2Web, Messaging & Infrastructure Security Web, messaging and infrastructure protection ― part of corporate network protectionEndpoint SecurityWeb, Messaging & Infrastructure SecurityGatewaysAdministration ServerPresentation is about protection of File Servers and Storages, Mail servers and Gateways, which are just a part of corporate infrastructure.Mail ServersWorkstations & Mobile DevicesFile Servers
3Ι. ΙΙ. Contents Approach to Business IT Security >> Solutions & Applications >>ΙΙ.
5The key points of modern antivirus security 1Cost of protection2New sources of threats and security trends3Multi-platform infrastructures4Efficiency of administration5Various customer needs6Reliable vendor support
61 Cost of protection Potential damage from infection Cost of AV/AS solutionData lossReputation risksInterrupted business processesEmployee downtimeCleaning costsAV/AS software licenseDeployment and installationAdministrator’s time for maintenanceUsage of system resourcesTechnical support – time to reactLocal language supportKL solutions minimize TCOThe best protection: no infection = no cleaning costsNeeds very little CPU and memory = optimal usage of system resourcesEasy to manage, less manpower neededReacts faster than any competitor to new threats, answers phones faster on support callsSubsidiaries in all major geographic regionsFull range of security solutions from Endpoint to Cloud from a single provider
7New sources of threats and security trends 2New sources of threats and security trendsCloud servicesVirtualizationWeb 2.0IT consumerizationMobile devicesCompliance & audit requirements
10Efficiency of administration 4Efficiency of administrationScan settingsUpdateProtection statusReportingInstallationAlertsCentralized administration tool for corporate infrastructure
11Various customer needs 5Various customer needsEnterpriseSMBExternal IT security expertiseTotal cost of ownershipAcquisition costBox solutionGlobal maintenance contractsNeed for system resourcesSystem resources load during scans and updates
12Reliable vendor support 6Reliable vendor supportIVProblem Resolution incident, problem and quality managementIIIKnowledge Transfer information about KL products, educational materialsIIProactive & Self-Help Services available at KL Support Portal on a 24×7 basisIProduct Improvement and Innovation antivirus database, updates and upgrades
13Kaspersky benefitsBest corporate malware protection for multi-platform IT infrastructure from world-class experts Optimized and cost-effective security plans to maximize business productivity and lower the total cost of ownership Efficient manageability solutions with wide inter-operability capability Future-proof strategy anticipating threats and trends for total longer term reassurance Trusted, fast and responsive global support plans Award-winning certified technologies >>
14West Coast Labs certification West Coast Labs - global leader in technical research, testing and Checkmark Certification of information security products and servicesWCL tested Kaspersky corporate products over a period of 3 monthsProducts underwent performance testing (in real-time against malware threats from a variety of attack vectors)Checkmark Platinum Product Awards for all new applicationsWCL carried out comparative testing of Kaspersky products against key competitors
17Security for File Servers Protection against all types of malicious programs for servers running underMicrosoft WindowsLinux and FreeBSDNovell NetWareReliable protection for shared file storage is essential, because a single infected file on a server can affect every computer on your corporate network. However, if your organization uses servers running different platforms, this can be costly and difficult to manage.Kaspersky Security for File Server offers cost-effective protection for servers running on Microsoft Windows, Linux and Novell NetWare - providing a single, effective security solution for multi-platform server networks that protects against all types of malicious programs.
18Solution benefits Popular server platform support High performance with a new antivirus engineReliable anti-malware protectionPowerful manageability and reporting systemComplex network infrastructure supportPopular server platform support Designed to work with the complex network infrastructures of modern organizations, the product offers world-class anti-malware protection for file servers running Windows, Linux, Novell NetWare and FreeBSD.High performance, low impact With a new antivirus engine, load balancing of server resources and optimized scanning, the product delivers High Value world-class corporate anti-malware protection for multi-platform IT infrastructures with no noticeable impact on system performance.Reliable anti-malware protection Whatever the size of your organization, you need to know that your anti-malware solution has been developed by a company that takes a focused approach to world-class multi-layered protection. With Kaspersky Security for File Server, if your system malfunctions or is forced to shut down, our solution will restart automatically, maintaining High Value world-class anti-malware protection for your infrastructure, while you get to the root of the problem.Powerful manageability and reporting system Managing IT security over a complex network can be time-consuming. Our solution comes from a product family based on a uniform set of world-class anti-malware and other core technologies that provides user-friendly management tools, accessible security status information and simple reporting systems, to make managing your IT security easier than ever.Complex network infrastructure support The solution protects terminal servers (Citrix, Microsoft) and runs on cluster servers, providing efficiencies to customers through manageability, interoperability and optimizing costs and resource allocation.Virtualization support Kaspersky Security for File Server comes with VMware Ready certification - proven reliability for virtual environments, backed up by trusted, fast and responsive global support plans.Multi-system network protection The solution provides high levels of anti-malware protection for heterogeneous networks running different operating systems simultaneously, for example, Linux and Windows.Multi-system network protectionVirtualization support: VMware Ready
19Applications inside KS for File Server KAV for Windows Server Enterprise EditionKAV for Linux File Serverv. 8.0v. 8.0KAV for Novell NetWareKAV for Windows Server
20KAV 8.0 for Windows Server Enterprise Edition: Highlights New Anti-Virus Engine 8.0Supports Windows Server 2008 R2 and Microsoft Hyper-V Server 2008 R2VMware readySupports HSM systemsCitrix ready, including the latest XenApp 6.0Modern corporate networks are complex systems that typically consist of terminal servers, server clusters and other types of nodes.Infrastructure like this demands the highest levels of protection, with file servers requiring dedicated software that won’t just protect data from the latest malware, but will also provide uninterrupted performance under the heaviest load conditions with minimal effect on network efficiency. Kaspersky Anti-Virus for Windows Servers Enterprise Edition has been developed specifically for networks like this, making it easy to protect your most valuable business resources today and in the future.In modern heterogeneous networks, a single virus can spread very quickly as it is virtually impossible to isolate a newly detected network infection immediately. Corporate users often place various files into file storages, thus exposing all nodes on the corporate network to risk, from workstations to shared file storage facilities.New! Support for Windows Server 2008 R2 Compatible with the popular Windows Server 2008 R2 - including the Server Core installation option and Microsoft Hyper-V Server 2008 R2 - Kaspersky Anti-Virus for Windows Servers Enterprise Edition can provide high-level protection to the most modern networks, no matter how big your organization is.New! VMware Ready Certified compatible with the VMware virtualization platform; providing antivirus protection of both real and virtual (guest) operating systems.New! Support for HSM systems Compatible with disk storage management systems (Hierarchical Storage Management), it provides antivirus protection for file systems with even the most complex hierarchies.
