Targeted Threat Protection - Overview

This article provides a guide on how the Targeted Threat Protection policies work. Email is your organization's most important communication platform and the application that is most susceptible to attack. Your organization and employees are targets for increasingly sophisticated attacks designed to steal money, credentials, customer data, and other valuable intellectual property.

Targeted Threat Protection is the product you need to protect you. It consists of:

• URL Protection.
• Attachment Protection.
• Impersonation Protection.
• Internal Email Protect.

URL Protection

URL Protection provides:

• Your organization with protection from users clicking on malicious URLs, for every click and any user device.
• Both third-party and Mimecast proprietary threat intelligence.
• Rewriting of all URLs and real-time scanning on every click within incoming and archived emails.
• Dynamic user communication helps to improve your user's awareness of potential threats.

See the Targeted Threat Protection - URL Protect page for further information.

Attachment Protection

Attachment Protection provides:

• Multi anti-virus engine checks on initial email delivery to protect against known malware.
• Safely transcribed attachments are delivered immediately, maintaining employee productivity.
• Sandboxing of file attachments before being delivered, to protect against unknown malware.
• Protection from malware in attachments is provided both on and off the enterprise network.

See the Targeted Threat Protection – Attachment Protect page for further information.

Impersonation Protection

Impersonation Protection provides:

• Protection against malware-less email attacks seeking to impersonate trusted senders.
• Real-time scanning of all inbound emails to detect header anomalies, domain similarity, sender spoofing, and suspect email body content.
• Clear marking of suspicious delivered emails in order to alert users.
• Centralized policy management and reporting to assist in the early detection of attack campaigns.

See the Targeted Threat Protection: Impersonation Protect for further details.

Internal Email Protect

Internal Email Protect provides:

• A method to conduct additional security checks on journaled and outbound email traffic.
• A way of of alerting and/or remedying threats or suspicious traffic found in your email environment. The ability to:
  • Send attachments in messages to the sandbox.
  • Identify key message data.
  • Remove malicious attachments.
  • Remove a message.

See the Targeted Threat Protection: Internal Email Protect page for further information.