Trustifi Inbound Shield

Overview

Trustifi is an email security provider offering a variety of solutions that enable organizations to secure their inbound and outbound email communications against advanced threats such as spear-phishing, account impersonation, and account takeover. Trustifi Inbound Shield is their cloud email security solution that offers protection against malicious emails sent from external senders.

Inbound Shield offers spam filtering, sandboxing and virus scanning, as well as AI-powered threat detection and post-delivery remediation, helping to block both known and zero-day email-borne threats. The platform is compatible with local email clients, Microsoft 365, Exchange (versions 2013+), and Google Workspace.

Key Features

Spam Filtering

Inbound Shield carries out DMARC analysis on all inbound emails, combining DKIM and SPF authentication mechanisms to filter emails based on the sender’s domain reputation, helping to identify and block brand spoofing and impersonation attempts. Emails that fail DMARC checks are quarantined or blocked as per admin-configured policies.

Sandboxing And Virus Scanning

Once the domain reputation has been verified, Inbound Shield scans all links and attachments for known viruses and malware. This scanning takes place in a secure sandbox environment, so that any threats are detonated in isolation of the customer’s email network.

AI-Powered Threat Detection

The platform’s AI-powered threat detection engine analyzes all email content for anomalous activity and indicators of malicious intent, such as requests for the recipient to share confidential data such as financial information or credentials. This enables Trustifi to prevent the delivery of sophisticated phishing attacks.

All emails are classified according to their threat types, with classifications ranging from “Authenticated” (i.e., “safe to open”) through to warnings such as “Impersonation Attack” or “Spoofing Attack.” Admins can define policies to block or quarantine emails automatically according to their classification.

Threat Quarantine

Via the platform’s central management system, admins can review quarantined emails, including email content and headers and Trustifi’s reason for quarantining them. Admins can then either release emails, mark them as “Handled” and classify them, whitelist or blacklist them, or request that the sender verify their identity before the email can be delivered.

Quarantined emails are held for 60 days before being deleted.

Whitelisting and blacklisting policies are highly granular; they can be based on the sender’s email address, IP address, or domain, or on content found within the email. This prevents repeat attacks from known threat actors, as well as preventing the accidental quarantine of legitimate senders, and means that, if a threat actor sends an email from a legitimate domain, the platform won’t automatically block all future emails from that domain.

Admins can configure Inbound Shield to notify themselves and users as soon as an email is quarantined. It’s important to note that this type of setup can be problematic if an organization has a high volume of emails coming in, as it can lead to notification fatigue.

Post-Delivery Remediation

Inbound Shield adds a warning banner to the content of any delivered emails that have been classified as potentially malicious. These banners warn users against replying to the email, clicking on links, and opening attachments.

The platform’s Threat Response system scans emails that have already been delivered for malicious content, blocking threats that may come from an internal sender whose account has been compromised. This feature is also particularly useful to run when a customer first joins Trustifi, as it can help detect malicious emails that were delivered before the platform was implemented. Threat Response scans are straightforward to run via a simple wizard, and admins ca choose whether discovered threats are archived, permanently deleted, or quarantined so that only admins can view them.

Reporting

As well as reporting on quarantined emails, Inbound Shiels offers an email logging system within the management console, which monitors and logs all actions performed by admins. This is useful for auditing and accountability.

Ease Of Use

Inbound Shield is easy to deploy, offering direct API integrations (no infrastructure changes or MX record redirects needed) with cloud-based email platforms such as Microsoft 365 and Google Workspace. It takes approximately one hour to set up Inbound Shield for less than 1,000 users via API; for 1,001+ users, the platform must be set up via mailflow. Our technical team deployed the solution in around an hour, even when not using Trustifi’s setup wizard.

Onboarding users takes only a few minutes, thanks to integrations with user directory services such as Azure Active Directory.

The platform comes with pre-configured protection settings in place so that it instantly provides threat protection upon deployment. Admins can then sign in to define more granular threat detection policies. Defining custom policies is very straightforward via the “Inbound Email Rules” tab. If needed, admins can import longer lists of keywords from a CSV file, instead of having to manually type them in.

Trustifi provides technical support with the deployment and integration process and offers ongoing phone and email support. Trustifi also has an FAQ forum, which includes detailed guides on how to properly configure and manage the platform. For MSPs, Trustifi offers marketing materials and case studies.

Overall, the Inbound Shield management console is highly intuitive and straightforward to navigate. Admins can easily define policies on how the platform should handle malicious emails, and apply policies globally to all users, or to specific user groups.

Pricing And Plans

Pricing for Trustifi Inbound Shield is available upon direct request via Trustifi.

Best Suited For

Thanks to its intuitive, navigable interface, Inbound Shield requires little technical knowledge to manage, making it suitable for SMBs as well as larger enterprises looking to displace their legacy email gateway solutions.

But prospective buyers shouldn’t mistake “user-friendly” with “basic”—Inbound Shield’s granular policy configurations, comprehensive activity logs, and seamless integration with Trustifi’s Outbound Shield encryption solution make it particularly well suited to organizations that must prove compliance with strict data protection regulations, such as those operating in the healthcare, legal, and financial services sectors.

Final Verdict

Trustifi’s Inbound Shield is a robust email security solution that offers effective identification, classification, and remediation of email-borne threats.

Unlike traditional SEGs, Trustifi is easy to deploy—particularly within cloud-based email clients such as Microsoft 365 and Google Workspace—and offers protection against more targeted threats such as spear phishing and impersonation attack, which often slip through the spam filtering and connection checks offered by legacy solutions.

For larger organizations with a high email volume, we recommend configuring quarantine reports to be delivered on a regular schedule, rather than sending a report as soon as an email is quarantined, to help mitigate notification fatigue.

We recommend that any organization looking for user-friendly yet robust protection to displace their legacy email gateway solution consider shortlisting Trustifi.