Network Box s e c u r i t y i s a s e r v i c e
The Internet never sleeps, attacks are absolutely relentless, twenty-four hours a day, all year round.
Network Box UTM+ Comprehensive Internet Threat Protection Firewall (State-of-the-art Hybrid Design) VPN (Virtual Private Networking) IDP (Intrusion Detection and Prevention) Multi-Layered Anti-Virus Gateway ( + M-Scan) Multi-Layered Anti-SPAM Gateway Multi-Layered Anti-Spyware Gateway Multi-Layered Content Filtering Gateway Company Policy Enforcement Gateway Traffic Shaping, Policing and Quality of Service Control Real-Time, PUSH Update Technology (updates in under 45 seconds) Real Time, Weekly, and Monthly, Automated Report Generation Real Time, in-the-cloud, Management and Monitoring
The number of security updates required each day is growing rapidly, and these updates are critical. Real-Time Updates: Intrusion Detection and Prevention Security Patches; Malware Signatures; SPAM Signatures; Content Filtering Database 1200 1000 800 600 817 1044 400 388 512 200 0 8 12 20 53 104 162 223 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 Statistics Network Box Security Operations Centre Mean Average Updates, Per Day
Traditional Anti-Virus Engines Typical anti-virus industry practice, is to release malware signatures to clients only several hours after a virus first appears. The virus sample has to be obtained. Then the virus sample has to be analyzed. Anti-virus signatures then have to be produced. Prior to release, these signatures have to be validated. Often that validation needs to be done across multiple platforms. Only if additional iterations are not required, are the signatures released. Of course, in most cases, released is not the same as in production. Client systems will still need to download the updates. It is not unusual for this type of process to take between three to twelve hours. Which is just not fast enough.
The anti-virus engine is completely different. The signature cycle is brought down from several hours, to just a few seconds. Virus samples are obtained in real-time, from over 150,000 traps which are in-the-cloud, waiting for virus attacks to occur around the clock. Multiple samples, from different sources, of the same suspicious object, are correlated in real-time, to ascertain a confidence level. Once the confidence level reaches a pre-set limit, suspicious samples are automatically escalated to security teams for in-depth analysis of the outbreak and formal signature release. The confidence levels are published in a global real-time database and queried by a module on each Network Box in real-time. Real world performance monitoring, shows that can achieve signature release times of under 3 seconds.
Malware Writer s
Zero Day Virus Malware Writer s
Zero Day Virus Malware Writer s Command and Control System Malware Writer s
Zero Day Virus Malware Writer s Command and Control System Malware Writer Bot-Net s
Zero Day Virus Malware Writer s Command and Control System Malware Writer Bot-Net s
Network Box Security Response Outbreak System M-Scan Lab s
Outbreak System Network Box Security Response Outbreak System M-Scan Lab s
Outbreak System USA Region European Region Signature Servers Asian Region
Network Box Client Gateway Outbreak System USA Region European Region Signature Servers Asian Region
Network Box Client Gateway Outbreak System USA Region European Region Signature Servers Asian Region
Z-SCAN Anti-Virus Comparison M-Scan Typical AV Engines Total 1 16 1 Current Signature Total 100+ 5 Million+ 3,500 2 Million Malware Gathering Real Time Real Time Batch Processing Update Technology Used In-The-Cloud PUSH PULL Typical Signature Creation 1 30 Seconds 10-120 Minutes 3 12 Hours Typical Signature Release 2-3 Seconds 30 45 Seconds Hourly / Daily Expected Best Response Time 3 Seconds 10.5 Minutes 3.5 Hours
Z-SCAN Anti-Virus World Class Technology servers are active right across the globe, and work seamlessly with Network Box s existing award winning M-Scan Anti-Virus systems Over 150,000 virus traps are already deployed Ultra high speed zero-day virus response Best response times ofjust 3 seconds Performance 4,200 times faster than typical gateway anti-virus systems; which are protecting the majority oforganizational networks today