21KAV 8.0 for Windows Server Enterprise Edition: Features Effective protectionAlways-on antivirus protection and on-demand scanningProactive protection from malwareScanning of the operating system’s critical areasFlexible scan settingsTerminal server protection >>Cluster support >>High performanceSchemes are under hyperlinks on slides 24 and 25Always-on antivirus protection and on-demand scanning Every file that is launched or modified is scanned, with any suspicious objects treated, deleted or quarantined. You can also launch targeted scans of any suspicious areas.Proactive protection from malware Advanced anti-malware protection identifies malicious programs even if they are not yet on IT security providers’ antivirus databases.Critical area scanning A dedicated task can be run to scan the areas of your operating system most exposed to infection, such as autorun files and RAM.Flexible scan settings Scan settings allow you to set the depth of protection, specify which file types must always be scanned and preset responses to suspicious and infected objects, according to threat type.Terminal server protection With protection for Microsoft Terminal Services and Citrix XenApp servers, end-users working in desktop/application publishing modes remain protected, and are notified of events using the terminal services tools. This also ensures that actions performed on end-users’ files and scripts are audited.Cluster support Designed to work with complex server cluster architecture, Kaspersky Anti-Virus for Windows Servers Enterprise Edition protects both local disks and the cluster’s shared disks, currently owned by the protected node.Third-party compatibility Seamlessly integrates with dedicated server software such as IBM Tivoli, Symantec Enterprise Vault and HP Data Protector. Kaspersky Anti-Virus for Windows Servers Enterprise Edition is compatible with Citrix XenApp and has been awarded a Citrix Ready certificate.Flexible administration
22KAV 8.0 for Windows Server Enterprise Edition: Features Effective protectionScalabilityReliability – works under heavy loadsLoad balancingSelection of trusted processesUninterrupted server operationHigh performanceScalability To ensure server requests are processed as quickly as possible, administrators can specify the number of antivirus threads on multiple-processor servers.Load balancing To limit server load, resources can be allocated between the antivirus and other applications according to pre-assigned priorities: antivirus scanning can also run in background mode.Selection of trusted processes Administrators can choose to exempt secure processes such as data backups or defragmentation of the hard drive.Uninterrupted server operation A server reboot is not required when antivirus protection is installed or updated.Flexible administration
23KAV 8.0 for Windows Server Enterprise Edition: Features Effective protectionWide choice of management tools: Admin Kit; MMC; command lineCentralized installation and managementRole-based administrationFlexible setting of scan timesNotification and reporting systemHigh performanceSelection of management tools. The application can be managed either directly or remotely via the Microsoft® Management Console, the Kaspersky Administration Kit, or by using the command line. The latest version of the product provides an intuitive graphical interface for the Microsoft® Management Console.Centralized installation and management Compatible with the latest version of Kaspersky Administration Kit - a centralized administration management tool that enables you to install and configure the application remotely, manage operations and receive updates.Control over administrator privileges To comply with department-specific or internal security requirements, privilege levels can be assigned to each server’s administrator.Flexible setting of scan times Decide when your scans start and finish - for maximum server resource availability and minimum disruption to business operations.Notification system Administrator notifications are supported via the messaging service or . The application is integrated with Simple Network Management Protocol (SNMP) and can operate with Microsoft Operations Manager (MOM) or the administrator can monitor the application’s operation by reviewing Microsoft Windows or Kaspersky Administration Kit event logs. Flexible search tools and filters can also be used to search for information in large-volume logs.Flexible administration
24KAV 8.0 for Windows Server Enterprise Edition: Cluster protection Server clustersKAV 8.0 for WSEE can be installed on clusters of servers working in Active/Active and Active/Passive modes. The solution helps ensure the server operates correctly when resources migrate between cluster resources (failover/failback situations).The cluster is protected completely when KAV 8.0 for WSEE is installed on each node of the corporate network. The application protects the file server system’s local disks and the cluster’s shared disks currently owned by the protected node.Advantage: the product is completely suited to the complex server cluster architecture typically found in large companies.Protects server clusters in complex heterogeneous corporate networks
25KAV 8.0 for Windows Server Enterprise Edition: Terminal server protection Terminal connectionsKAV 8.0 for WSEE protects Microsoft Terminal and Citrix XenApp servers (formerly Presentation Server). This feature helps:Protect terminal users working in desktop/application publishing modesNotify terminal users of events using the terminal services toolsAudit actions performed with terminal users’ files and scriptsNew! Certified Citrix XenApp: Citrix Ready for XenApp 6.0 compatible.Advantage: the solution is flexible enough to protect the infrastructure of terminal servers as effectively as it does regular servers.Protects Microsoft and Citrix terminal servers in modern complex corporate networks
26KAV 8.0 for WSEE vs. competitors Features/CompetitorsKAV for WSEESymantecEndpoint ProtectionTrend MicroServer Protect McAfeeVirusScan EnterpriseCentralized managementVVVVWindows Server R2 supportVVVVTerminal server support (MS, Citrix)VVVVCluster supportVVVVBack-up application supportVVXXVMware ReadyVVVX
27Applications inside KS for File Server KAV for Windows Server Enterprise EditionKAV for Linux File Serverv. 8.0v. 8.0KAV for Novell NetWareKAV for Windows Server
28KAV 8.0 for Linux File Server: Product diagram KERNELSMB / CIFSExtended File SystemFTPODSHTTPNFSLocal File SystemNSSLarge corporate networks that use file servers running on different platforms can be a real headache when it comes to antivirus protection. Kaspersky Anti-Virus 8.0 for Linux File Server is part of our range of new and refreshed products, solutions and services for heterogeneous networks. It provides a cost-effective solution, with Samba server integration and other features that can protect workstations and file servers in even the most complex heterogeneous networks. It is also certified VMware Ready and supports current versions of FreeBSD for integrated, future-proof protection.The architecture of Kaspersky Anti-Virus 8.0 for Linux File Server provides multilayered protection for file servers in Linux/heterogeneous networks, functioning simultaneously on the entire file system level and on the level of the SMB/CIFS data transfer protocol (Samba server).The main antivirus module – a kernel-level interceptor – protects the server file system in real time. Protection extends to both local resources and remote resources built into the server file system that can be accessed using a variety of data transfer protocols.Cost-effective solution. With Samba server integration and other features, file servers are protected in even the most complex heterogeneous networks
29KAV 8.0 for Linux File Server: Highlights New Anti-Virus Engine 8.0Kaspersky Web Management ConsoleOptimized antivirus scanning technology >>Exclusion of trusted processes from scanningReliabilitySupport for FreeBSDVMware ReadyNew! Kaspersky Web Management Console A dashboard in the new Web Management Console displays data on the application’s status in real-time, as well as helping to configure and manage its operation.High Performance The new antivirus engine provides server resource load balancing, optimized antivirus scanning technology and the facility to exclude trusted processes from scanning. These features increase the product’s performance and reduce the amount of system resources required to perform antivirus scans.Reliability Reliable anti-malware protection is ensured as the application restarts automatically if it malfunctions or is forced to terminate.New! Support for FreeBSD The application supports current versions of FreeBSD which significantly extends its capabilities as it can be used to provide powerful anti-malware protection to networks with less conventional operating systems.New! VMware Ready Kaspersky Anti-Virus for Linux File Server comes from a product family based on a uniform set of anti-malware and other core technologies. It protects any files stored on Linux / FreeBSD-based file servers regardless of whether the server is running on a physical machine or a guest virtual machine.
