Email is a critical component of business operations and even small email delays can have a big impact. That’s why KnowBe4 Defend is architected with high availability and redundancy at its core, ensuring that your emails are quickly inspected and that they are always delivered.
Defend achieves this by making use of a modern cloud-native architecture in AWS. This utilizes availability zone (which are isolated locations within a region, each being geographically separated), as well as completely independent power, networking and cooling infrastructure to ensure full redundancy.
The Defend system also makes use of sophisticated SMTP retry and error handing logic, which ensures that if, for example, Microsoft 365 is down, the emails will be properly retried and sent as soon as Microsoft 365 is available again.
This results in Defend being highly available and resilient to infrastructure failures without negatively impacting you, as well as adhering to SMTP/email best practices ensuring your emails always get delivered in a timely manner.
Defend integrates transparently into Microsoft 365 via SMTP and Graph API, operating after a Secure Email Gateway (SEG), and/or Microsoft 365 has performed any analysis at the perimeter.
A simple Deployment Packager will create necessary groups, app registrations, connectors and mail flow rules required to complete set up in under 30 mins. Deployment can be staggered by group, geography, and organizational unit.
Using the KnowBe4 Defend API, integration into a SIEM/SOAR makes it simple to report alongside existing security tools. Defend can output log data in a range of formats via API. For Native Microsoft customers, there is also a Microsoft Sentinel connector available on Azure marketplace.
Defend leverages Microsoft Graph to provide post-delivery remediation capability for administrators. This includes the ability to group and delete heterogeneous phishing events across multiple mailboxes and geographies.
