Whats it all about?


Avanan is a cloud-native email and collaboration security solution that connects directly to Microsoft 365 and Google Workspace via API. Unlike traditional gateways, it works inside the cloud to block phishing, malware, ransomware, and business email compromise with AI-driven detection. It also offers post-delivery remediation, user reporting, and granular policy controls delivering inline protection without extra complexity or hardware.


Guardz & Avanan Integration


Guardz now incorporates Avanan to bring a stronger, smarter email security directly inside the Guardz platform. This enhancement provides:

  • Industry-leading protection against phishing, malware, ransomware, and business email compromise
  • Seamless experience: everything is managed from your Guardz dashboard, no need for another console
  • Smart defaults: Guardz pre-configures policies so you’re protected from the moment you activate
  • Flexibility: admins can still customise policies, allow/block lists, and workflows


Key Differences 


1. Service Behaviour

  • Guardz in-house: rule-based scanning, limited threat detection.
  • Avanan: API-based inline protection, using AI + ML to stop threats before they reach the inbox.

2. Activities 

  • Guardz: focused on basic quarantine and spam reporting
  • Avanan: full event sync into Guardz, advanced categories (phishing, malware, graymail, etc.)

3. Event Management

  • Guardz: admin can remediate a detection by deleting the email from users’ inbox
  • Avanan: email deletion is not functional
  • Guardz: Caution banner is removed as part of ‘Mark as Safe’ flow
  • Avanan: not applicable

4. Policies

  • Guardz: fewer options for policies
  • Avanan: confidence-based detection, flexible workflows (quarantine, junk folder, warnings), more allow/block lists elements (email, domains, IPs, headers, file types), setting up a phishing reporting mailbox, clean emails banner enabled, etc.


5. Customisation Options

  • Guardz: email banner customisation is available
  • Avanan: in the first migration phase, banner customization will not be enabled



Impacts of Switching 


Stays the same:

  • Allow and block lists will be migrated 'as is' (except for file type rules)
  • Users will continue to use the Guardz end-user portal to review emails
  • Users and admins will continue to receive Guardz email notifications


Changes:

  • Existing email banner customization will be overridden
  • ‘User Report’ feature is enabled by default (regardless of its current state)
  • Admin approval for quarantine release is enabled by default (regardless of its current state)
  • Gmail forwarding may stop working for some senders (e.g., Google Voice). This happens because URL rewriting changes the DKIM signature. Contact Manage Protect Support so we can fully bypass scanning and URL rewriting for the affected domains


Completely new:

  • URL rewriting: the URLs of links found in both the email body text and attachments are changed and replaced
  • Password-protected emails: protection against malicious password-protected attachments by removing them, adding a warning banner, and requesting the password for scanning. If clean, the file is delivered to the intended recipient. Passwords aren’t stored, brute-forcing is blocked, and delivery remains secure
  • ‘Graymail’ handling (admins will be able to choose the action taken)
  • IP and header support in allow/block lists