30KAV 8.0 for Linux File Server: Features Effective protectionImproved antivirus engineReal-time protection and on-demand scanningQuarantine and backup storageVersatile protection of file servers ― Linux, FreeBSD and SambaNew!High performanceNew!New! Powerful antivirus engine New heuristic technologies combined with traditional signature-based malware detection methods help to dramatically improve the efficiency of malicious object detection and ensure proactive protection against new malicious programs.Real-time protection and on-demand scanning The application scans all files that are launched, opened or modified and disinfects or deletes all infected files. Furthermore, suspicious files and content are isolated in a quarantine area, allowing further analysis to be performed. The application scans specified areas of the system according to a schedule or on-demand, for complete anti-malware protection.New! Quarantine and backup storage When a suspicious object is detected, the program places it in quarantine. If the product treats or deletes an infected file, a copy of the original is placed in backup storage. The file is backed-up in its original format together with all of its attributes. This means that regardless of the actions taken by the antivirus program, document workflows are not interruptedFlexible administration
31KAV 8.0 for Linux File Server: Features Effective protectionServer load balancingUninterrupted server operationRegular database updatesExclusions of trusted processes of trusted processes from scanningHigh performanceServer load balancing The program helps balance the use of server resources between the antivirus system and other applications according to task priorities. For example, antivirus scanning can be performed in background mode while server software is being updated, helping to reduce server downtime.Continuous server operation The server does not need to be rebooted when the antivirus program is installed or updated. This is an important issue for most corporate networks where rebooting the server is undesirable, or simply not an option. Continuous running of the server software ensures uninterrupted operation of your company’s business processes.Database updates Updating the antivirus databases can be carried out on-demand or automatically from Kaspersky Lab servers or your local servers. The program automatically selects the least loaded update server. Alternatively, updates can be downloaded from the Kaspersky Administration Kit server which means the update installs faster and reduces the volume of inbound traffic in cases when several Kaspersky Lab products are installed on the network.Exclusions of trusted processes This wide range of settings allows optimization of server loads and ensures flexible management of corporate network security.Flexible administration
32KAV 8.0 for Linux File Server: Features Effective protectionCentralized installation and administrationWide choice of management toolsEasy installationFlexible scan settingsPowerful reporting systemNotifications about security eventsNew!High performanceNew! Centralized installation and administration System Administrators can use the Kaspersky Administration Kit – a centralized management system – to configure and remotely manage the application on several servers at once.Wide choice of management tools Administrators can also choose the most convenient management tool for them from Kaspersky Web Management Console, Kaspersky Administration Kit or command-line management.Easy installation Installing the product only takes a few minutes and requires the installation of just one package.Flexible scan settings The application offers a wide range of settings, allowing administrators to:Adjust the level of antivirus protectionAssign different settings to different users accessing protected objects on the file serverSpecify scanning exceptionsAssign specific actions for suspicious or infected objects, including by threat typeLaunch scans according to the most convenient scheduleThis wide range of settings allows optimization of server loads and ensures flexible management of corporate network security.Reporting system Administrators can control the application using graphical reports via the web console in PDF or XLS format, or via the Kaspersky Administration Kit. Using the command line, they can view reports in HTML or CSV format for specific components.Notifications about security events The application comes with an extensive list of events which the administrator can be notified about by SMS, IM and SMTP, or via the Kaspersky Administration Kit. The application supports Simple Network Management Protocol (SNMP).Flexible administration
33KAV 8.0 for Linux File Server vs. competitors Features/CompetitorsKAV for Linux File ServerSymantecEndpoint ProtectionTrend MicroServer Protect for Linux McAfeeVirusScan EnterpriseCentralized managementVVVVNovell OES 2 and NSS supportVVVVSamba protectionVXVVFree BSD supportVXVVWeb management consoleVVXXVMware ReadyV
34Applications inside KS for File Server KAV for Windows Server Enterprise EditionKAV for Linux File Serverv. 8.0v. 8.0KAV for Novell NetWareKAV for Windows Server
35KAV for Novell NetWare: Features Effective protectionReal-time protectionOn-demand scanningBackup copiesQuarantine for dangerous objectsHigh performanceKaspersky Anti-Virus for Novell NetWare was expressly developed to provide antivirus protection for file servers running under the Novell NetWare operating system.Real-time protection. The application provides real-time protection from malicious programs, scanning files for viruses and treating or deleting infected objects as necessary.On demand scanning. Antivirus scanning of the server’s file system can be carried out on a schedule or on demand.Backup copies. Before objects are treated or deleted, backup copies can be saved, so that administrators can later use information from them for future investigation.Quarantine for dangerous objects. Any dangerous or potentially dangerous objects detected by the application can be stored in the quarantine folder.Flexible administration
36KAV for Novell NetWare: Features Effective protectionMulti-thread virus scanningMulti-processor supportLoad managementHigh reliabilityHigh performanceMulti-thread virus scanning. Multi-thread scanning helps increase overall performance, since it enables processing of requests from a number of workstations simultaneously. The speed and scope of scanning are only limited by the hardware capabilities of the server.Multi-processor support. In order to increase antivirus performance in a multi-processor environment, the application allows administrators to launch several antivirus engine processes simultaneously, taking advantage of distributed data processing.Load management. The application allows the administrator to control the program’s use of the server’s central processing unit, which directly affects program performance.High Reliability. The new generation solution for Kaspersky Anti-Virus for Novell NetWare launches the antivirus engine in a protected address space. Such an approach increases application reliability since application programs and the file server are not affected in the event of any malfunctions during file scanning.Flexible administration
37KAV for Novell NetWare: Features Effective protectionCentralized and remote administration via Console One or using Kaspersky Administration KitEvent notifications are available over the Novell NetWare network or viaDetailed reportsRegular database updates automatically or on demandHigh performanceCentralized and remote administration. The application integrates seamlessly with the Novell Directory Service (NDS), which means that the program can be administered via ConsoleOne and the web management interface. This allows system administrators to remotely install and configure the basic settings for the application on several servers at once using Kaspersky Administration Kit.Event notifications. Administrators can receive notifications of results from antivirus scanning, as well as warnings when malicious objects are detected, over the Novell NetWare network or via .Event log. The application compiles detailed reports using the results from on demand antivirus scanning, real-time protection and antivirus database updates.Automatic database updates. Antivirus database updates can be made automatically (on schedule) or on demand. If there is an error in a file download, then the program automatically chooses an alternative Kaspersky Lab update server.Update management. Once antivirus database updates have been received, they can be distributed to other servers on the network. Backup copies of update files are created, so that the database can be rolled-back to a previous version (if, for example, data is damaged during download).Flexible administration
38Applications inside KS for File Server KAV for Windows Server Enterprise EditionKAV for Linux File Serverv. 8.0v. 8.0KAV for Novell NetWareKAV for Windows Server
39KAV for Windows Server: Features Effective protectionReal-time antivirus protection and on-demand scanningQuick scanning of critical system areasPrevention of malware epidemicsIsolating infected computersSystem recovery after infectionHigh performanceKaspersky Anti-Virus for Windows Servers protects data on servers running under Microsoft Windows from all types of malicious programs.Real-time antivirus protection and on-demand scanning: Kaspersky Anti-Virus for Windows Servers scans all files that are launched, opened and/or modified and disinfects or deletes all infected files. Furthermore, suspicious files or content is isolated in a quarantine area prior to undergoing further analysis. The application scans specified areas of the system according to a schedule or on demand.Quick scanning of critical system areas: The application can scan those areas of the operating system that are more susceptible to infection as a separate task. For example, scanning startup objects helps prevent malicious code from launching during system startup and detects hidden processes. Other areas that are deemed critical to server security can also be selected for scanning.Prevention of malware epidemics: The application records any malware attacks, which helps the system administrator to react promptly by launching a scan, updating the antivirus database or switching to an increased level of security.Isolating infected computers: If a workstation on the network becomes infected, the application blocks the user from accessing server resources for a certain amount of time. During this period, the administrator can identify the source of infection and treat it.System recovery after infection: After a malicious program is detected and deleted, Kaspersky Anti-Virus for Windows Servers also deletes all of the records created by the malicious program in system files or the system registry. This prevents any possible malfunctions in the operating system.Flexible administration
40KAV for Windows Server: Features Effective protectionScalabilityLoad balancingSelection of trusted processesUninterrupted server operationHigh performanceScalability To ensure server requests are processed as quickly as possible, administrators can specify the number of antivirus threads on multiple-processor servers.Load balancing: The application allows administrators to regulate the allocation of server resoubrces between the antivirus solution and other applications depending upon task priority levels; antivirus scans can continue in the background mode.Selection of trusted processes: The system administrator can exclude safe processes from scans, especially if they are slowed down by antivirus scanning (e.g., backup copying, hard drive defragmentation, etc.).Uninterrupted server operation A server reboot is not required when antivirus protection is installed or updated.Flexible administration
