|
 |
| |
| |
| |
Facing ever-growing new types of virus threat, enterprises relied only on traditional desktop anti-virus strategy will usually find their efforts ineffective. A completed email anti-virus architecture can help to ensure that viruses will not easily sneak into the enterprise network through SMPT, POP3, FTP or HTTP.
By architecturally positioning ViruSherlock Security Suite behinds firewall as a gateway, all of the incoming and outgoing email traffic (SMTP, POP3) to the email server will firstly be filtered by ViruSherlock. This in term prevents virus attack directly towards the email server and employee's PC. Furthermore, traffic via HTTP request or FTP transfer will also be scanned and filtered by ViruSherlock. ViruSherlock Security Suite supports full-transparent proxy for all communication protocols. This means the network administrator can activate anti-virus protection on SMPT, POP3, HTTP and FTP directly without any configuration on the user computer.
|
|
|
| |
| |
By allowing ViruSherlock for SMTP to be deployed architecturally in front of Email server, all local-to-local, outgoing, and incoming emails will first be scanned and filtered by ViruSherlock. Only after the email has been checked and cleared, it is passing onward to its destination. Apart from the complete anti-virus email protection, ViruSherlock further provides “ranking chart of IP address with the most virus hit” to enable the administrator to quickly identify infected PCs and prevents further spreading of the virus.
|
|
|
| |
| |
ViruSherlock successfully integrates each level of the process, which includes:
 Prevention:
Three-stage email filtering process to ensure complete security.
Anti-Spam Filter:
Multi-functional anti-spam facility to filter out unwanted junk mails.
Anti-Virus Protection:
Integrated with Sophos anti-virus technology to provide anti-virus protection at the gateway.When traffic pass through ViruSherlock via SMTP, POP3, HTTP or FTP protocol, it activates real-time scanning for the viruses. If ViruSherlock identifies infected HTTP requests or FTP file transfer, it stops the activity and executes predefined handling procedures.
Policy Filtering:
Users have to first configure the "Filtering Rules". When email has been labeled as "illegal", it can set to be deleted, quarantined, or forward. Thus the unsafe emails are fully prevented from entering the E-mail Server.
Analysis & Report:
Reports are made based on data from the "Email Processing Status" and the "Infected Email Statistic". The report can be converted into a bar or line chart to conveniently viewing the email usage trends. This will offer managers or network administrators with well-prepared analysis data.
Update:
The Anti-virus prevention relies heavily upon the timely availability of virus definitions and virus engines. ViruSherlock uses the powerful Sophos Anti-Virus engine, and moreover, ensures the user automatically update to the latest virus definitions from the Sophos web site. |
|
|
|
|
| |
Email has grown to become one of the most important business communication channels, however, unsolicited emails or so-call Spam are increasingly affect the company productivity and employee working efficiency. To solve this problem, ViruSherlock has included anti-spam functionality to help the enterprise to minimize the impact of unsolicited emails on servers and human resource.
Whitelists – A list that contains trusted email addresses, IP addresses and mail domain.
Blacklists – A list that contains blocked email addresses, IP addresses and mail domain.
Real-time Black hole List (RBL) – Supports various RBL for up-to-date notorious spammers.
Reject ex-employees' email to prevent inadvertent emails from entering the enterprise network and minimize bandwidth wastage.
DNS Reverse Lookup Server List – A list of email server IP that provide DNS Reverse Lookup function.
Non DNS-reverse-lookup email servers will be rejected.
Checking the argument of HELO/EHLO command to reject the request when the argument is not in fully qualified domain form or the argument has no DNS A or MX record.
Configurable to enable or disable email from address validation. |
|
|
| |
| |
| |
System Administrators can specify the definition of "unwanted email" and based on mail header (such as From, To, Subject, Date) and the filename of attachments, filtering rules can be set. For example, a filtering rule can be set to "reject all .exe files" that will in terms, quarantine all .exe executable files and disallow passage to the E-mail Server. Aside from lowering the probability of dangerous or junk mail, sensitive business documents can be screened to prevent from leaking out of the company and thus damaging the company rights. |
|
|
| |
| |
When any data pass through ViruSherlock gateway via SMTP, POP3, HTTP or FTP, VirusSherlock will trigger Sophos Anti-Virus engine to perform virus scanning for preventing the infected emails to enter the enterprise Intranet . The configurable procedures up on the detection of infected email are listed as follows:
When infected email is detected:
The infected attachment can be deleted, quarantined, or disinfected if possible.
When infected email cannot be disinfected:
For those files that cannot be disinfected, the action taken upon on them can be ‘Allow Delivery', ‘Quarantine', or ‘Delete' (SMTP only).
When files cannot be scanned:
For those files that cannot be scanned, that usually means the files are password-protected, and which may contain important confidential information. The action taken upon on those files can be ‘Allow Delivery', ‘Quarantine', or ‘Delete' (SMTP only).
Configurable Options To Enable/Disable Recursive Scanning on Compressed Files:
The Anti-Virus engine is able to recursively scan compressed files. The recursive level into compressed files is configurable to prevent any viruses hidden inside it. |
|
|
| |
|
|
| |
Based on virus name, source (IP or domain), and receiver/sender ranking, ViruSherlock can generate a graphical representation of infection details, in terms of receiver/sender, number of email sent/received, subject, and date. This graphical report provides Administrators with the virus activity. Based on the status of virus infection, procedures such a search for infected machines and correct antidotes supply can be easily taken to prevent further spread of infection.
|
|
|
| |
| |
To guarantee that ViruSherlock always has up-to-date anti-virus service, the product is able to update itself through the Internet. By using ViruSherlock's management console, one can go to Sophos' web site to download the latest virus identities. In addition, this function can be set to perform manually or automatically. The console offers a virus definition update table so that the managers always know the new virus definition and the update schedule. |
|
|
|
|
