Protecting a network from modern malware has become a lot more complicated than applying simple anti-virus with some old-fashioned signatures, maybe installed on just the workstations. The current threat level indicates a continuation of a trend that started a few years ago, with hackers writing malware at an ever-increasing pace. The statistics shown under http://response.network-box.com/malware reveal this trend very clearly. We no longer talk about “anti-virus,” because the number of different threats is such that it required us to use a new term: “anti-malware.”
The Network Box email anti-malware solution uses a multilevel approach to attack the problem from many angles. First of all, the Network Box unified threat management (UTM) device applies a number of policy controls to ensure that certain types of dangers are blocked before they are even analyzed; iframes, hidden objects, binary objects, and a host of other potential threats are blocked without question.
You can also choose to block email attachments based on extensions or file types. Our UTM device can recognize the true file type or mime type of an email attachment and block it, even if it’s disguised as something non-malicious. The UTM then applies three traditional anti-virus engines: Kaspersky, ClamAV and Network Box’s own. The current number of signatures the three anti-virus engines total can be found at http://response.network-box.com/protection-malware.
Even with all these signatures and three anti-virus engines in place, we were not yet satisfied. We felt that with the number of zero-day threats increasing at such an accelerated pace, something more “real time” was needed. Therefore, in September 2010 we introduced Z-scan, the first real-time anti-virus engine, which releases automated signatures within seconds after a zero-day threat is identified, as opposed to the hours (or days) that traditional anti-virus solutions take to release a signature.
In a recent independent test, the Tolly Group determined that the Network Box anti-virus solution is 100% effective against malware for SMTP, POP3 and HTTP. You can read the test results here: Tolly report.
And you can learn more about the Network Box anti-virus approach in our white paper.