41KAV for Windows Server: Features Effective protectionCentralized installation and control: Admin Kit; MMC; command lineInformation about server protection status via new dashboardInformation about the application’s statusFlexible time settings for scansPowerful reporting systemRegular database updatesHigh performanceCentralized installation and control: Kaspersky Administration Kit – a centralized administration tool – can be used to install applications and change settings remotely for several servers at once and to control the application after installation. The application can also be managed via Microsoft Management Console or using the command line.Information about server protection status: A new dashboard display provides information about the application in real time. Information about the current status of antivirus protection allows IT specialists to react immediately to any incidents in the system.Information about the application’s status: The application comes with an extensive list of events which the administrator can be notified of using a messenger service or via , with support for the Simple Network Management Protocol (SNMP) and the Microsoft Operations Manager (MOM).Flexible time settings for scans: In order to optimize the use of server resources and maximize convenience for users, the system administrator can assign the exact time for an antivirus scan to begin and end, which means on-demand scans can be performed at times when corporate servers are not overloaded, e.g., at night or weekends.Reporting system: The system administrator can control the application using reports and by reviewing the Microsoft Windows or Kaspersky Administration Kit event logs. A search function and filters make it quick and easy to locate information in large logs.Database updates: Updating antivirus databases can be carried out on demand or automatically via Kaspersky Lab servers on the Internet or via local servers. The application automatically selects the least loaded update server.Flexible administration
42Customer references – KS for File Server University of New BrunswickCustomer ProfileThe University of New Brunswick is the oldest English-language University in Canada. It has more than 11,400 students and more than 3,000 staff .“The automated deployment has worked very well, deploying remotely with a 99%success rate. We’re finding many different types of malware that our previous vendormissed.”IndustryHigher EducationChallengesExisting antivirus solution was not providing adequate protection and did not support a Novell NetWare environment.ResultsBetter protection – improved detection rateIncreased system performanceFull support for all products in a heterogeneous environmentJeff Smith, Manager, Computing Experience Services
43Customer references – KS for File Server MandarinaDuckCustomer ProfileMandarina Duck has a strong presence in major department stores and a network of distributors in the most important markets outside the EEC.“More than a month after the installation of the product we are perfectlysatisfied with the solution in its entirety.”IndustryFashionChallengesIt was essential for the company to obtain an antivirus solution compatible with the Citrix environment that is used in many of its offices.No. of users: 820 Clients and ServersSolution installed: Kaspersky Open Space Security — Business SpaceMore than 200 Windows clients spread between the head office in Bologna, the subsidiaries in Paris and Barcelonaand outlets in Europe.More than 20 servers, both physical and virtual, concentrated mainly at the head office in Bologna. The operatingenvironment is mainly Windows with VMWare virtualization and extensive terminal services via Citrix XenApp.20 company blackberry devices (fully synchronized with the internal Exchange mailserver) supplement the computersystem.ResultsInstallation at outlets with remote assistanceCentralized installation on PCs and servers at head office and in subsidiariesAndrea Spadoni,IT manager
44Customer references – KS for File Server CEAL – Companhia Energétic de AlagoasCustomer ProfileCEAL is an electrical utility company serving the State of Alagoas, Brazil. CEAL has over workstations and 30 servers.“The main challenge for this project was to find an antivirus solution that not only offered the best possible protection for our many operating systems but also allowed remote operation in communication links of diverse capabilities.”IndustryUtilitiesChallengesCEAL needed to find an antivirus solution that provided better protection from malware penetrating their network.ResultsEase of deployment to remote locationsSimplified management of all operating systemsGreatly improved protectionCarlos Eduardo Costa LimaManager, IT
46Security for Mail Server Protects mail and groupware servers from malware and spamMicrosoft Exchange Servers 2003, 2007, 2010IBM Lotus Domino v. 6.5, 7.0, 8.0, 8.5Linux-based mail servers: Sendmail, qmail, Postfix, EximKaspersky Security for Mail Server is a High Value solution from Kaspersky Lab that is easy to install and use. It effectively protects mail servers and groupware servers even from the latest malware programs and spam.The solution includes refreshed applications that ensure security of all popular mail servers, including Microsoft Exchange, Lotus Domino, Sendmail, qmail, Postfix and Exim. Kaspersky Security for Mail Server can also be used to set up a dedicated mail gateway and works perfectly even in complex, heterogeneous infrastructures.
47Solution benefits Protects mail servers and collaboration platforms Reduces traffic loadOptimized usage of system resourcesControl with ease: simple, user-friendly management toolsStay up to date: frequent database updatesProtects Mail Servers Kaspersky Security for Mail Server works to protect mail on the latest versions of major mail and collaboration platforms: Microsoft Exchange, IBM Lotus Domino and Linux-based mail servers.Ensures Stable Security Automatic restart in the event of a system shutdown ensures stable security while the diagnostics system determines the cause of the malfunction.Reduces Traffic Load Intelligent spam filtering significantly reduces traffic load in your organization.Optimize System Resources A new anti-virus engine, load balancing of server resources, optimized anti-virus scanning technology and excluding specified objects from scanning increase performance and reduce the resources needed to perform anti-virus scans.Control with Ease Simple, user-friendly management tools, information on mail protection status, plus flexible settings for scans and reporting give you efficient control of your mail and document security.Stay up to Date Frequent database updates mean proactive protection against the very latest malware and spam, while enhanced performance efficiency means you get the protection you need with less system resource.Ensure Efficiency Kaspersky Security for Mail Server’s reliability and high performance ensure uninterrupted operation and effective execution of your company’s business processes.Support for Virtualization VMware Ready certification ensures proven reliability for virtual environments.Ensures efficiencySupport for virtualized network infrastructure
48Applications inside KS for Mail Server KS for Microsoft Exchange Serversv. 8.0KAV for Lotus Notesv. 8.0KAV for Linux Mail ServerKaspersky Mail GatewayKaspersky Anti- Spam
49KS 8.0 for Microsoft Exchange Servers: Protection diagram DMZClustersDue to the fact that is one of the main channels through which malware and spam are distributed nowadays, it is essential that an effective mail server security solution is in place. The new Kaspersky Security 8.0 for Microsoft Exchange Servers ensures world-class anti-malware and anti-spam protection of your Microsoft Exchange mail servers thanks to the new, powerful antivirus engine, comprehensive antivirus scanning of messages and intelligent spam detection. As a result, not only your mail servers, but also your corporate network stays malware- and spam-free while maximizing business productivity.EDGE Transport RoleThis server role sits at the network perimeter or DMZ (Demilitarized Zone) and is responsible for all incoming and outgoing messages. The Edge Transport protects against virus and spam through a variety of filtering techniques, including connection filtering, content filtering, and recipient filtering. It also defends against Denial of Server and Direct Harvest Attacks. Edge Transport Rules Agent can also be applied for additional hygiene. These rules scan SMTP and MIME addresses, as well as key words located in the subject or body of an message.HUB Transport RoleThis server role is responsible for the transport of internal traffic flow throughout the messaging infrastructure. Incoming messages are passed from the Edge Transport server to the Hub Transport server, and then eventually to the mailboxes of end-users. Outgoing messages also flow through the Hub Transport server before reaching the Edge Transport server. Hub Transport Rules Agent can also be applied to enforce company policy and regulatory compliance.Client Access RoleThis server role enables end-users to connect to the Microsoft Exchange Server platform through either Post Office Protocol 3 (P0P3), Internet Message Access Protocol 4 (IMAP4), Secure Hypertext Transfer Protocol (HTTPS), Outlook Anywhere, Availability service, and Autodiscover service. The Client Access Server also hosts Web services.Mailbox RoleThis server sole contains Microsoft Exchange Server databases, and is home to end-users mailboxes and public folders.Unified Messaging RoleThis server role introduces integrated unified messaging (UM) capabilities to Microsoft Exchange Server 2007, combining voice mail, faxes, and into one inbox. Microsoft Exchange users can access their inbox outside of their office from another computer, or from a phone using Outlook Voice Access (OVA).Edge RoleHub RoleMailbox RoleSupports all Microsoft Exchange roles
50KS 8.0 for Microsoft Exchange Servers: Highlights New spam recognition engine 4.0New Anti-Virus Engine 8.0Flexible settings taking into account business- specific processesProtection of Microsoft® Exchange server 2010, including DAG configurationScanning of messages in multiple languagesVMware ReadyNew! Powerful Antivirus Engine A new, powerful engine enables increased scanning speed with reduced system resource consumption.New! High Performance The engine ensures increased performance and stability with minimum memory requirements.New! Complete Protection The application offers complete protection of Microsoft Exchange Server 2010 and is compatible with DAG (Database Availability Group).New! Flexible Settings Kaspersky Security 8.0 for Microsoft Exchange Servers offers flexible, user-friendly settings to ensure spam and anti-malware protection that meets your business security goals.New! Multi-language Support The application carries out anti-spam scanning of messages written in different languages, including Asian language sets.New! VMware Ready The application protects mail traffic going through Microsoft Exchange Server whether installed on physical or guest virtual machines.
