Flexible, scalable email infrastructure solutions
Easily integrate secure email into existing mail flow
With Egress Switch Server Infrastructure (ESI) and Switch Gateway, organizations benefit from secure email infrastructure that is flexible, scalable, fully customizable and that easily integrates with existing mail infrastructure.
- Switch email infrastructure components can be deployed on-premise, hosted or hybrid
ESI is easily scaled to meet growing business requirements. Multiple connection points, web interfaces, authentication servers and Switch Gateways can be deployed side by side and load balanced to provide high availability.
Switch Gateway enhances existing email security quickly and easily without the need to change end user behavior. Designed to integrate with anti-virus, anti-spam, archiving, and content filtering products, Switch Gateway complements network edge technology to help produce a comprehensive 21st century email security solution.
Complement existing mail infrastructure while enforcing email security policy
- Switch Gateway is a server application that enforces email security policy, allowing for:
- Switch Gateway sits on the SMTP protocol and is designed to complement existing mail infrastructure and provide seamless integration
- Conditional encryption of outgoing email messages based on their content, author, recipients, attachments
- Conditional automatic decryption of incoming email messages at the gateway
- Optional AV scanning of all (or just those being encrypted/decrypted) incoming and outgoing email messages at the gateway
Egress Switch Server Infrastructure
Flexible secure email solution
- Egress Switch Server Infrastructure (ESI)
- A number of server components externally visible as a web-service that communicates with its clients over a SOAP protocol on top of an SSL/TLS encrypted channel. The six core components can be grouped together or distributed between multiple servers depending on security and resiliency requirements
- ESI is responsible for the following:
- Storing, distributing and controlling access to secure message properties, keys and detailed audit data
- Managing access restrictions applying to groups of messages based on their properties
- Assigning and resolving policies to users, groups of users and organizational units
- Providing a basic user web interface for self-help or accessing messages
- Encryption and decryption of messages
- Storage of encrypted messages
Simplified user experience when using Switch secure email
Switch Federation is an ESI feature for establishing cross-organizational relationships. It ensures that whilst storing encryption keys locally, you are able to let external parties, registered at switch.egress.com or any other ESI, access these keys.
The end-user experience for accessing packages using Switch Federation is exactly the same as accessing packages stored on a local ESI, with no requirement for further training. In addition, there is no sacrifice of audit or revocation capabilities of the product.
Switch Infrastructure design overview
ESI is very flexible and can be deployed as an on premise, hybrid or fully hosted cloud solution. Egress Software have three typical recommended designs, these are detailed below.
A fully on premise implementation of ESI would ensure that all keys and data are stored within a customer’s network. This set up would also adhere to the CESG CPA deployment guidelines (UK only). For this set up we recommend a minimum of 4 servers with the following roles:
- Server 1 - Internal connection point (ICP), authentication service, web interface, MS SQL
- Server 2 - External connection point (ECP)
- Server 3 - Switch Gateway
- Server 4 – Storage server
A hybrid design consists of some components being hosted on premise and some being hosted in the cloud. Traditionally the customer would host a Switch Gateway (and optional storage server) and Egress would host the rest of the components, meaning that the customer would only need to have one server (possibly multiple servers depending on resiliency requirements).
In a fully hosted set up Egress Software would host all elements of ESI. This is commonly chosen as the preferred set up for those customer who have a hosted mail appliance and requires no servers to be set up on premise.
Trial The Software
We believe that using Switch for yourself is the best way to demonstrate how effective it can be. So why not contact us to set up a free software trial today?
Boston – September 2017 – In recognition of their commitment to global standards for security excellence, Egress Software Technologies, a leading data security provider, today announces th...Read More
Featured Blog Post
Two-thirds of companies admit they should be doing more to protect sensitive information and prevent a data breach – survey reveals
Research carried out by Egress Software Technologies at Infosecurity Europe 2016, has confirmed many organisations are not currently doing enough to protect sensitive data and fear a data breach as a ...Read More
Thursday 19th January 2017, 13:00 EST – The Enemy Within: Overcoming a Company’s Greatest Security Vulnerability – Its People
It has been reported that approximately a quarter of breaches are caused by human error or employee negligence. With the increasing costs and risks associated with data breaches, we will be discussing...Read More