Web, Messaging & Infrastructure protection

Web, Messaging & Infrastructure protection
Presenter, Position, Kaspersky Lab Date / Event

Web, Messaging & Infrastructure Security
Web, messaging and infrastructure protection ― part of corporate network protection Endpoint Security Web, Messaging & Infrastructure Security Gateways Administration Server Presentation is about protection of File Servers and Storages, Mail servers and Gateways, which are just a part of corporate infrastructure. Mail Servers Workstations & Mobile Devices File Servers

Ι. ΙΙ. Contents Approach to Business IT Security >>
Solutions & Applications >> ΙΙ.

Approach to Business IT Security

The key points of modern antivirus security
1 Cost of protection 2 New sources of threats and security trends 3 Multi-platform infrastructures 4 Efficiency of administration 5 Various customer needs 6 Reliable vendor support

1 Cost of protection Potential damage from infection
Cost of AV/AS solution Data loss Reputation risks Interrupted business processes Employee downtime Cleaning costs AV/AS software license Deployment and installation Administrator’s time for maintenance Usage of system resources Technical support – time to react Local language support KL solutions minimize TCO The best protection: no infection = no cleaning costs Needs very little CPU and memory = optimal usage of system resources Easy to manage, less manpower needed Reacts faster than any competitor to new threats, answers phones faster on support calls Subsidiaries in all major geographic regions Full range of security solutions from Endpoint to Cloud from a single provider

New sources of threats and security trends
2 New sources of threats and security trends Cloud services Virtualization Web 2.0 IT consumerization Mobile devices Compliance & audit requirements

Multi-platform infrastructures
3 Multi-platform infrastructures 8

Multi-platform infrastructures
3 Multi-platform infrastructures

Efficiency of administration
4 Efficiency of administration Scan settings Update Protection status Reporting Installation Alerts Centralized administration tool for corporate infrastructure

Various customer needs
5 Various customer needs Enterprise SMB External IT security expertise Total cost of ownership Acquisition cost Box solution Global maintenance contracts Need for system resources System resources load during scans and updates

Reliable vendor support
6 Reliable vendor support IV Problem Resolution incident, problem and quality management III Knowledge Transfer information about KL products, educational materials II Proactive & Self-Help Services available at KL Support Portal on a 24×7 basis I Product Improvement and Innovation antivirus database, updates and upgrades

Kaspersky benefits Best corporate malware protection for multi-platform IT infrastructure from world-class experts Optimized and cost-effective security plans to maximize business productivity and lower the total cost of ownership Efficient manageability solutions with wide inter-operability capability Future-proof strategy anticipating threats and trends for total longer term reassurance Trusted, fast and responsive global support plans Award-winning certified technologies >>

West Coast Labs certification
West Coast Labs - global leader in technical research, testing and Checkmark Certification of information security products and services WCL tested Kaspersky corporate products over a period of 3 months Products underwent performance testing (in real-time against malware threats from a variety of attack vectors) Checkmark Platinum Product Awards for all new applications WCL carried out comparative testing of Kaspersky products against key competitors

Solutions & Products

KAV solutions File Servers Mail Servers Firewalls & Gateways

Security for File Servers
Protection against all types of malicious programs for servers running under Microsoft Windows Linux and FreeBSD Novell NetWare Reliable protection for shared file storage is essential, because a single infected file on a server can affect every computer on your corporate network. However, if your organization uses servers running different platforms, this can be costly and difficult to manage. Kaspersky Security for File Server offers cost-effective protection for servers running on Microsoft Windows, Linux and Novell NetWare - providing a single, effective security solution for multi-platform server networks that protects against all types of malicious programs.

