 |
|
Astaro Firewall - Email Security
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
| Choose a SOFTWARE or APPLIANCE SOLUTION |
Virus Protection for Email
Astaro’s Virus Protection for Email application detects and blocks viruses in email traffic. It scans inbound and outbound email messages and email attachments carried overVirus Protection for Email employs multiple detection methods and a database of over 100,000 virus signatures to ensure high accuracy and excellent performance.
Dual Virus Scanning Engines
Astaro provides an extra margin of safety by including two virus scanning engines in sequence.
Virus detection technology and signature databases from the ClamAV Open Source project and from anti-virus industry leader Kaspersky Lab provide a double layer of protection.
Signature updates from ClamAV’s extensive user community, and from Kaspersky Lab’s renowned international antivirus research team, ensure that new malware threats are identified and blocked as soon as they appear.
High Accuracy
Astaro’s anti-virus utilizes three independent detection methods to catch the widest
possible range of viruses:
Virus signatures: Email messages and attachments and web traffic are compared with known patterns contained in an extensive virus database. |
Heuristics: Sophisticated rules detect patterns and behavior that resemble known classes of viruses. |
Emulation: Suspicious code is executed in a protected environment, for example by unpacking archived files and by running scripts and macros. |
Flexible Management
With Astaro’s Virus Protection for the Web, virus signatures can be updated
automatically as often as hourly.
- Select which file formats to block in email attachments. |
- Select text strings to use to identify unwanted messages. |
- Specify that questionable messages should be quarantined for later evaluation or dropped. |
Reports and detailed logs help administrators troubleshoot and identify patterns of activity.
Complete Coverage
Astaro’s Virus Protection for Email can open and scan more than 700 formats of archived and compressed files. Hackers and virus writers can not use obscure formats or complex archiving programs to sneak viruses into internal networks.
Spam Protection
Astaro’s Spam Protection application detects and blocks unsolicited emails.It uses multiple detection methods to pinpoint spam types while minimizing “false positives”.
It performs a series of tests and assigns a “spam score” to each message indicating the probability that the message is unsolicited. Messages whose score exceeds thresholds set by the administrator are dropped, returned to the sender, passed to the recipient with a warning, or quarantined.
Accurate Identification of Spam
Astaro’s Spam Protection utilizes nine methods to pierce the disguises used by professional spammers
| Realtime Blackhole Lists (RBLs) and spam databases: Email addresses are checked against databases of known spammers. | |
| Header Analysis: The header section of emails are checked for false or altered information and addresses with invalid characters. | |
| Body Analysis (Heuristics): Words and word patterns typical of spam are identified. | |
| SPF record checking: Rejects emails coming from a false “Mail From” address. | |
| URL Scanning: URLs within emails are checked against a database of known spam URLs. | |
| Greylisting: Unknown mail servers are asked to resend messages before they are accepted. | |
| BATV Reverse Path Signing: Blocks emails from being “bounced back” to an email server unless they really originated there. | |
| Whitelist and Blacklist: The administrator can list email sources known to be legitimate and illegitimate. |
The results of all tests are incorporated in a “spam score” that indicates the probability that the message is unsolicited.
Management Control
In addition, a digest of blocked messages can be sent to each user daily. If the user sees an email that was incorrectly blocked, he or she can click on a link and receive the email automatically. |
|
- Performing spam testing, virus scanning and packet filtering on the same system eliminates delays vectoring files to separate systems.
- Local whitelists, blacklists and network configurations can be entered just once and shared by all of Astaro’s security applications.
- Reports track statistics on email messages processed, their size and spam score, and the number of viruses found.
Working with the Email Server
Astaro Security Gateway software can add headers to email messages so that a recipient email application can take specific actions, such as sending suspicious email messages to a “spam” folder on an email user’s desktop. Information added to email headers can include:
| - A spam flag | |
| -The "spam score" | |
| -Expression match (flag that the message contains suspicious text) | |
| - RBL warning (flag that the message comes from a domain identified in a Realtime Blackhole List) |
Phishing Protection
Phishing emails mimic legitimate messages from financial institutions, web merchants, and other sources in order to mislead users into sending confidential information to criminals.
While most attacks are designed to capture personnel information, there is increasing potential for phishing methods to be used to capture user IDs, passwords, and other confidential information that could aid hackers in penetrating corporate databases.
Astaro’s Phishing Protection application detects and blocks emails that attempt to capture confidential information that can be used for identity theft, fraud, and attacks on corporate networks.
Accurate Identification of Phishing
Astaro’s Phishing Protection utilizes a variety of
methods to identify and block Phishing emails:
Text in emails is compared with known examples of Phishing messages. Messages containing known phishing patterns are blocked before they reach the user’s inbox. |
Phishing emails contain links to fraudulent web sites. Users who click on these links will be prevented from reaching the phishing web site if Astaro’s Content Filtering application (part of the Web Security Subscription) is set to block links that are uncategorized or that are categorized as “suspicious.” |
Content downloaded from web sites will be blocked if it matches patterns of phishing content. |
 |