51KS 8.0 for Microsoft Exchange Servers: Features Anti-spam protectionIntelligent spam recognition technologiesDetecting spam in the form of imagesUsing DNSBL lists and SURBL technologyMessage classification and rulesWhite- and blacklistsMalware protectionIntelligent Spam Recognition Technologies The application scans all messages for spam based on formal attributes such as the sender’s and IP address, the size of message and message header. In addition, the content of messages and attachments is analyzed using intelligent technologies including unique graphical signatures which detect spam in the form of images.New! Additional Message Scanning For additional protection against spam, messages are scanned using DNSBL lists of spammers’ addresses and SURBL technology which detects spammer URLs in the message.New! Additional scan of messages. For additional protection against spam, messages are scanned using DNSBL lists of spammer addresses and SURBL technology, which detects spammer URLs in messages.Message Classification As administrator, you can configure separate processing rules for each category of unsolicited mail to prevent any loss of information. For instance, messages that are known to be spam can be blocked; suspicious mail can be directed straight to the Unwanted Mail folder; and formal messages such as message delivery and message read confirmations can go directly to the Inbox.New! White and Black Lists There is a facility for individual users to create their own trusted (white) and black lists by sender’s SMTP or IP address. A white list can also be created using the receiver’s SMTP address. Any message received from a white-listed sender is not scanned and is delivered straight to the recipient. However, if the address is black-listed the message it will be tagged with a special heading and processed according to the rules configured by you, the administrator.Flexible administration
52KS 8.0 for Microsoft Exchange Servers: Features Anti-spam protectionReal-time scanningPublic folders scanningOn-demand and on-schedule background scanningBackup copyingFlexible settings and scanning exclusionsMalware protectionReal-time Scanning The program detects and removes all types of viruses, worms, Trojans and other malicious objects from the stream of incoming and outgoing messages, including attachments in almost any format. It detects and removes not only known malware but also potentially dangerous programs.On-demand and On-schedule Background Scanning All folders and messages stored on the server are subject to background scanning to ensure that all objects are processed using the latest version of the antivirus databases. This has minimal impact on server load.Backup Copying Before deleting messages, the application makes backup copies so that it is possible to restore important information if attempts to treat an object result in failure or if a message was incorrectly categorized as spam. A wide range of search parameters make it easier for you to find objects in the backup storage area.Flexible administration
53KS 8.0 for Microsoft Exchange Servers: Features Anti-spam protectionCustomized configurationConfigurable update modesRemote administration via MMCDetailed reportsNotification systemMalware protectionCustomized Configuration You can configure the application based on your company’s IT security policy and hardware capabilities. For example, you can exclude certain file types from scanning or configure the spam intensity level. You can also configure antivirus and anti-spam processing scenarios for different message categories, create white and blacklists by senders’ or receivers’ addresses, etc.Database Updates Updates to antivirus databases are available on demand or can be completed automatically according to a schedule. You can either download updates directly from the Kaspersky Lab website or from a local server. If required, you can update antivirus and spam recognition databases separately.Convenient Administration The administrative interface is based on the popular Microsoft Management Console with remote administration being an option.Detailed Reports You can monitor the operation of the application and the antivirus protection status using the detailed HTML reports or by viewing the Windows event log. You have complete control over the frequency with which reports are generated and the information to be included in them. All reports can be stored on the hard drive or sent via .Sophisticated Notification System As the administrator, you can receive notifications about any critical events in the application’s operation, either by or by viewing the Windows event log.Flexible administration
54KAV 8.0 for Microsoft Exchange vs. competitors Features/CompetitorsKaspersky Security 8.0 for Microsoft ExchangeSymantecMail Security for Microsoft Exchange 6.0Trend Micro ScanMail for Exchange ServerMcAfee GroupShield for Exchange 2010ESET NOD32 for Microsoft Exchange ServerAntivirusVVVVVAnti-spamVVVVVContent filteringXVVVXDAG compatibleVVVVVReportsVVVVXSupport for MS Exchange 2010VVVVVSupport for Windows 2008 R2VVVVVVMware ReadyVVVVV
55Applications inside KS for Mail Server KS for Microsoft Exchange Serversv. 8.0KAV for Lotus Notesv. 8.0KAV for Linux Mail ServerKaspersky Mail GatewayAnti-Spam for Linux
56KAV 8.0 for Lotus Domino: Protection diagram Server clustersReplicationLocal NSF BasesKaspersky Anti-Virus 8 for Lotus Domino provides effective antimalware protection for Domino servers used in large-scalecorporate networks with complex topology and heavy loads.Groupware servers such as Lotus Domino are designed to perform tasks on different levels – from the exchange ofmessages to hosting an organization’s entire workflow system. Malicious programs penetrating a network viacan lead to the loss of business-critical data. Kaspersky Anti-Virus 8.0 for Lotus Domino scans messages anddocuments on Domino servers, safeguarding a company’s workflow from potential IT threats.Provides effective anti-malware protection for Lotus Domino servers used in large-scale corporate networks with complex topology and heavy loads
57KAV 8.0 for Lotus Domino: Highlights Anti-Virus Engine 8.0Centralized management of server clustersSupport for IBM Lotus Domino 8.5Support for LinuxVMware ReadyAnti-Virus Engine 8.0 Ensures stable, high performance with low impact on system resources.Centralized management of server clusters The application allows different configuration profiles to be created and applied to all servers, without duplicating the settings on every server.Support for IBM Lotus Domino 8.5 The application supports the most up-to-date versions of Lotus Domino.Support for Linux The application supports Red Hat 4, 5 and SLES 9, 10 SP2, 11.Administrator role separation The application is now capable of assigning different duties to the various administrators responsible for the operation of servers, making it possible to enforce internal IT security policies.VMware Ready The application protects s and documents on IBM Lotus Domino servers installed on realand virtual (guest) operating systems.
58KAV 8.0 for Lotus Domino: Features Effective protectionReal-time scanningScanning of databases, other objects and traffic during replicationProtection against malware outbreaksBackupFlexible settings and scanning exclusionsHigh performanceReal-time scanning. The application scans messages, attachments (including packed and archived attachments) and OLE objects for viruses and other types of malware. All documents stored in the database can be scanned on demand by the administrator.Scanning of databases, other objects and traffic during replication. The application performs antivirus scanning of messages and all other Lotus Domino objects: databases and OLE objects, as well as traffic sent between Lotus Domino servers during the replication process, ensuring a company’s entire workflow system based on Lotus Domino can be protected by the application.Protection against malware outbreaks. If the application detects several events of the same type during a defined time period – e.g. one and the same virus has been detected several times – the administrator is notified about the potential threat of a malware outbreak and can stop the sending and receiving of messages.Backup. The application saves copies of infected, damaged and suspicious objects to backup storage, allowing important information to be restored in the event of an object becoming corrupted. A wide choice of search parameters is offered to make searching for an object in backup storage more convenient.Flexible settings and scanning exclusions. The application can set scanning exclusions according to file type or the size of the scanned object and it is also possible to disable scanning of attachments and OLE objects. The administrator can define rules for the processing of attached files, e.g. only scanning attachments for malicious objects if they are not excluded on the basis of size or type.Flexible administration
59KAV 8.0 for Lotus Domino: Features Effective protectionAutomatic scalabilityFlexible architectureCross-platform support (Windows and Linux)Optimized use of system resourcesNew!New!High performanceNew!Automatic scalability. The application automatically modifies the number of scanning threads depending on the volume of traffic. Themaximum number of threads is set by the administrator of the server.Flexible architecture. The application’s distributed architecture enables existing profiles to be easily transferred to new servers or network nodes if the number of servers changes.Cross-platform support. On a multiplatform network (e.g. Windows and Linux), the application protects all mail servers equally and they work as a single system, regardless of the operating system installed on them.Optimized use of system resources. The application scans objects in the server’s operating memory without saving them to the hard disk. This allows the application to work faster and reduce server loads.Flexible administration
60KAV 8.0 for Lotus Domino: Features Effective protectionDistributed management of protection parametersReplication of application statisticsEasy-to-use installation and management toolsMessage taggingDetailed reportsRegular database updatesNew!New!High performanceNew!Distributed management of protection parameters. The application supports the distributed storage of settings on all protectedservers. This allows application settings to be saved in the event of the failure of one or more servers.Replication of application statistics. The application supports the distributed logging of events and the storage of statistics on all protected servers.Easy-to-use installation and management tools. Application installation and management can be performed via a web interface or via the standard Lotus Notes interface. A full web interface enables the administrator to remotely install and manage the application from the most popular web browsers.Message tagging. A note saying that a message has been scanned and verified virus-free can be added to outgoing messages, whichenhances trust.Detailed reports. The administrator can monitor the operation of the application and the antivirus protection status with the help ofcomprehensive reports, or by viewing the event log via the application’s interface. The frequency with which reports are generated as well as their content can be defined by the administrator.Database updates. Database updates can be received from Kaspersky Lab servers on request, automatically according to a preset schedule or from a local public shared folder. The optimized updating procedure saves time for the administrator and reduces the amount of traffic required for updates.Flexible administration