Solution benefits Popular server platform support
High performance with a new antivirus engine Reliable anti-malware protection Powerful manageability and reporting system Complex network infrastructure support Popular server platform support Designed to work with the complex network infrastructures of modern organizations, the product offers world-class anti-malware protection for file servers running Windows, Linux, Novell NetWare and FreeBSD. High performance, low impact With a new antivirus engine, load balancing of server resources and optimized scanning, the product delivers High Value world-class corporate anti-malware protection for multi-platform IT infrastructures with no noticeable impact on system performance. Reliable anti-malware protection Whatever the size of your organization, you need to know that your anti-malware solution has been developed by a company that takes a focused approach to world-class multi-layered protection. With Kaspersky Security for File Server, if your system malfunctions or is forced to shut down, our solution will restart automatically, maintaining High Value world-class anti-malware protection for your infrastructure, while you get to the root of the problem. Powerful manageability and reporting system Managing IT security over a complex network can be time-consuming. Our solution comes from a product family based on a uniform set of world-class anti-malware and other core technologies that provides user-friendly management tools, accessible security status information and simple reporting systems, to make managing your IT security easier than ever. Complex network infrastructure support The solution protects terminal servers (Citrix, Microsoft) and runs on cluster servers, providing efficiencies to customers through manageability, interoperability and optimizing costs and resource allocation. Virtualization support Kaspersky Security for File Server comes with VMware Ready certification - proven reliability for virtual environments, backed up by trusted, fast and responsive global support plans. Multi-system network protection The solution provides high levels of anti-malware protection for heterogeneous networks running different operating systems simultaneously, for example, Linux and Windows. Multi-system network protection Virtualization support: VMware Ready

Applications inside KS for File Server
KAV for Windows Server Enterprise Edition KAV for Linux File Server v. 8.0 v. 8.0 KAV for Novell NetWare KAV for Windows Server

KAV 8.0 for Windows Server Enterprise Edition: Highlights
New Anti-Virus Engine 8.0 Supports Windows Server 2008 R2 and Microsoft Hyper-V Server 2008 R2 VMware ready Supports HSM systems Citrix ready, including the latest XenApp 6.0 Modern corporate networks are complex systems that typically consist of terminal servers, server clusters and other types of nodes. Infrastructure like this demands the highest levels of protection, with file servers requiring dedicated software that won’t just protect data from the latest malware, but will also provide uninterrupted performance under the heaviest load conditions with minimal effect on network efficiency. Kaspersky Anti-Virus for Windows Servers Enterprise Edition has been developed specifically for networks like this, making it easy to protect your most valuable business resources today and in the future. In modern heterogeneous networks, a single virus can spread very quickly as it is virtually impossible to isolate a newly detected network infection immediately. Corporate users often place various files into file storages, thus exposing all nodes on the corporate network to risk, from workstations to shared file storage facilities. New! Support for Windows Server 2008 R2 Compatible with the popular Windows Server 2008 R2 - including the Server Core installation option and Microsoft Hyper-V Server 2008 R2 - Kaspersky Anti-Virus for Windows Servers Enterprise Edition can provide high-level protection to the most modern networks, no matter how big your organization is. New! VMware Ready Certified compatible with the VMware virtualization platform; providing antivirus protection of both real and virtual (guest) operating systems. New! Support for HSM systems Compatible with disk storage management systems (Hierarchical Storage Management), it provides antivirus protection for file systems with even the most complex hierarchies.

