Cloudflare's Zero Trust Network Access (ZTNA) technologies create secure boundaries around applications. When resources are protected with ZTNA, users are only allowed to access resources after verifying the identity, context, and policy adherence of each specific request. Cloudflare's Zero-Trust-as-a-Service model enables users to deploy access controls on the company's instant-on cloud platform, backed by Cloudflare's global network.
N/A
Mimecast Advanced Email Security
Score 8.9 out of 10
N/A
The Mimecast Secure Email Gateway is a messaging security option with anti-spam / anti-malware, data loss prevention, large file send, and other features, from UK company Mimecast.
For example, Cloudflare is a very good solution for ZTNA implementation. Cloudflare has Warp for propagating Gateway rules and checking device posture. Browser Isolation gives you more abilities to use internet resources without any restrictions and at the same time not put the company at risk. For example, if there is no DLP solution in place blocking the printing function can partly protect the company's sensitive data from intentional or intentional leakage through the online forms. A similar approach protects the end-user device from Zero-day threats and malicious software code. Moreover, Remote Browser Isolation technology protects not only the user's device but also the user himself from possible phishing attacks - for example, even if the user enters his username and password on the phishing website, bank card issuers, or other personal or confidential data, data will not go beyond the isolated cloud environment. Cloudflare Access gives company administrators a great opportunity to implement role-based access policies and make effect segmentation and diversification of company network groups.
Mimecast has been great at filtering our email for spam, phishing attempts, and potentially dangerous email attachments. We have been very happy with the reliability of the Mimecast services - I don't remember it being down in 2 years of using the service. My one complaint is that the admin console is not very easy to navigate, which makes some of the services difficult to implement. That being said, their support team has been great about walking us through these issues.
The Admin Management console is absurdly complicated. For every first time we wanted to setup we've had to call their support for assistance. Support is quick and fantastic but it's so difficult to do anything yourself. They seem to have gone out of their way to call features unique things instead of using standard language from other providers so you as an IT professional know what you're looking for to setup.
They have lots of KB articles, which their support will point you to. They are written on the most basic level and don't actually provide the help you need. For example, the KB page will tell you the list of options on the page... but not actually tell you what you do, why you might use them, or define their terminology.
Their email threat management system has several nice features. One of the features available is that it will rewrite links in emails so that users click the link and it sandboxes the link, testing it on their server space and the user sees it there. This means the actual link in the email gets changed to the address of one of their servers. As a law firm, the EXACT LINKS are important to maintain in our communications and editing actual data from our clients to point to a Mimecast server is an unacceptable practice. I wish they had an alternative that did not edit the link itself on the page.
The new updated administration console has been a nightmare to work with. It was rushed into production way too fast and shouldn't have been such a horrible experience.
When calling them you get best in the world customer services but as previously mentioned their online community and capabilities are a bit lacking. They want you to log into their portal to see updates on issues (vs. using a public facing service) and I rarely find the answers to my issues in electronic format. Their online presence is only helpful with the simplest of issues.
As long as all Cloudflare products and services rely on anycast technology, in a complex approach Cloudflare is faster and more relevant for cloud applications. The balance between security and performance is fully established. Also, Cloudflare has quite a good stack for API connection protection, like the API Shield example, which makes it more effective compared to F5 for example. Warp as a ZTNA agent gives better visibility and device posture information than FortiClient does.
Previously we have only used the default on-premise exchange that comes with SBS. This was very simple and only provided basic filtering of spam and junk mail. We weren't able to filter impersonation mail or emails with malicious code
Positive - It's hard to put a dollar amount on prevention, but we have been saved many times by the email and URL security filter. Users have clicked on links which were blocked by Mimecast. We have avoided costly ransomware and virus situations many times because of this.
Cost savings - Mimecast has worked with us to set reasonable prices, especially because we are a non-profit. At the time of purchase they were significantly cheaper than their closest competitor (Proofpoint).
Subscription cost. This is a subscription product so overall it can be more expensive than an on-premise solution. However we feel that the cost was well worth the security benefits.
