The EEMSG is offered at no charge to the end user.
The EEMSG has been designed with a robust architecture that provides high availability through global load balancing across multiple geographically disperse hosting locations. The fault tolerant design includes automatic failover and recovery. The EEMSG will scale to process email for all DoD NIPRNet domains and is currently protecting Defense Enterprise Email (DEE) and several Navy domains totaling nearly 500K mailboxes.
HOW TO ORDER
USCYBERCOM will issue WARNORDs and TASKORDS to direct EEMSG implementation. Please respond to those orders to request further information and to schedule integration into the EEMSG.
The Enterprise E-mail Security Gateway (EEMSG) capability is one of several critical NIPRNet Hardening capabilities deployed by the Defense Information Systems Agency (DISA). EEMSG simultaneously meets USCYBERCOM requirements for defense of the DoD Information Networks (DoDIN) while providing multiple operational communities and end users the mission assured environment required to execute Net-Centric Warfare. EEMSG is a USCYBERCOM planned/directed mandatory capability that provides defense-in-depth protections to existing service-level and enclave-level email systems. All components on the NIPRNet will be required to have inbound e-mail traffic routed through EEMSG. EEMSG is being deployed in three capability phases:
- Phase 1 - Inbound (Internet-to-NIPRNet) e-mail protection
- Phase 2 - Outbound (NIPRNet-to-Internet and NIPRNet-to-NIPRNet) e-mail protection
- Phase 3 - Inbound encrypted e-mail inspection
Phase 1 of EEMSG enhances CC/S/A/FA network and host based protections throughout the DoD while maintaining mission essential interactions with the Internet e-mail services. The EEMSG blocks viruses, spam, phishing, and other direct attacks from the Internet to the protected domains in DoD while simultaneously improving data sharing with unclassified/non-classified partners. EEMSG filtering significantly reduces the volume of unwanted and malicious e-mail received at the enclave, reducing the workload of operators evaluating potentially malicious messages.
The EEMSG capability improves Mission Assurance and provides the basis for operations on the NIPRNet for cyber defenses. The collapsed architecture also improves the ability for collaboration and data sharing in support of NetOps / CND missions. This is a combat multiplier for forces throughout the DoD assigned the mission to detect, diagnose, and react to cyber attacks. Finally, EEMSG significantly improves the situational awareness of email perimeter defense through centralized logging, reporting and message tracking.
DISA provides a trained operational support staff with a 24x7 service desk ready to assist in resolving email delivery issues. Dedicated analysts maintain custom signature filters to quickly respond to newly discovered threats.
EEMSG accomplishes the EEMSG mission utilizing an enhanced Information Technology Service Management (ITSM) structure — called the DISA Enterprise Service Management Framework (DESMF), this framework seeks to document processes, tactics, techniques, and procedures (TTPs) and work instructions for all agency services under one comprehensive framework.
EEMSG provides the following services for the protection of DoD Email Domains:
- Spam Filtering
- Content Filtering
- Sender Spoofing Detection
- Spear Phishing Detection
The EEMSG provides a standard DoD-wide email security policy. No optional features are available.
Value to Our Mission Partners.
The deployment of EEMSG potentially allows enclaves to consider eliminating e-mail scanning systems that duplicate the capabilities of EEMSG and may be neutered to some extend (e.g., sender IP reputation) with EEMSG in the path.