KAV 8.0 for Windows Server Enterprise Edition: Features
Effective protection Always-on antivirus protection and on-demand scanning Proactive protection from malware Scanning of the operating system’s critical areas Flexible scan settings Terminal server protection >> Cluster support >> High performance Schemes are under hyperlinks on slides 24 and 25 Always-on antivirus protection and on-demand scanning Every file that is launched or modified is scanned, with any suspicious objects treated, deleted or quarantined. You can also launch targeted scans of any suspicious areas. Proactive protection from malware Advanced anti-malware protection identifies malicious programs even if they are not yet on IT security providers’ antivirus databases. Critical area scanning A dedicated task can be run to scan the areas of your operating system most exposed to infection, such as autorun files and RAM. Flexible scan settings Scan settings allow you to set the depth of protection, specify which file types must always be scanned and preset responses to suspicious and infected objects, according to threat type. Terminal server protection With protection for Microsoft Terminal Services and Citrix XenApp servers, end-users working in desktop/application publishing modes remain protected, and are notified of events using the terminal services tools. This also ensures that actions performed on end-users’ files and scripts are audited. Cluster support Designed to work with complex server cluster architecture, Kaspersky Anti-Virus for Windows Servers Enterprise Edition protects both local disks and the cluster’s shared disks, currently owned by the protected node. Third-party compatibility Seamlessly integrates with dedicated server software such as IBM Tivoli, Symantec Enterprise Vault and HP Data Protector. Kaspersky Anti-Virus for Windows Servers Enterprise Edition is compatible with Citrix XenApp and has been awarded a Citrix Ready certificate. Flexible administration

Effective protection Scalability Reliability – works under heavy loads Load balancing Selection of trusted processes Uninterrupted server operation High performance Scalability To ensure server requests are processed as quickly as possible, administrators can specify the number of antivirus threads on multiple-processor servers. Load balancing To limit server load, resources can be allocated between the antivirus and other applications according to pre-assigned priorities: antivirus scanning can also run in background mode. Selection of trusted processes Administrators can choose to exempt secure processes such as data backups or defragmentation of the hard drive. Uninterrupted server operation A server reboot is not required when antivirus protection is installed or updated. Flexible administration

Effective protection Wide choice of management tools: Admin Kit; MMC; command line Centralized installation and management Role-based administration Flexible setting of scan times Notification and reporting system High performance Selection of management tools. The application can be managed either directly or remotely via the Microsoft® Management Console, the Kaspersky Administration Kit, or by using the command line. The latest version of the product provides an intuitive graphical interface for the Microsoft® Management Console. Centralized installation and management Compatible with the latest version of Kaspersky Administration Kit - a centralized administration management tool that enables you to install and configure the application remotely, manage operations and receive updates. Control over administrator privileges To comply with department-specific or internal security requirements, privilege levels can be assigned to each server’s administrator. Flexible setting of scan times Decide when your scans start and finish - for maximum server resource availability and minimum disruption to business operations. Notification system Administrator notifications are supported via the messaging service or . The application is integrated with Simple Network Management Protocol (SNMP) and can operate with Microsoft Operations Manager (MOM) or the administrator can monitor the application’s operation by reviewing Microsoft Windows or Kaspersky Administration Kit event logs. Flexible search tools and filters can also be used to search for information in large-volume logs. Flexible administration

KAV 8.0 for Windows Server Enterprise Edition: Cluster protection
Server clusters KAV 8.0 for WSEE can be installed on clusters of servers working in Active/Active and Active/Passive modes. The solution helps ensure the server operates correctly when resources migrate between cluster resources (failover/failback situations). The cluster is protected completely when KAV 8.0 for WSEE is installed on each node of the corporate network. The application protects the file server system’s local disks and the cluster’s shared disks currently owned by the protected node. Advantage: the product is completely suited to the complex server cluster architecture typically found in large companies. Protects server clusters in complex heterogeneous corporate networks

KAV 8.0 for Windows Server Enterprise Edition: Terminal server protection
Terminal connections KAV 8.0 for WSEE protects Microsoft Terminal and Citrix XenApp servers (formerly Presentation Server). This feature helps: Protect terminal users working in desktop/application publishing modes Notify terminal users of events using the terminal services tools Audit actions performed with terminal users’ files and scripts New! Certified Citrix XenApp: Citrix Ready for XenApp 6.0 compatible. Advantage: the solution is flexible enough to protect the infrastructure of terminal servers as effectively as it does regular servers. Protects Microsoft and Citrix terminal servers in modern complex corporate networks

