Encryption appliance for centralized email security


Key features

The intelligent software appliance for centralized email security

The risk of confidential data leaking via emails, whether inadvertently or maliciously, is very high for enterprises. Enterprises find it challenging to securely and easily exchange email containing confidential content. 

Learn More:


Although it is possible to encrypt and sign confidential emails using email clients, employees must know how to use the security solution correctly. Consequently, the consistent implementation of a company’s security policy depends directly on the knowledge and discipline of each individual employee—not a practical approach.

Sophos SafeGuard MailGateway simplifies email security by integrating the cryptographic processes involved in encryption/decryption, and also in electronic signatures and verification, at one central point in the corporate network. The security solution is fully transparent to the sender and automatically implements the company’s internal security guidelines for email communication. The senders and recipients can communicate via email in the usual way without having to worry about the confidentiality of the content.


SafeGuard MailGateway encryption guarantees that:

  • Existing email-based workflow processes are supplemented by confidentiality, authenticity and integrity in a simple and secure way
  • Email encryption and digital signatures are implemented from a central location, which enables consistent enforcement of data security guidelines for policy and regulatory compliance purposes
  • The program can automatically decrypt incoming and outgoing emails for recipients in the company’s own network or encrypt them for external recipients

To encrypt or decrypt emails and generate digital signatures, SafeGuard MailGateway uses the established S/MIME and OpenPGP Internet standards.

For recipients who do not have the email security infrastructure, the Sophos innovation SafeGuard PDFMail automatically encapsulates an email, along with its attachments, into an encrypted PDF file. The encrypted PDF file is then sent in an email to its recipient, thus securing the safe transmission of confidential information.

The recipient merely requires a conventional PDF reader and the corresponding password to decrypt the PDF document and to read the confidential contents of the email. The attachments contained in the PDF document retain their original format (e.g., .doc, .xls, .ppt) and can be extracted and modified. Afterward, the recipient can return an encrypted reply using the integrated reply function, as well as include attachments in his or her reply.

Alternatively, SafeGuard PrivateCrypto and SafeGuard WebMail can also be used to ensure that connections between external communications partners are secured without a security infrastructure.

SafeGuard MailGateway is scalable from small installations through redundant installations to organization-wide use in clusters.



  • Provides total security for external email traffic: all outgoing emails are automatically encrypted and signed; all incoming emails are decrypted and verified
  • Enables central virus scanning for encrypted emails
  • Enforces the internal security policy—transparent to the end user