Z-Scan

OVERVIEW

Traditional anti-malware technologies focus on recognizing the threat, identifying it and then stopping it. That entire process from identification to creation of protection can take between 4 to12 hours. Hackers know this and are taking advantage of it by flooding the Internet with hundreds of thousands new pieces of malware every day.

Network Box’s Z-Scan, an award-winning real-time zero-day anti-malware engine, continually analyzes data gathered by the Network Box Security Response Center, taking an innovative approach based on statistical observations to combat malware and spam. As a fully-automated engine, Z-Scan creates and releases fingerprints, reducing the time between discovery and protection to seconds.

Z-Scan also targets spam, bringing the total number of anti-spam engines used by Network Box to 25 and the number of anti-spam signatures to more than 30.7 million.

Z-Scan works by using a very large number of email traps (traditionally called “honey pots”); anything caught in an email trap is considered unwanted, and is therefore classified as either spam or malware. If our traditional engines do not flag it as such, Z-Scan creates a fingerprint unique identifier, which is immediately distributed to all our Security Operations Centers (SOCs) worldwide. Clients’ Network Box solutions query this data in the cloud to compare it with fingerprints they create against content they do not recognize. If the fingerprint exists in the Z-Scan database, the content is deemed dangerous and quarantined.

In place since October 2010, Z-Scan has proven to be very effective and to have no false positives at all.

ADVANTAGES

•   Continuous real-time threat analysis 24x7x365
•   “In the cloud” malware traps catch new threats very early in the outbreak
•   Fully automated process to produce fingerprints rather than signatures
•   High-speed “zero-day” malware response, cutting response time to seconds!
•   Additionally targets spam