KAV 8.0 for WSEE vs. competitors
Features/ Competitors KAV for WSEE Symantec Endpoint Protection Trend Micro Server Protect McAfee VirusScan Enterprise Centralized management V V V V Windows Server R2 support V V V V Terminal server support (MS, Citrix) V V V V Cluster support V V V V Back-up application support V V X X VMware Ready V V V X

KAV 8.0 for Linux File Server: Product diagram
KERNEL SMB / CIFS Extended File System FTP ODS HTTP NFS Local File System NSS Large corporate networks that use file servers running on different platforms can be a real headache when it comes to antivirus protection. Kaspersky Anti-Virus 8.0 for Linux File Server is part of our range of new and refreshed products, solutions and services for heterogeneous networks. It provides a cost-effective solution, with Samba server integration and other features that can protect workstations and file servers in even the most complex heterogeneous networks. It is also certified VMware Ready and supports current versions of FreeBSD for integrated, future-proof protection. The architecture of Kaspersky Anti-Virus 8.0 for Linux File Server provides multilayered protection for file servers in Linux/heterogeneous networks, functioning simultaneously on the entire file system level and on the level of the SMB/CIFS data transfer protocol (Samba server). The main antivirus module – a kernel-level interceptor – protects the server file system in real time. Protection extends to both local resources and remote resources built into the server file system that can be accessed using a variety of data transfer protocols. Cost-effective solution. With Samba server integration and other features, file servers are protected in even the most complex heterogeneous networks

KAV 8.0 for Linux File Server: Highlights
New Anti-Virus Engine 8.0 Kaspersky Web Management Console Optimized antivirus scanning technology >> Exclusion of trusted processes from scanning Reliability Support for FreeBSD VMware Ready New! Kaspersky Web Management Console A dashboard in the new Web Management Console displays data on the application’s status in real-time, as well as helping to configure and manage its operation. High Performance The new antivirus engine provides server resource load balancing, optimized antivirus scanning technology and the facility to exclude trusted processes from scanning. These features increase the product’s performance and reduce the amount of system resources required to perform antivirus scans. Reliability Reliable anti-malware protection is ensured as the application restarts automatically if it malfunctions or is forced to terminate. New! Support for FreeBSD The application supports current versions of FreeBSD which significantly extends its capabilities as it can be used to provide powerful anti-malware protection to networks with less conventional operating systems. New! VMware Ready Kaspersky Anti-Virus for Linux File Server comes from a product family based on a uniform set of anti-malware and other core technologies. It protects any files stored on Linux / FreeBSD-based file servers regardless of whether the server is running on a physical machine or a guest virtual machine.

KAV 8.0 for Linux File Server: Features
Effective protection Improved antivirus engine Real-time protection and on-demand scanning Quarantine and backup storage Versatile protection of file servers ― Linux, FreeBSD and Samba New! High performance New! New! Powerful antivirus engine New heuristic technologies combined with traditional signature-based malware detection methods help to dramatically improve the efficiency of malicious object detection and ensure proactive protection against new malicious programs. Real-time protection and on-demand scanning The application scans all files that are launched, opened or modified and disinfects or deletes all infected files. Furthermore, suspicious files and content are isolated in a quarantine area, allowing further analysis to be performed. The application scans specified areas of the system according to a schedule or on-demand, for complete anti-malware protection. New! Quarantine and backup storage When a suspicious object is detected, the program places it in quarantine. If the product treats or deletes an infected file, a copy of the original is placed in backup storage. The file is backed-up in its original format together with all of its attributes. This means that regardless of the actions taken by the antivirus program, document workflows are not interrupted Flexible administration

