Anti-XThe amount of electronic information being generated and stored in messaging and collaboration systems has increased and has become more broadly distributed. In addition, a rapidly changing threat landscape and the complexity of malware behavior have created significant risks for enterprises.
Because information flows through a variety of channels such as email, IM, and portal environments, businesses must ensure that this does not create added risk from viruses, worms, spam, and other unwanted content. Protection requires powerful solutions at the critical points where data is exchanged.
- New methods of spreading – starting from local drives and network shares, viruses and other malware use mail, web, IM, application servers and other complex methods to attack their targets;
- Polymorphics - a virus can change its byte pattern when it replicates and is able to avoid detection from simple string-scanning anti-virus techniques;
- Rootkits - a component that uses stealth to maintain an undetectable presence on the machine;
- Advanced evasion techniques - a number of programs, such as adware, spyware, misleading applications, and other programs that users may not want on their systems;
- Zero-day attacks –are based on vulnerabilities in programs. Once vulnerability is known, malicious-code authors can take advantage of this security hole by launching attacks before a patch is available or before administrators have time to test and deploy a patch.
- Real-time scanning capabilities automatically detect and remove spyware that attempts to run or install itself on a machine
- Automated functions for cleaning, quarantining or blocking malware
- Effective protection from spyware and adware
- Advanced enterprise-wide virus protection and monitoring from a single point
- Integration with corporate mail systems: SMTP, Microsoft Exchange, IBM Lotus Domino
- Protection on corporate web, application and file servers
- Tamper protection guards against unauthorized anti-virus access and attacks, protecting users from viruses that attempt to disable security measures
- Anti-spam functionality for mail systems.
Recent analyst studies report that up to 80% of electronic mail all around the world is spam or other unwanted content. This content is used to attract a tiny fraction of people needed to respond to such messages but it makes spamming a highly profitable business. As well as a transaction that can make money for the sender, spam is often a conduit for fraud and identity theft. Techniques to spread spam are used heavily to produce phishing attacks where the direct losses of the target can be huge.
Employees waste time dealing with spam, whether they delete it, fine-tune their spam filters, or check their quarantine folders. The occasional important email that gets erroneously quarantined or deleted frustrates users and slows down business. The spam strains your email infrastructure and telecommunication links. Industry and government regulations govern the retention of electronic transactions and messages; the spam messages stored in a mail archive waste additional resources in organizations.
Spam attacks are more intense and agile than ever before, as spammers seek to evade detection by anti-spam defenses. Botnets have become the preferred way to send spam, because spammers can easily send massive amounts of spam with minimal investment.
Since spammers are in business to make money, they must provide contact information to make the sale. The spam message usually includes a telephone number, a link to a web site, or a postal address. Anti-spam products can use this contact information as a way to identify and block these messages.
Spammers have plenty of tactics to get their messages to bypass the anti-spam filters
- Modification of the URI – spammers try to camouflage their message or phish the victims. Another common technique involves constantly changing domains, e.g. a changed domain in a spam message;
- Image-based spam – that contains spam information or URI to spam sites are hardly detected by common anti-spam filters. Spammers use graphic file modifications to bypass less advanced scanners;
- PDF-based spam – while HTML or plain text is easy to scan, PDF format is widely used but is much more difficult to scan inside the mails;
- Obfuscate the content – by using misspelled words and numbers, spammers try to bypass filters;
- Modification of e-mail fields – by changing the mail massage structure or protocols, spammers try to bypass filters and present their message as coming from a trusted source – i.e. phishing;
- Adding ordinary text to a message – with big chunks of random text inside the message, spammers try to reduce the possibility of content being treated as spam by statistics-based filters.
Spam should be stopped as near to source as possible to minimize the impact inside corporate networks. Multiple proactive and reactive methods should be used simultaneously.
Leading anti-spam protection companies develop proactive solutions, such as domain-name reputation technology, heuristics, and integrity analysis to detect and block spam, phish, and other malicious messages and to provide zero-day detection of new spam.
Proactive technologies effectively identify and block a large percentage of zero-day spam, but some spam can evade proactive techniques. For this reason, there are also reactive technologies to identify spam shortly after a campaign has begun. Reactive techniques based on frequent and accurate updates help with IP reputation filtering lists, URI monitoring updates, and DNS blocking lists to stop spam.
Organizations face a complex challenge in securing the IT environment they rely on to conduct business. Gateway firewalls and anti-virus software alone cannot protect against the complex malicious code that threatens the IT infrastructure.
Web filtering software is an integral part of any enterprise security system. Web filtering can help organizations balance employees’ personal internet needs while decreasing the risk of legal liability, maintaining adequate network bandwidth levels, and increasing productivity.
Web Filtering and Legal Liability
Internet use can expose organizations to legal liability when employees engage in illegal or inappropriate activities. Web filtering software can help organizations define and enforce internet use policies that prevent employees from engaging in inappropriate behavior.
Web Filtering and Bandwidth Consumption
Organizations can experience decreased network capacity or system downtime when too many employees use bandwidth-intensive applications, like streaming media or internet radio. Web filtering software can help organizations define and enforce internet use policies that ensure available bandwidth for business-critical applications.
Web Filtering and Productivity
With the entire world available at their fingertips through the internet, employees can be distracted by non-work related or unproductive activities. Web filtering software can help organizations define and enforce internet use policies suited to their culture and business processes.
With the implementation of web filtering solutions from leading companies like Websense, S&T can offer IT organizations comprehensive protection and solutions which:
- Provide comprehensive and accurate web filtering,
- Allow IT administrators to set custom policies to manage employee internet, network, and application use, balancing work-related and personal internet use,
- Minimize the effort required to set, enforce, and maintain internet use policies through an easy-to-use central management console,
- Allow for customization of report templates, blocking of pages, and web page category names.