61KAV 8.0 for Lotus Domino vs. competitors Features/CompetitorsKAV 8.0 for Lotus/DominoSymantecMail Security for DominoTrend Micro ScanMail for DominoMcAfee GroupShield for DominoAntivirusVVVVAnti-spamXVVVContent filteringXVVVWeb interfaceVXXVReportsVVVVSupport for IBM Lotus Domino 8.5.xVVVVSupport for LinuxVVVVVMware ReadyVXVV
62Applications inside KS for Mail Server KS for Microsoft Exchange Serversv. 8.0KAV for Lotus Notesv. 8.0KAV for Linux Mail ServerKaspersky Mail GatewayAnti-Spam for Linux
63KAV for Linux Mail Server: Features Provides effective antivirus protection for corporate mail traffic and supports the most widely-used solutionsAntivirus real-time SMTP traffic scanningCustomizable notificationsQuarantine and backup copiesFile server scanningAdditional message filtering by attachment type and by user groupFlexible management and remote administrationAntivirus scanning. All elements of messages are scanned for malicious code. The application scans for and removes all types of viruses, Trojans, spyware, malicious and potentially hostile programs from incoming and outgoing mail messages and attachments in most formats.Customizable notifications. When a suspicious or infected object is detected, the system administrator, sender and recipient of the message receive a message, the contents and format of which are defined by the system administrator. System messages can be sent in any language.Quarantine. Infected, suspicious and damaged objects detected in a server’s file system or in traffic can be moved to the quarantine folder, where they will be disinfected, deleted or stored according to pre-defined settings.Backup copies. Backup storage can be created to store copies of infected objects before they are treated, making it possible to restore if necessary.File server scanning. In addition to scanning mail traffic, Kaspersky Anti-Virus for Linux Mail Servers offers on demand scanning of the server’s file systems. The scanning is performed with the help of iChecker, a check-summing technology which significantly reduces the amount of time required for additional scans of each object.Additional message filteringBy attachment type. The application can be configured to filter mail traffic by attachment name and file type and to apply specified processing rules for each category.By user group. Administrators can create user groups, assign individual message processing rules to each group and define user privileges for each group.Remote administration. Kaspersky Anti-Virus for Linux Mail Server can be configured either traditionally, via the application’s configuration file, or using the Web interface.Configuration of updates. Antivirus databases can be updated from Kaspersky Lab’s servers via the Internet or from local update servers on demand or on schedule. Administrators can choose the type of antivirus databases to be used: standard (detection of true malware only) or extended (databases used to detect potentially hostile software – spyware, adware and more). Kaspersky Lab antivirus databases are updated hourly.
64Applications inside KS for Mail Server KS for Microsoft Exchange Serversv. 8.0KAV for Lotus Notesv. 8.0KAV for Linux Mail ServerKaspersky Mail GatewayAnti-Spam for Linux
65Kaspersky Mail Gateway: Features Provides full-scale protection for mail systems against viruses and spamCan be used as standalone MTA in Linux systemsAntivirus scanningSpam filteringQuarantineDetailed reports and notification systemMessage filtering by attachment type and user groupProtection against unauthorized access of the serverFlexible managementKaspersky Mail Gateway is a versatile solution that provides full-scale protection for mail system users against viruses and unsolicited s (e.g., spam).Kaspersky Mail Gateway can be installed on a separate server and does not require integration into the existing mail system. The solution significantly increases the level of protection against today’s computer threats, making it possible to combine different vendors’ antivirus solutions on the same network.Because it is designed to operate autonomously, the application fits neatly into any environment and combines easily with other vendors’ programs installed on other network nodes. Its installation and configuration do not require extensive experience with Linux systems.Antivirus scanning. The program scans for and removes all types of viruses, and malicious and potentially hostile programs in all elements of incoming and outgoing messages, including attachments.Spam filtering. The application scans mail traffic for spam based on formal attributes and analysis of message contents and their attachments using intelligent technologies, including special graphical signatures for detecting spam in the form of images.User notification. If a suspicious or infected object is detected, the system administrator, sender and recipient of the message receive a notice, the contents and format of which are defined by the system’s administrator. If a message is categorized as spam, it can be blocked, sent to a quarantine folder or delivered to the recipient with a special tag in the subject field.Quarantine. Infected and suspicious objects and messages identified as spam can be moved to a quarantine folder, where the administrator can view or delete them, or forward them to the end user.Additional message filteringBy attachment type. The application can be configured to filter mail traffic by attachment name and file type, helping to immediately identify objects that are likely to contain viruses.By user group. The administrator can define separate message processing rules for each group of mail system users by defining limitations in accordance with the security policy and employee needs.Protection of the server against unauthorized accessThe application can be configured to prevent DoS attacks and third party attempts to use the server for launching unauthorized mass mailings. In some cases, this helps reduce the server load and increase the processing speed of mail traffic.Flexible management and administration:Remote administration. Kaspersky Mail Gateway can be managed remotely using a web interface, as well as traditionally, using the configuration file.Configuration and optimization of the application. Depending upon mail traffic volume and the stringency of the company’s security policy, the administrator can change the application’s operating parameters, from maximum system performance to maximum user protection. The administrator can also configure various timeouts for sending and/or receiving messages, manage the application’s queue and limit the number of objects that can be scanned simultaneously in the background mode.Configuration of updates. The antivirus database can be updated on demand or automatically according to a predefined schedule from Kaspersky Lab servers on the Internet or from local servers specified by the system administrator. Some modules of the antivirus engine and the linguistic analyzer can be updated, as well.Graphical reports. The program includes the capability of viewing virus activity for a given period of time in graphical form. Information regarding the types of viruses detected during antivirus scans can also be viewed. In addition, the administrator can receive detailed information on the program’s status and operation by using a broad range of reports with the desired level of detail.
66Applications inside KS for Mail Server KS for Microsoft Exchange Serversv. 8.0KAV for Lotus Notesv. 8.0KAV for Linux Mail ServerKaspersky Mail GatewayAnti-Spam for Linux
67Anti-Spam for Linux: Features Provides thorough and accurate protection from spam for users of corporate Linux-based mail systems and public servicesList-based filtrationSPF and SURBL technologiesAnalysis of formal attributes and signature analysisLinguistic heuristicsGraphical spam detectionReal-time UDS requestsOptions for processing spamFlexible managementManagement of user groupsList-based filtration. Sender IP addresses are checked against blacklists of spammers, which are maintained by Internet service providers and public organizations (DNS-based Blackhole Lists). System administrators can add addresses of trusted correspondents to a safe list, ensuring that their messages are always delivered without undergoing filtration.SPF and SURBL technologies. The filtration process also involves verifying senders using the Sender Policy Framework. Detection of spammer IP addresses using DNSBL is supplemented by SURBL technology (Spam URI Real-time Block List), which can identify spam URLs in the message body.Analysis of formal attributes. The program recognizes spam by such typical characteristics as distorted sender addresses or the absence of the sender’s IP address in DNS, an excessive number of intended recipients or hidden addresses. The size and format of messages are also taken into consideration.Signature analysis. Lexical signature databases are updated around the clock. Using spam signatures, the program can even recognize modified versions of spam messages that have been altered to evade spam filters.Linguistic heuristics. The program scans messages for words and phrases that are typical of spam messages. Both the content of the message itself and any attachments are analyzed.Graphic spam. A database of signatures for graphic spam equips the program to block messages containing spam images, a type of spam that has become increasingly common in recent years.Real-time UDS requests. The Urgent Detection System is updated with information on spam messages literally seconds after they first appear on the Internet. Messages that could not be assigned a definitive status (e.g., spam, no-spam) can be scanned using UDS.Flexible management. Our web interface allows system administrators to manage the application both locally and remotely. The filtration level is easily configurable, as are blacklists and safe lists. It is also possible to disable/enable individual filtration rules and automatically block mail encoded in Asian language sets.Management of user groups. The administrator can create user groups either using lists of addresses or domain masks (for example, and apply individual settings and filtration rules to each group.Options for processing spam. The program can be configured to process spam by either automatically deleting it, redirecting it to the quarantine folder with a note to the user or sent for further filtration to the mail client.Detailed reports. Administrators can easily monitor the application, the protection status and license status, using HTML reports or alternatively, by viewing log files. Data can be exported in CSV and Excel formats.Updating databases on schedule. Updates to antivirus databases can be downloaded on a schedule set by the administrator (by default they update every 20 mins). When undecided about the status of a suspicious message, the program also makes requests to the UDS server.