Effective protection Server load balancing Uninterrupted server operation Regular database updates Exclusions of trusted processes of trusted processes from scanning High performance Server load balancing The program helps balance the use of server resources between the antivirus system and other applications according to task priorities. For example, antivirus scanning can be performed in background mode while server software is being updated, helping to reduce server downtime. Continuous server operation The server does not need to be rebooted when the antivirus program is installed or updated. This is an important issue for most corporate networks where rebooting the server is undesirable, or simply not an option. Continuous running of the server software ensures uninterrupted operation of your company’s business processes. Database updates Updating the antivirus databases can be carried out on-demand or automatically from Kaspersky Lab servers or your local servers. The program automatically selects the least loaded update server. Alternatively, updates can be downloaded from the Kaspersky Administration Kit server which means the update installs faster and reduces the volume of inbound traffic in cases when several Kaspersky Lab products are installed on the network. Exclusions of trusted processes This wide range of settings allows optimization of server loads and ensures flexible management of corporate network security. Flexible administration

Effective protection Centralized installation and administration Wide choice of management tools Easy installation Flexible scan settings Powerful reporting system Notifications about security events New! High performance New! Centralized installation and administration System Administrators can use the Kaspersky Administration Kit – a centralized management system – to configure and remotely manage the application on several servers at once. Wide choice of management tools Administrators can also choose the most convenient management tool for them from Kaspersky Web Management Console, Kaspersky Administration Kit or command-line management. Easy installation Installing the product only takes a few minutes and requires the installation of just one package. Flexible scan settings The application offers a wide range of settings, allowing administrators to: Adjust the level of antivirus protection Assign different settings to different users accessing protected objects on the file server Specify scanning exceptions Assign specific actions for suspicious or infected objects, including by threat type Launch scans according to the most convenient schedule This wide range of settings allows optimization of server loads and ensures flexible management of corporate network security. Reporting system Administrators can control the application using graphical reports via the web console in PDF or XLS format, or via the Kaspersky Administration Kit. Using the command line, they can view reports in HTML or CSV format for specific components. Notifications about security events The application comes with an extensive list of events which the administrator can be notified about by SMS, IM and SMTP, or via the Kaspersky Administration Kit. The application supports Simple Network Management Protocol (SNMP). Flexible administration

KAV 8.0 for Linux File Server vs. competitors
Features/ Competitors KAV for Linux File Server Symantec Endpoint Protection Trend Micro Server Protect for Linux McAfee VirusScan Enterprise Centralized management V V V V Novell OES 2 and NSS support V V V V Samba protection V X V V Free BSD support V X V V Web management console V V X X VMware Ready V

KAV for Novell NetWare: Features
Effective protection Real-time protection On-demand scanning Backup copies Quarantine for dangerous objects High performance Kaspersky Anti-Virus for Novell NetWare was expressly developed to provide antivirus protection for file servers running under the Novell NetWare operating system. Real-time protection. The application provides real-time protection from malicious programs, scanning files for viruses and treating or deleting infected objects as necessary. On demand scanning. Antivirus scanning of the server’s file system can be carried out on a schedule or on demand. Backup copies. Before objects are treated or deleted, backup copies can be saved, so that administrators can later use information from them for future investigation. Quarantine for dangerous objects. Any dangerous or potentially dangerous objects detected by the application can be stored in the quarantine folder. Flexible administration

Effective protection Multi-thread virus scanning Multi-processor support Load management High reliability High performance Multi-thread virus scanning. Multi-thread scanning helps increase overall performance, since it enables processing of requests from a number of workstations simultaneously. The speed and scope of scanning are only limited by the hardware capabilities of the server. Multi-processor support. In order to increase antivirus performance in a multi-processor environment, the application allows administrators to launch several antivirus engine processes simultaneously, taking advantage of distributed data processing. Load management. The application allows the administrator to control the program’s use of the server’s central processing unit, which directly affects program performance. High Reliability. The new generation solution for Kaspersky Anti-Virus for Novell NetWare launches the antivirus engine in a protected address space. Such an approach increases application reliability since application programs and the file server are not affected in the event of any malfunctions during file scanning. Flexible administration

