×

Z1 SecureMail:
Email encryption
and signing for businesses

Z1 SecureMail automates security, data privacy, and compliance

- Encryption & signing according to international standards: S/MIME, OpenPGP, password-based encryption
- Gateway and email certificates from a one-stop shop with affordable certificate prices in a subscription model
- With CertMagic® up to 80% less effort in certificate handling compared to standard gateways on the market
- Professional image with communication partners – automated key exchange also saves effort on your partner’s side
- Competent and renowned Zertificon manufacturer support in German and English

Z1 SecureMail features and pricing
10 or 10,000 users? Find the right plan

Z1 SecureMail – features and pricing

How does it work?

Fig. Each email is individually encrypted according to the recipient’s capabilities.

Centralized Automatic
Email Encryption and Signature with a Gateway

Z1 SecureMail Gateway comes as a virtual email encryption appliance which integrates seamlessly into an existing email infrastructure. As an SMTP proxy it processes the entire company-wide email traffic. The Z1 SecureMail Gateway operates as a virtual mail room – processing incoming and preparing outgoing mail. It encrypts and signs outgoing mail whilst decrypting and validating the signature of incoming items. Suspicious emails are automatically blocked and the internal recipient informed. The complete email processing is performed according to ‘Z1 Policies’ which can be fully configured using the web-based administration interface. Z1 SecureMail Gateway works silently and transparently in the background. Sending and receiving emails remains the same for employees.

Using the right encryption method:
S/MIME, OpenPGP or password

Video (5 min): Z1 SecureMail sends an email to three contacts simultaneously using different encryption technologies. Security meets efficiency!

Automated email certificate management with CertMagic®

Automated certificate procurement as subscription

Z1 SecureMail contains technical interfaces to various recognized, certified trust centers. The procurement of your own employee certificates is easy and very competitively priced.

Z1 SecureMail ONE always includes certificates from SwissSign for all users. We also recommend a certificate subscription for individual offers for Z1 SecureMail Gateway. Similar to a flat rate, you have absolute cost transparency with maximum flexibility. You are not charged for each individual certificate issued, but for a fixed number of certificates. It is not the number of certificates issued that counts, but the number of certificates active at the same time. Compared to individual billing, you save money on erroneous issues and employee fluctuation.

We automate certificate exchange for you

The real challenge with email encryption and signing is the exchange of certificates with the communication partners. The certificates contain the public keys that are used for encryption and signature verification. Zertificon is the creator and operator of Z1 Global TrustPoint, the independent certificate search engine on the Internet. Here your certificates can be found by others. You can find the certificates of your communication partners there. Your Z1 SecureMail is connected to the Z1 Global TrustPoint and automates the exchange of certificates in real time. This is an important component that allows you to experience CertMagic® with up to 80% savings in certificate management effort.

OpenPGP key management

OpenPGP does not recognize any official certification authorities. Therefore, the handling of public OpenPGP keys cannot be completely automated. However, with Z1 SecureMail you can manage the process easily.

Automate and manage OpenPGP keys

Z1 SecureMail contains an OpenPGP key generator. This allows you to automatically issue OpenPGP keys for all employees. These are published on the Z1 Global TrustPoint so that your communication partners can easily find and validate them. It is also possible to import existing OpenPGP keys.

Root Signer Key simplifies the trust process

Z1 SecureMail provides you with a root signer key for OpenPGP, which is used to sign all keys created on your Z1 SecureMail system. Agree with your business partners that they will import your OpenPGP keys and thus automatically accept your OpenPGP keys. On the other hand, you can also import third-party root keys into your Z1 SecureMail and thus simplify the trust process. This makes email encryption for companies very efficient, even with OpenPGP.

Spontaneous email encryption without certificates with Z1 SecureMail (formerly Z1 SecureMail Messenger)

Z1 SecureMail provides encryption with passwords for email exchange with communication partners such as end customers and business partners who do not have certificates.

Send secure webmail or emails as an encrypted PDF

With Z1 SecureMail ONE you will have a secure webmailer. You send emails as usual via your mail program. If no keys are found for the recipients, Z1 SecureMail delivers emails via a secure web portal. With Z1 SecureMail Gateway delivery as encrypted PDF is also an option (see Description of services). A function for encrypted replies is always included.

Intuitive user guidance in your corporate design

You can customize the web interface of your Z1 SecureMail directly in the administration interface without any programming knowledge. Upload your logo and set the color values to match your corporate design.

Language selection for secure webmail and notifications

Z1 SecureMail is delivered with German and English language for the user interface of the secure webmailer and the notification emails. Other languages are available on request via Zertificon and can alternatively be added directly via the web-based administration interface (other languages are currently not available in the Z1 SecureMail ONE offer).

Intuitive, secure webmailer for exchanging encrypted messages (formerly Z1 Messenger)

Email encryption on-premises, in the cloud, or as SaaS?

