Defense in Depth

Malware comes in many forms these days, from the traditional email borne attachment to worms which propagate over ports with no relation to email. An example would be SQL Slammer which uses UDP port 1434 and spreads without any human intervention. Another attack vector which is increasing in its popularity, is to draw a user to an infected website and encourage them to download a virus.

Good defense will have email scanning to stop the initial email reaching the user, it will have content filtering to ensure that users cannot go to known malicious sites and scanning on web traffic to detect any the malware being downloaded.

Network Box uses three different manufacturers to provide a multi-layered, multi-engine approach:

• Award winning Kaspersky Labs
• Clam AVG designed especially for e-mail scanning on mail gateways.
• Network Box's Just-In-Time (JIT) anti-malware technology engine.

Network Box transparently analyses all email types (both incoming and outgoing), http and ftp protocols for signs of infection and blocks viruses, worms, Trojans and malicious content at the front door. Even attachments such as .zip files are scanned, in fact more than 670 different compression and encoding formats are decoded and scanned. Additionally, external emails from POP3 and IMAP accounts are scanned to ensure that the network is kept safe.

Moreover, just-in-time technology allows Network Box to apply temporary blocks to as yet unknown viral threats until more permanent solutions have been tested and made available.

Updated in real-time using high speed PUSH technology, each Network Box contains a comprehensive signature database of over 275,000 signatures identifying and blocking viruses, worms, spyware, Trojans and general malware threats.

For new and emerging threats, the state-of-the-art heuristic analyzer uses both cryptanalysis and statistical analysis techniques to block even previously unknown viruses and worms.

Features

• Detection of viruses, worms and trojans from HTTP, FTP, SMTP, POP3 and IMAP4 sources.
• Incoming and outgoing message protection, with support for large email sizes.
• Support for archived attachments protects against buried threats.
• Security-hardened services, with open-relay protection prevents spread and significantly limits damage.
• Just-In-time and heuristic AV engines block uncharacterized viruses before they have a signature.