68Customer references – KS for Mail Server MTS, RussiaCustomer ProfileMobile TeleSystems (MTS) is the leading telecommunications group in Russia, Eastern Europe and Central Asia with million mobile subscribers“The Mobile service allows MTS subscribers to easily access their from any mobile phone model. It’s very important for us to protect our users from spam and malware. Kaspersky Lab’s solution provides reliable protection of MTS subscribers and meets all our needs.”IndustryTelecommunicationsChallengesTo protect Mobile users from spam and malware without slowing the traffic rate.Kaspersky Security for Mail Server, Russian EditionKaspersky Anti-Spam for Linux, Russian EditionResultsCurrently, Kaspersky Lab solutions for mail servers protect over subscribers of Mobile . The anti-spam and anti-malware protection levels meet all MTS’s requirementsPavel RoitbergProduct Director, MTS
69Customer references – KS for Mail Server Fashion company s.OliverCustomer ProfileGlobal fashion company with more than 5,500 employees; s.Oliver products can be found in more than 30 countries“Immediately after theKaspersky software was implemented, its operation was secure and stable, which, in addition to the simplifiedadministration, is one of the reasons we are very pleased with the solution from Kaspersky Lab.”IndustryFashionChallengesCompany needed protection for its complex heterogeneous network - distributed in 30 countries - against spam and malwareKaspersky Security for Mail Server – which currently has 3,000 licenses in useResultsSolution provides optimum security for Linux mail serversSolution minimizes the amount of spamThe company has been spared financial losses caused by viruses, worms etc.Michael Muthig, Head of IT Services
70Customer references – KS for Mail Server ABBA HotelsCustomer ProfileABBA Hotels is a Spanish urban hotel chain. It now has 24 centers in some of Europe’s best-known cities“Virus and malware incidents have fallen from 40% to barely 5%, and as a result, our technicians have been able to dedicate their time to other matters. There has therefore been a reduction in support costs, in addition to a very significant improvement in the protection of our systems.”IndustryHotels & RestaurantsChallengesEvery day, hundreds of people connect to their corporate networks from the hotels and many of them are using their own computers and flash drives that might contain malware.Kaspersky Enterprise Space SecurityResultsSubstantial improvement in the detection of malwareVirus and malware incidents have fallen from 40% to barely 5%Reduction in support costsJosé MaríaSerra,Systems Director of ABBA Hotels
71Customer references – KS for Mail Server Rome Biomedical Campus UniversityCustomer ProfileThe Rome Biomedical Campus University promotes integrated structures for teaching, research and healthcare. There areapproximately 1,000 clients and 50 servers.“The protection of data and communications is an essential condition for enabling new generation services in critical environments like the hospital and Kasperskyhelps us remain protected.”IndustryEducationalChallengesConsidering the extensive computerization, all aspects linked with security have a fundamental role in ensuring that the Campus can count on a reliable and robust infrastructureNo. of users: 1,000 employeesSolution installed: Kaspersky® Enterprise Space SecurityResultsKaspersky’s solution provides: product reliability, correct removal of threats, flexible management and an efficient support serviceMarco Venditti, manager of the ICT infrastructures department
73Security for Internet Gateway HTTP(S), FTP, SMTP, POP3Secure Internet access for all employees in an organization is one of the central pillars of any business securitystrategy. Kaspersky Security for Internet Gateway is a world-class anti-malware solution that ensures secureInternet access for a company’s entire workforce, automatically deleting malicious and potentially dangerousprograms from data traffic entering the local network via HTTP, HTTPS, FTP, POP3 and SMTP protocols.Kaspersky Security for Internet Gateway helps to reduce the costs associated with web threats by preserving valuablenetwork bandwidth and ensuring malware threats do not interrupt business operations.Optimized scanning technology, high performance and support for the latest platforms make Kaspersky Security forInternet Gateway a High Value solution for medium and large organizations handling considerable network traffic volumes.Protected pointsMicrosoft Forefront TMGMicrosoft ISA ServersProxy Servers: Squid
74Products benefits High performance and reliability Real-time protectionMulti-platform supportSupport for Microsoft Forefront TMGPowerful manageability and reporting systemHigh Performance and Reliability.A new, powerful antivirus engine plus optimized, intelligent scanning technology and load balancing increase performance and reduce the resources needed for virus scanning.Real-Time ProtectionFrequent database updates provide always-on, proactive protection against the latest known and potential threats.Multi-Platform SupportKaspersky Security for Internet Gateway supports most popular gateways based on the Windows and Linux platforms.Support for Microsoft Forefront TMGKaspersky Security for Internet Gateways supports Microsoft Forefront TMG, a new product which replaces Microsoft ISA Server, providing effective anti-malware protection for corporate networks.Powerful Manageability and Reporting SystemSimple, user-friendly management tools, protection status information, flexible scanning settings and reporting systems ensure efficient security control.VersatilityIn addition to providing web protection, the solution can be used to protect corporate mail (for Microsoft ISA/TMG).Support for Virtualized Network InfrastructureKaspersky Security for Internet Gateway is VMware Ready certified, and offers proven reliability for virtual environments.VersatilitySupport for virtualized network infrastructure
75Applications inside KS for Internet Gateway v. 8.0KAV for Microsoft ISA Server and Forefront TMG SEKAV for Microsoft ISA Server EEKAV for Proxy Server
76KAV 8.0 for Microsoft ISA Server and Forefront TMG Standard Edition DMZHTTP(S), FTP, SMTP, POP3Published serversMobile usersKaspersky Anti-Virus for Microsoft ISA Server and Forefront TMG Standard Edition is designed to provide secure Internet access to a company’s entire workforce, automatically deleting malicious and potentially dangerous programs from data traffic entering the local network via the HTTP, HTTPS, FTP, POP3 and SMTP protocols.Scanning of HTTP(S), FTP, SMTP and POP3 traffic
77KAV 8.0 for Microsoft ISA Server and Forefront TMG Standard Edition: Highlights Anti-Virus Engine 8.0 – ensures stable, high performance with low impact on system resourcesSupport for Microsoft Forefront TMG Standard Edition 2010Mail traffic protectionIntegrated information panel: real-time monitoring of the antivirus protection statusVMware Ready New! Anti-Virus Engine 8.0 Ensures stable, high performance with low impact on system resources.New! Support for Microsoft Forefront TMG Standard Edition 2010 The application supports the new Microsoft product superseding Microsoft ISA Server.New! Mail Traffic Protection Kaspersky Anti-Virus for Microsoft ISA Server and Forefront TMG Standard Edition scans mail traffic transferred via SMTP and POP3.New! Real-Time Monitoring of Antivirus Protection Status The application features an integrated information panel to display real-time statistics about the antivirus status of Microsoft ISA/TMG servers, including information about database updates.New! VMware Ready The application protects data transferred via Microsoft ISA/TMG servers installed both on physical and virtual (guest) machines.
78Flexible administration KAV 8.0 for Microsoft ISA Server and Forefront TMG Standard Edition: FeaturesEffective protectionHigh performance real-time scanning, including archived filesScanning of outgoing trafficScanning of HTTP(S), FTP, SMTP and POP3 traffic from published serversSupport for HTTPS (Forefront TMG only)Support for VPN connectionsBackupNew!High performanceNew!Real-Time Scanning The application detects and removes all types of malware from data passing through Microsoft ISA Server and Forefront TMG. Also scans archived and packed files of almost any format.Scanning of Outgoing Traffic The application scans traffic travelling in both directions helping to safeguard a company’s reputation by ensuring that not only incoming but also outgoing traffic is free of malicious objects.New! Scanning of HTTP(S), FTP, SMTP and POP3 Traffic to Published Servers The application scans traffic entering published servers, such as when a web interface is used to access corporate mail.New! Support for HTTPS (Forefront TMG only) The application scans data transferred via HTTPS, allowing control of protected connections.New! Support for VPN connections The application monitors traffic passing through VPN connections established using Microsoft ISA Server or Forefront TMG.New! Backup The application saves copies of infected, damaged and suspicious objects to backup storage, making it possible to restore an object if it has been erroneously tagged as suspicious. This is useful for data transmitted via HTTP/FTP and objects sent via SMTP. A wide range of search parameters makes searching for an object in the backup storage more convenient.New!Flexible administrationNew!