Email encryption in the cloud or on-premises

Z1 Virtual Appliance runs on-premises and in the cloud

In your own data center, in the cloud or as a hybrid solution: Z1 SecureMail Gateway is easily and quickly integrated into your existing email infrastructure. Z1 SecureMail is ideally suited for operation with Microsoft 365 and Google Workspace. The anti-spam functions of cloud providers such as Exchange Online Protection (EOP) can be combined with Z1 SecureMail. How email encryption works in the cloud?

You receive Z1 SecureMail on a virtual Z1 appliance with a hardened operating system based on Debian Linux.

Supported virtualization environments for the Z1 Virtual Appliance Platform

	vSphere ESXI Hypervisor ≥ 6.7 Workstation Pro / Workstation Player ≥ 14.0
	XenServer Free / Standard / Enterprise Edition ≥ 7.0
	Windows ≥ 2016
	Proxmox VE 7.3.x, 7.4.x, 8.1.x

Email Encryption as a Service

Would you like to operate Z1 SecureMail Gateway as a Software-as-a-Service (SaaS)? We will be happy to put you in touch with one of our MSSP Partners, where you will receive managed services or even email encryption as a fully managed service. If you are interested, please write a short message in the free text field of our request form.

Hosted Email Encryption as SaaS

Z1 SecureMail ONE or Z1 SecureMail Gateway
Which solution fits best for me?

	Z1 SecureMail ONE	Z1 SecureMail Gateway
Number of users (mailboxes)	up to 100	unlimited
Purchase process	Buy online	Request an offer
Customer service	Customer portal with manuals and ticket support	Consulting as part of the request for quotation, ticket support and service hotline
Installation	Self-installation using manuals (ISO file provided as download in the customer portal)	Sales team sends ISO image; optional service available for integration into complex systems
Purchase of certificates	Automatic issuance: certificates for all users included in the price	Purchase via Zertificon is optional; type of certificates can be selected
Software as a Service	In preparation	Via Zertificon Partners
Shared features & benefits	Encrypt and sign S/MIME, OpenPGP, password Automatic certificate management Use predefined security rules for encryption and signing, or set up and customize your own (Z1 Policies) Email signatures and disclaimer management Compliance with: GDPR, KRITIS, NIS2, TISAX etc. Works with Microsoft 365 and Google Workspace In-house support in English and German

Find more details on the features, click here:

Z1 SecureMail – Features and Pricing

Optional Extension: Z1 MyCrypt Outlook Add-In

S Outlook Encryption Plugin: Z1 MyCrypt encryption trigger Z1 SecureMail Gateway security actions from your mail client

User control through selection of security levels

Create different security levels that your employees can select for each email before sending. For each security level, you assign specific actions such as encryption or signing, which are executed centrally at the gateway. Security and compliance can then be implemented without your employees having to deal directly with encryption tasks.

The client extension for MS Outlook is currently not included in Z1 SecureMail ONE. Z1 MyCrypt is optionally available for Z1 SecureMail Gateway. Z1 MyCrypt can only be used together with a validly licensed Z1 Server product (see service description).

FAQ about Z1 SecureMail

Test and Operation

What are the minimum technical requirements for operation?
The following technical requirements must be met for the operation of Z1 SecureMail:
- Own mail server, alternatively Microsoft 365 or Google Workspace packages with mail function and PORT 25 sending option.
- Own email domain with access to DNS configuration for domain validation in the certificate reference
- Virtual server with dedicated line to the Internet or fixed IPv4 address
  e.g. bookable with Hetzner or IONOS.
  The configurations of the packages depend on the load.
Z1 SecureMail ONE sample configuration

for 50 users and average email size of 200 kB

Minimum 8 GB RAM, 2 CPUs, 80 GB storage
How do I get a 30-day trial license for Z1 SecureMail?

Test licenses only as part of a PoC

We only issue 30-day test licenses for complex issues and integration challenges as part of a commissioned PoC.

Beforehand, all questions must be qualified with us in a consultation. Please contact our sales team via the enquiry form.

Pose your questions in the next live webinar

For all other questions about the operation and integration of Z1 SecureMail, please refer to our live online webinars with product demo.

Integration

Does Z1 SecureMail work with Microsoft 365 or Google Workspace?

Yes, there is an integration mode for Z1 SecureMail with Microsoft 365 and Google Workspace. The integration is widely used and easy to implement following our instructions.
In which virtualization environments can Z1 SecureMail be operated?

vSphere ESXI Hypervisor ≥ 6.7
Workstation Pro / Workstation Player ≥ 14.0
XenServer Free / Standard / Enterprise Edition ≥ 7.0
Windows ≥ 2016
Proxmox VE 7.3.x, 7.4.x, 8.1.x

Your question was not listed? Please use the contact form further down on this page.

Contact form for general questions about Z1 SecureMail

For price information or project enquiries, please use the enquiry form.
This is the quickest way to contact sales.

email 2

Company Details

Company name

My company owns not more than 100 email addresses which are used for external communication.

Contact person

Ms

Mr

First name

Last name

Email address

Subject:

Your message

Data privacy notice

We will process your personal data as described in our privacy policy.

WordPress Cookie Plugin by Real Cookie Banner