1 / 25

Email content/exploit checking & anti-virus

Email content/exploit checking & anti-virus. GFI MailSecurity for Exchange/SMTP. Provides email content checking, exploit detection, threats analysis and anti-virus and removes all types of email-borne threats before they can affect your email users. The rise of email security threats….

aquarius
Télécharger la présentation

Email content/exploit checking & anti-virus

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Email content/exploit checking & anti-virus

  2. GFI MailSecurity for Exchange/SMTP • Provides email content checking, exploit detection, threats analysis and anti-virus and removes all types of email-borne threats before they can affect your email users.

  3. The rise of email security threats… • In 2003, email viruses, worms and Trojans caused worldwide damages worth US$ 55 billion. • – Reuters, January 2004 • The number of email attacks between January and June 2003 exceeded 70,000 which is about twice the rate for 2002. • – Reuters, January 2004 • Research carried out by Hewlett-Packard shows that the signature update approach is fundamentally flawed, because worms can spread faster than anti-virus signature updates can be distributed. • – The Register, September 2003 • “I know that some of you think a virus scanner is the answer, but I don’t trust them. Many virus scanners were woefully slow to react when the ILOVEYOU, AnnaKournikova, or Sircam worms appeared.” • – Mark Minasi, Windows 2000 Magazine, August 2001

  4. Why choose GFI MailSecurity for protection? • These are some of the key reasons why GFI MailSecurity is the ideal choice to protect against email viruses, Trojans and malware: • Multiple virus engines guarantee higher detection rate and faster response • Unique Trojan & Executable Scanner detects malicious executables without the need for virus updates - MyDoom was detected immediately! • Exploit shield & HTML threats engine to disable email exploits & HTML scripts • Unbeatable price: $350 (25), $999 (100) and $3999 (UNL) mailboxes.

  5. Why you need multiple virus scanning engines • The response time of a virus vendor to a new virus outbreak is critically important (i.e. the time it takes to update and deploy the virus signature files), as a virus could reak havoc in a matter of hours from its release. No single virus vendor is always the fastest, so by having three virus engines your chances of getting network protection on time increases threefold! You won't have to risk relying on a single vendor to be the fastest each time, but instead hedge your bets on three or more anti-virus vendors. • See this white paper for more information.

  6. Why you need an email exploit shield • An exploit uses known vulnerabilities in applications or operating systems to execute a program/code or circumvent security measures. • An email exploit is an exploit embedded in an email that can be executed on the recipient’s machine when a user opens or receives an email. • The email exploit shield identifies emails that contain exploits.  Examples of viruses that used exploits are the Nimda, BadTrans.B and Klez viruses, which all use the same exploit to propagate. An email exploit detection engine recognizes the exploit used and can block all worms immediately and automatically, without the need for updates. • See this white paper for more information.

  7. Why you need a Trojan and executable scanner • Because anti-virus software is signature-based, it can only detect known viruses and Trojans. It is therefore unable to detect new viruses or one-off Trojans as soon as they are released. GFI MailSecurity’s Trojan and Executable Scanner takes a different approach, it can detect unknown viruses and Trojans before they enter the network - and before anti-virus engine vendors have issued signatures against them. • For example, in the January 2004 MyDoom outbreak, GFI’s Trojan and executable scanner blocked Mydoom before virus vendors had issued an update against it. • See this white paper for more information.

  8. Why you need an HTML threats engine • HTML mail has become very popular, however it can include scripts and Active Content, which can allow programs or code to be executed on the client machine. • GFI's patented HTML threats engine disables scripts and active content in HTML mail, without affecting formatting or images. • See this white paper for more information.

  9. GFI MailSecurity can be deployed in 3 ways: • In SMTP gateway mode as a mail relay server (email firewall). In this mode it integrates with IIS 5 for unparalleled speed and scalability. • In VS API mode on Exchange 2000/2003 – scanning message stores. GFI MailSecurity is the only content checking product that supports Exchange 2000/2003 VS API. VS API is recommended/required by Microsoft! • Both at the gateway level and on Exchange 2000/2003 for top security.

  10. GFI MailSecurity configuration Configuring email content security • With GFI MailSecurity, you can configure multiple content checking and file checking rules. • You can create multiple content checking rules, allowing you to set different policies for different keywords, file types and users.

  11. Enter keywords to • content check thebody of the email Creating a content checking rule • You can create new content checking rules and specify what to check for in the subject or body of an email.

