Antimalware: The real-time perimeter solution to combat malicious code
Malware refers to all files with content that could be malicious for a computer system. This is not just limited to viruses, as there are many other types of files that can cause serious damage to computers or networks.
The term malware refers to a wide range of threats:
- Viruses: They destroy information and replicate automatically.
- Worms: They make copies of themselves and send themselves massively from infected computers to all contacts in the address book, for example.
- Trojans: They can open ports to a hacker who can take remote control of an infected computer.
- Spyware: They steal personal information stored on a computer.
- Phishing: This involves sending email messages that appear to come from reliable sources (such as banks) and that try to get users to reveal confidential banking information. To do this, the messages usually include a link to spoofed web pages. In this way, the user, thinking that they are in a trusted site, enters the requested information, which is really falling into the hands of the fraudster.
- Blended threats: The latest epidemics have involved attacks using a combination of threats (blended threats).
- Dialers: They change dial-up connections to premium-rate numbers without the user's permission.
- Jokes: These are time-wasting tricks or jokes.
- Other risks. Certain software is not classified as malware, but can pose a risk to the security of corporate networks if it is used.
- Hacking tools: all tools that can be used to steal confidential information or gain unauthorized access, etc.
- Security risks: applications that pose a risk to security and which are not classified as viruses. For example, a program for creating viruses or Trojans.
The anti-malware protection in the Panda GateDefender appliances blocks all these types of threats at perimeter level. This means that the malicious code never enters the corporate network.
Combination of real-time proactive protection and reactive protection
The anti-malware protection in Panda GateDefender combines 2 powerful techniques to provide the most complete protection:
- Collective Intelligence (CI): automates the collection, classification and detection of malware in real time. The integration of CI dramatically increases protection capacity while reducing resource consumption.
- Signature files: Reactive protection based on a list of known malware which is automatically updated every 15 minutes.
The combination of reactive and proactive techniques reduces the risk window and makes Panda perimeter devices the most up-to-the-minute network protection.
Anti-malware protection in operation
Implementation. Involves the following phases:
- Installatione: Configured in no more than 15 minutes thanks to the ease-of-use of the console.
- Scanning and disinfection: After installation, it immediately scans all inbound and outbound traffic, applying the actions defined by the administrator.
- Incremental Signature Updates: Every hour, it downloads only new malware signatures patch, automatic and transparently.
- Local Updates: It connects to a local server to check and download the new updates, instead of connecting to the Internet, for restricted security networks.
Action on malware. The administrator decides what action to take on any malware detected:
- Disinfect: The file with the malware will be disinfected
- Delete: The infected file will be deleted.
- If the malware is contained in an attachment in an SMTP email, the options include:
- Deleting the entire message.
- Deleting just the attachment.
Scanning. The administrator decides on the configuration of the protection:
- Protocols to scan: HTTP, HTTPS, FTP, SMTP, POP3, IMAP4 and/or NNTP.
- Types of malware detected:
- Trusted sites: Internal domains excluded from the anti-malware scan to improve performance.
- Complete proactive real-time protection: It prevents all types of malware from entering the network by scanning the seven most widely used communication protocols (HTTP, HTTPS, FTP, SMTP, POP3, IMAP4 and NNTP).
- Optimized bandwidth and resources: Reduces the workload on company servers by eliminating non-business related and potentially dangerous traffic and by optimizing bandwidth usage.
- Prevents damage to corporate image: Stops malware from being sent out from the company and prevents installation of programs that can do this.