Effective protection Centralized and remote administration via Console One or using Kaspersky Administration Kit Event notifications are available over the Novell NetWare network or via Detailed reports Regular database updates automatically or on demand High performance Centralized and remote administration. The application integrates seamlessly with the Novell Directory Service (NDS), which means that the program can be administered via ConsoleOne and the web management interface. This allows system administrators to remotely install and configure the basic settings for the application on several servers at once using Kaspersky Administration Kit. Event notifications. Administrators can receive notifications of results from antivirus scanning, as well as warnings when malicious objects are detected, over the Novell NetWare network or via . Event log. The application compiles detailed reports using the results from on demand antivirus scanning, real-time protection and antivirus database updates. Automatic database updates. Antivirus database updates can be made automatically (on schedule) or on demand. If there is an error in a file download, then the program automatically chooses an alternative Kaspersky Lab update server. Update management. Once antivirus database updates have been received, they can be distributed to other servers on the network. Backup copies of update files are created, so that the database can be rolled-back to a previous version (if, for example, data is damaged during download). Flexible administration

KAV for Windows Server: Features
Effective protection Real-time antivirus protection and on-demand scanning Quick scanning of critical system areas Prevention of malware epidemics Isolating infected computers System recovery after infection High performance Kaspersky Anti-Virus for Windows Servers protects data on servers running under Microsoft Windows from all types of malicious programs. Real-time antivirus protection and on-demand scanning: Kaspersky Anti-Virus for Windows Servers scans all files that are launched, opened and/or modified and disinfects or deletes all infected files. Furthermore, suspicious files or content is isolated in a quarantine area prior to undergoing further analysis. The application scans specified areas of the system according to a schedule or on demand. Quick scanning of critical system areas: The application can scan those areas of the operating system that are more susceptible to infection as a separate task. For example, scanning startup objects helps prevent malicious code from launching during system startup and detects hidden processes. Other areas that are deemed critical to server security can also be selected for scanning. Prevention of malware epidemics: The application records any malware attacks, which helps the system administrator to react promptly by launching a scan, updating the antivirus database or switching to an increased level of security. Isolating infected computers: If a workstation on the network becomes infected, the application blocks the user from accessing server resources for a certain amount of time. During this period, the administrator can identify the source of infection and treat it. System recovery after infection: After a malicious program is detected and deleted, Kaspersky Anti-Virus for Windows Servers also deletes all of the records created by the malicious program in system files or the system registry. This prevents any possible malfunctions in the operating system. Flexible administration

Effective protection Scalability Load balancing Selection of trusted processes Uninterrupted server operation High performance Scalability To ensure server requests are processed as quickly as possible, administrators can specify the number of antivirus threads on multiple-processor servers. Load balancing: The application allows administrators to regulate the allocation of server resoubrces between the antivirus solution and other applications depending upon task priority levels; antivirus scans can continue in the background mode. Selection of trusted processes: The system administrator can exclude safe processes from scans, especially if they are slowed down by antivirus scanning (e.g., backup copying, hard drive defragmentation, etc.). Uninterrupted server operation A server reboot is not required when antivirus protection is installed or updated. Flexible administration

Effective protection Centralized installation and control: Admin Kit; MMC; command line Information about server protection status via new dashboard Information about the application’s status Flexible time settings for scans Powerful reporting system Regular database updates High performance Centralized installation and control: Kaspersky Administration Kit – a centralized administration tool – can be used to install applications and change settings remotely for several servers at once and to control the application after installation. The application can also be managed via Microsoft Management Console or using the command line. Information about server protection status: A new dashboard display provides information about the application in real time. Information about the current status of antivirus protection allows IT specialists to react immediately to any incidents in the system. Information about the application’s status: The application comes with an extensive list of events which the administrator can be notified of using a messenger service or via , with support for the Simple Network Management Protocol (SNMP) and the Microsoft Operations Manager (MOM). Flexible time settings for scans: In order to optimize the use of server resources and maximize convenience for users, the system administrator can assign the exact time for an antivirus scan to begin and end, which means on-demand scans can be performed at times when corporate servers are not overloaded, e.g., at night or weekends. Reporting system: The system administrator can control the application using reports and by reviewing the Microsoft Windows or Kaspersky Administration Kit event logs. A search function and filters make it quick and easy to locate information in large logs. Database updates: Updating antivirus databases can be carried out on demand or automatically via Kaspersky Lab servers on the Internet or via local servers. The application automatically selects the least loaded update server. Flexible administration