  12. Quarantine, delete • or move email • Optionally notify • the user and/or • log the occurrence Creating a content checking rule • Now specify what to do with the email and who to apply the rule to.

  13. Apply the content checking rule to one or more users Creating a content checking rule • GFI MailSecurity integrates with Active Directory enabling you to set user-based rules.

  14. Specify what attachment types to check Attachment checking • You can create attachment checking rules in the same way as content checking rules.

  15. Use the moderator client OR approve/reject via your email client Moderating email • Once an email is quarantined, it must be approved or rejected. • This is done using the moderator client or an email client. • You can distribute the administrative load to multiple admins using a public folder.

  16. Virus checking with multiple virus scanning engines • GFI MailSecurity is virus engine independent - it includes multiple virus engines, providing much greater security. • Both the Norman Virus Control & BitDefender virus engines are included. The McAfee and/or Kaspersky virus engine can be purchased as an optional 3rd/4th engine. • The Norman virus engine is 16-time winner of the 100% Virus Bulletin award. BitDefender is ICSA certified.

  17. Click here to activate virus scanning Here you can choose to automatically remove all Office macros Virus checking configuration • GFI MailSecurity supports automatic updating of signature files.

  18. Exploit engine configuration The email exploit engine • GFI MailSecurity’s email exploit detection engine builds on GFI’s leading research on email exploits, and safeguards you from future email viruses and attacks that use known application or operating system exploits. GFI SecurityLabs regularly finds new email exploits, and these are automatically downloaded by GFI MailSecurity. GFI MailSecurity is the only email security product to detect email exploits.

  19. The Trojan and executable scanner • GFI MailSecurity includes an advanced Trojan and executable scanner. This can analyze what an executable does, and quarantine any executables that perform suspicious activities. This way, potentially dangerous, unknown or one-off Trojans can be detected before they enter your network.

  20. GFI MailSecurity: Excellent value • GFI MailSecurity is the market leading content checking solution with over 30,000 servers installed worldwide. • It offers unmatched value for money. GFI pricing is 70% lower than competitor prices: • No. of users 50 250 1,000 • Major Competitor 1 $1,234 $4,873 $11,695 • Major Competitor 2 $1,900 $9,500 $38,000 • GFI MailSecurity $550 $1,699 $3,499

  21. Test if your email system is vulnerable to email threats! • Is your email system vulnerable to email viruses, exploits & attacks? • Find out today using GFI’s test page: http://www.gfi.com/emailsecuritytest/ • Here, you can check whether your email system is secure against threats such as emails containing infected attachments, emails with malformed MIME headers, HTML mails with embedded scripts & more.

  22. What our customers say • “GFI MailSecurity for Exchange/SMTP was flawless in installation and the software itself is actually better than some of the ‘major’ players that I have been evaluating. I did have a chance to fully test it this weekend as the SoBig worm flooded our servers: GFI MailSecurity stopped every single message and has performed to higher levels than I expected.” • – Michael McKinnon, Director of Technical Operations - Equita Financial Services, Texas, USA • “We’ve used GFI MailSecurity for Exchange now for over two years. During this time we’ve never had a virus although many have been caught by GFI MailSecurity’s screening of our email. Administration is easy and fast. We feel very protected using GFI MailSecurity.” • – Paula Chesbrough S.V.P. - Eagle Bank, MA, USA • Click here for more testimonials!

  23. Customer list • Many leading companies have chosen GFI MailSecurity for Exchange/SMTP; here are just a few: • NASA • US Navy • USAF • Perotsystems • IBM • European Central Bank • MG Rover Group Ltd • Peugeot • Toyota  • & many more!

  24. More information and downloads • Download your FREE eval copy of GFI MailSecurity for Exchange/SMTP • For white papers on email exploits, content checking, anti-virus, anti-Trojans and other email security issues click here

  25. About GFI • GFI has five offices in the US, UK, Germany, Australia and Malta, and has a • worldwide network of distributors. • GFI is the developer of the market leading GFI FAXmaker, GFI MailSecurity, • GFI MailEssentials, GFI Network Server Monitor and GFI LANguard product ranges. • GFI is a Microsoft Gold Certified Partner and has won the Microsoft Fusion • 2000 (GEM) Packaged Application Partner of the Year award. • For further information, please visit our website. • Back to first slide

More Related