishing emails.
In order to carry out Business Email Compromise phishing, attackers use the results of their preliminary study of the target company, which may include information about its employees, suppliers, partners, etc. This makes these attacks especially credible - and dangerous. Kaspersky Security for Microsoft Exchange compares multiple indicators, including sender data, URL reputations, linguistic analysis of email text and so on, to detect these kinds of attempts.
The application scans all messages for spam based on formal attributes such as the sender's domain and IP address, the size of the message and the message header. The content of messages and attachments is also analyzed using intelligent technologies including unique graphical signatures that detect spam in the form of images. Kaspersky Security for Exchange includes integration with Kaspersky Security Network (KSN) – to access Kaspersky’s cloud-based database and obtain real-time information about new spam.
All folders and messages stored on the server are subject to background scanning to ensure that all objects are processed using the latest version of the antivirus databases. Set up a flexible background schedule or run on-demand scanning for any specific mailbox at any time. All with minimal impact on server load and business productivity.
The application carries out anti-spam scanning of messages written in different languages, including Asian language sets.
The transmission of certain file types brings additional risks – of infection when they’re attached to inbound emails or a data leak in outbound emails. Advanced content filtering provides control over what you allow in or out of your infrastructure; file type spoofing doesn’t help violate the configured filtering policy. Moreover, email contents can serve as the basis for filtering rules using regular expressions for setting more granular filtering criteria.
There is a facility for individual users to create their own trusted and untrusted sender lists based on their emails, domain names or sender SMTP name / IP address. A trusted list can also be created using the recipient’s SMTP address. Messages from a sender on the trusted list aren’t scanned and are delivered straight to the recipient. However, if the address is on the untrusted list, the message will be tagged with a special heading and processed according to the rules configured by the administrator.
Category-based email tagging facilitates more convenient email sorting and also helps to tackle certain security risks.
Kaspersky Security for Microsoft Exchange benefits from full API-level integration, so it offers both gateway- and mailbox-level email protection. This covers a much greater number of attack scenarios compared to a Secure Email Gateway (SEG)-class solution.
It’s possible to install, update, restore, and remove the application via the command line without using the graphical user interface.
A new set of roles lets you manage user access to individual application profile. This enables the administrator to restrict administrators in other departments to access specific security servers only, if required.
A single administrative console with centralized reporting and backup helps to control all your Exchange servers. Kaspersky Security for Microsoft Exchange is integrated with Kaspersky Security Center, enabling you to monitor the protection status, important events and consolidated statistics for you entire organization in a single console.
Monitor the operation of the application and the antivirus protection status using the detailed HTML reports or by viewing the Windows events log. You have complete control over the frequency with which reports are generated and the information included in them. All reports can be stored locally or sent via email.
All folders and messages stored on the server are scanned in the background to ensure that all objects are processed using the most recent information about the threat landscape. Set up a flexible background schedule or run on-demand scanning for any specific mailbox at any time – all with minimal impact on server load and business productivity.
Before deleting messages, the application makes backup copies so that it’s possible to restore important information if attempts to treat an object fail, or if a message was incorrectly categorized as spam. A wide range of search parameters makes it easier to find objects in the backup storage area.
The application integrates with Microsoft Active Directory for more convenient configuration, and is compatible with DAG (Database Availability Group).
Choose from flexible monthly licensing with scalable and pay-as-you-go options or fixed annual licensing. For Managed Service Providers, it’s easy to manage security remotely for multiple clients using the multi-tenant console.