Overview

Features

Summary

 

 

Overview 

The scale and complexity of recent virus attacks have highlighted the importance of a robust, secure messaging platform to protect your network perimeter. The traditional approach of being able to identify and block known viruses is no longer enough.

To combat this evolving threat, eDoxs offers the most comprehensive multi-scan, multi-vendor anti-virus solution:

•   • IronPort Virus Outbreak Filters™ − a critical first layer of preventive defense against new outbreaks, detecting and stopping viruses before any other technology.

  • Integrated McAfee and Sophos anti-virus engines − enabling  multiple traditional virus detection methods to ensure pro­tection against even the most complex virus attacks.

 Features

With the highest performance virus detection and scanning technologies in the industry, anti-virus technologies from IronPort, McAfee and Sophos provide fully integrated layers of virus protection.

MULTIPLE DETECTION METHODS: PROTECTION AGAINST THE WIDEST VARIETY OF VIRUSES

During the scanning process, the McAfee and Sophos anti-virus engines both analyze each incoming message and file, identify the type and then apply the relevant technique to ensure highest efficacy and throughput. The McAfee and Sophos anti-virus engines employ multiple detection methods, such as:

Pattern Matching detects viruses and other potentially unwanted software by specific code sequences known to be present within a virus. The patterns are created to ensure that the engine catches not only the original virus but derivatives within the same virus family. In doing so, McAfee and Sophos approach viruses in a complementary fashion. McAfee’s scanning engine starts from a known place in a file, then searching for a virus signature. Often, they must search only a small part of a file to determine that the file is free from viruses. Conversely, Sophos’ scanning engine searches for multiple short code sequences in tandem to detect virus signatures.

Advanced emulation technology is used to detect encrypted and polymorphic viruses. If either engine suspects that a file contains a virus, it creates an artificial environment in which the virus can run harmlessly until it decodes itself and its true form becomes visible. The engine then identifies the virus by scanning for a virus signature. The robust engine supports multiple scanning modes to optimize performance.

Heuristic analysis is utilized by both engines to ensure that variants of viruses are caught with minimal information available about virus code patterns. Heuristic analysis is based on the fact that programs, documents or email messages that carry a virus often have distinctive features. They might attempt unprompted modification of files, invoke mail clients, or use other means to replicate themselves. The engines analyze the program code to detect these kinds of computer instructions. The engines also search for legitimate non-virus-like behavior before taking anti-virus action to avoid raising false alarms.

MULTIPLE OPTIONS FOR VIRUS HANDLING

Administrators have multiple options to handle virus infected messages. As viruses evolve, new strains of attacks try to bypass anti-virus protection by concealing viruses within password protected, encrypted files or malformed messages. The IronPort solution detects potentially dangerous messages, giving the administrator full control over how these messages should be handled by the system.

The fully integrated Virus Quarantine provides additional options to customers to determine what actions to take on viral messages along with end-user notification options.

The unparalleled performance of IronPort’s email security appliances enables the scalability required for fully integrated anti-virus protection for continued message growth. The anti-virus solution likewise protects your infrastructure from being overwhelmed by complex virus outbreaks and ensures that your mission critical email will continue to be accepted.

Summary

With the growth in number and complexity of viruses, it is critical that customers protect their networks with solutions that provide coverage against the widest variety of virus threats.

IronPort’s anti-virus offerings (IronPort Virus Outbreak Filters, McAfee Anti-Virus and Sophos Anti-Virus) provide a multi-layered, multi-vendor approach to virus filtering – by offering a high performance virus scanning solution, integrated at the gateway.

With IronPort’s proprietary AsyncOS™ operating system, the IronPort C-Series and IronPort X-Series email security appliances can process hundreds of messages per second. Whereas, traditional MTAs can only handle 10 to 20 messages per second. The unparalleled perfor­mance of IronPort’s email security appliances protects your email infrastructure from being overwhelmed by large-scale virus outbreaks and ensures that your mission critical email will continue to be accepted.