79Flexible administration KAV 8.0 for Microsoft ISA Server and Forefront TMG Standard Edition: FeaturesEffective protectionAutomatic scalabilityHigh performance thanks toOptimized architectureNew Anti-Virus Engine 8.0Special mode for big-size filesHigh performanceScalability It is possible to launch several antivirus engines simultaneously, allowing for enhanced scanning performance and optimised server load depending on configuration and traffic volume. The number of antivirus engines is determined automatically when the application is installed and can be modified by administrators.High Performance Optimized architecture, a new antivirus engine and a special mode for big-size files means traffic can be scanned extremely rapidly, without noticeably delaying the delivery of information to the end user.Flexible administration
80Flexible administration KAV 8.0 for Microsoft ISA Server and Forefront TMG Standard Edition: FeaturesEffective protectionManagement via MMCFlexible policy managementDetailed reports, statistics and notificationsControl over performanceRegular database updatesNew!High performanceManagement via MMC This administration console allows local or remote management of the application. The console has an easy-to-use intuitive graphical interface.New! Flexible Policy Management The application offers advanced capabilities for configuring and managing traffic processing policies during scanning. Using the policy management tools, administrators can configure different data scanning rules for different servers, computers, IP address ranges, domain names and subnets. Administrators can also create lists of trusted sites and configure other exemptions to tailor the application’s performance to specific business needs and to comply with a specific corporate security policy.Detailed Reports and Notifications Administrators can control application performance and the antivirus protection status of Microsoft ISA Server and Forefront TMG using detailed reports or looking through the event log. Standard ISA alerts are used for notification of important events. Administrators can select the type of notification from the standard options available in Windows and decide how often and for what period of time the reports are generated.Control over Performance Administrators can measure the application’s performance and its compatibility with other server software using the standard Windows (Performance Monitor) tools to which the application’s own counters are added.Database Updates Databases can be updated either on demand or automatically from Kaspersky Lab servers over the Internet or from the customer’s own preset local servers. The optimised update process saves administration time and minimises external traffic.Flexible administration
81KAV 8.0 for ISA/TMG SE vs. competitors Features/CompetitorsKAV 8.0 for ISA /TMGTrend MicroInterScan Web Protect for ISAMicrosoft Forefront TMGScanning of HTTPVVVScanning of FTPVVVScanning of SMTPVXVScanning of POP3VXVScanning of HTTPSVXVTMG supportVXVBackup copiesVXXReportsVVV
82Applications inside KS for Internet Gateway v. 8.0KAV for Microsoft ISA Server and Forefront TMG SEKAV for Microsoft ISA Server EEKAV for Proxy Server
83KAV for Microsoft ISA Server Enterprise Edition: Features Corporate network, Branch ICorporate network, HQConfiguration ServerTo see features click in the right corner in the bottomMicrosoft ISA Server ArrayMicrosoft ISA Server ArrayProvides effective server array protectionFeatures >>
84KAV for Microsoft ISA Server Enterprise Edition: Features Provides comprehensive scanning of data entering the local area network from the Internet via HTTP and FTP protocolsProtection of server arraysOptimized performance:Automatic scalabilitySelection of objects to be scanned and trusted serversConfiguration of group rulesCentralized administration
85Applications inside KS for Internet Gateway v. 8.0KAV for Microsoft ISA Server and Forefront TMG SEKAV for Microsoft ISA Server EEKAV for Proxy Server
86KAV for Proxy Server: Features Protects all HTTP and FTP Internet traffic that passes though the proxy serverHigh reliabilityReal-time scanning of Internet trafficChoice of filtration parametersDetection of potentially harmful programsRemote administration via web interfaceFlexible scan settings and group security policiesConfigurable update modesDetailed reports and notification systemKaspersky Anti-Virus for Proxy Server protects all HTTP and FTP Internet traffic that passes though the proxy server.The application provides security for users when working online and deletes malicious programs and worms that spread via instant messaging programs.Real-time scanning of Internet traffic. The program detects and deletes all types of viruses, worms, Trojans and other malicious programs in traffic that passes through most types of proxy servers.Choice of filtration parameters. The program includes a wide choice of filtration parameters (IP and URL addresses, MIME types and file size), which can be used to create individual scanning rules for different user groups.Scanning of archived files. Kaspersky Anti-Virus provides the highest quality detection and treatment of viruses in any type of file or attachment. The program supports more than 70 formats for archivers (over 420 versions) and more than 260 types of compressed file formats (over 1,330 versions).Detection of potentially harmful programs. Using the extended protection option, the application can detect and delete not only known malicious programs, but also potentially harmful programs (such as spyware).Remote administration. The application can be administered remotely via the web interface or via a single configuration file.Group security policies. The administrator can set individual traffic filtration rules for each user group, which defines permission rules in line with the corporate security policy and employee requirements.User notifications. The program automatically blocks any infected objects and sends the user a notification in the form of an HTML page. The system administrator can configure the content, format and language of notifications.Reports and statistics. The application can compile statistical reports to help administrators track virus activity and monitor the application’s performance.Configurable update modes. Updates to antivirus databases and program modules are available on demand, automatically or on schedule. They can be downloaded directly from Kaspersky Lab servers via the Internet or from a local corporate server.High reliability. Protection from memory leaks, hardware conflicts, input/output errors and critical system conflicts ensures fast and stable application performance.
87KAV for Proxy Server HTTP, FTP Installation Scenarios Plug-inInstallation ScenariosAs a standalone solutionWith proxy servers: Squid
88KAV for Proxy Server vs. competitors Features/CompetitorsKAV for ProxyServerTrend MicroInterScan Web Security SuiteWebsenseWeb Security GatewayScanning of HTTPVVVScanning of FTPVVVReports and statisticsVVVPoliciesVXVWeb consoleVVV
89Customer references – KS for Internet Gateway Pakistan International AirlinesCustomer ProfilePIA is the flag carrier airline of Pakistan.It is the 31st largest airline in Asia, operating to 23 domestic destinations and 36 international destinations in 25 countries“We can say that a high level of protection has been achieved through the Kaspersky Lab solution for our servers and workstations. It meets requirements at the corporate level and the experience is good!”IndustryTransportChallengesThe company required a centralized anti-malware solution that would ensure a high level of security.Number of nodes : 3100Number of Servers: 100Number of Internet Users: 3200Platforms: Microsoft XP, Microsoft Server 2003/2008, ISA ServerNumber of months the solution has run internally: 24 monthsResultsPIA has achieved smooth access to the network for devices and other shared resources malware-free and all machines are protected from external attacksSyed Ahmed Faraz, IT Manager
90Customer references – KS for Internet Gateway The University of ChileCustomer ProfileUniversity of Chile is one of most prestigious universities in Latin America with more than 25,000 undergraduate students“The Kaspersky Lab solution was chosen for its optimal price-quality ratio, comprehensive protection and excellent after-sale services. The Kaspersky Lab support team efficiently installed and configured the system and has continued to provide us with a high standard of support.”IndustryEducationChallengesAn antivirus system for the largest university in Chile, which can protect the entire campus network and all related organizations.ResultsProtection of the university network which has thousands of workstations, as well as servers, gateways and firewalls, which all use a variety of systems and platforms.Lugarda Andrade, IT Coordinator
91Customer references – KS for Internet Gateway Liverpool City CouncilCustomer ProfileLiverpool City is one of the fastest growing local government regions in New South Wales, Australia. Liverpool’s population in 2006 stood at 164,603.“The solution protects the council’s network from viruses and other threats. This leading-edge technology ensures that our organization is at the forefront in terms of securing our network and providing the best service for our community.”IndustryGovernmentChallengesThe main challenge of such a widely-dispersed network was to create a common protection system that could be centrally managed while maintaining integrity across the entire system.Kaspersky Total Space SecurityResultsThe solution’s network port scan enabled the council to detect HTTP and other port-based threats and eliminate them completely. Due to its small use of resources, the solution did not affect the overall performance of the network’s serversPhil Tolhurst,General Manager