Customer references – KS for File Server
University of New Brunswick Customer Profile The University of New Brunswick is the oldest English-language University in Canada. It has more than 11,400 students and more than 3,000 staff . “The automated deployment has worked very well, deploying remotely with a 99% success rate. We’re finding many different types of malware that our previous vendor missed.” Industry Higher Education Challenges Existing antivirus solution was not providing adequate protection and did not support a Novell NetWare environment. Results Better protection – improved detection rate Increased system performance Full support for all products in a heterogeneous environment Jeff Smith, Manager, Computing Experience Services

Mandarina Duck Customer Profile Mandarina Duck has a strong presence in major department stores and a network of distributors in the most important markets outside the EEC. “More than a month after the installation of the product we are perfectly satisfied with the solution in its entirety.” Industry Fashion Challenges It was essential for the company to obtain an antivirus solution compatible with the Citrix environment that is used in many of its offices. No. of users: 820 Clients and Servers Solution installed: Kaspersky Open Space Security — Business Space More than 200 Windows clients spread between the head office in Bologna, the subsidiaries in Paris and Barcelona and outlets in Europe. More than 20 servers, both physical and virtual, concentrated mainly at the head office in Bologna. The operating environment is mainly Windows with VMWare virtualization and extensive terminal services via Citrix XenApp. 20 company blackberry devices (fully synchronized with the internal Exchange mailserver) supplement the computer system. Results Installation at outlets with remote assistance Centralized installation on PCs and servers at head office and in subsidiaries Andrea Spadoni, IT manager

CEAL – Companhia Energétic de Alagoas Customer Profile CEAL is an electrical utility company serving the State of Alagoas, Brazil. CEAL has over workstations and 30 servers. “The main challenge for this project was to find an antivirus solution that not only offered the best possible protection for our many operating systems but also allowed remote operation in communication links of diverse capabilities.” Industry Utilities Challenges CEAL needed to find an antivirus solution that provided better protection from malware penetrating their network. Results Ease of deployment to remote locations Simplified management of all operating systems Greatly improved protection Carlos Eduardo Costa Lima Manager, IT

Security for Mail Server
Protects mail and groupware servers from malware and spam Microsoft Exchange Servers 2003, 2007, 2010 IBM Lotus Domino v. 6.5, 7.0, 8.0, 8.5 Linux-based mail servers: Sendmail, qmail, Postfix, Exim Kaspersky Security for Mail Server is a High Value solution from Kaspersky Lab that is easy to install and use. It effectively protects mail servers and groupware servers even from the latest malware programs and spam. The solution includes refreshed applications that ensure security of all popular mail servers, including Microsoft Exchange, Lotus Domino, Sendmail, qmail, Postfix and Exim. Kaspersky Security for Mail Server can also be used to set up a dedicated mail gateway and works perfectly even in complex, heterogeneous infrastructures.

Solution benefits Protects mail servers and collaboration platforms
Reduces traffic load Optimized usage of system resources Control with ease: simple, user-friendly management tools Stay up to date: frequent database updates Protects Mail Servers Kaspersky Security for Mail Server works to protect mail on the latest versions of major mail and collaboration platforms: Microsoft Exchange, IBM Lotus Domino and Linux-based mail servers. Ensures Stable Security Automatic restart in the event of a system shutdown ensures stable security while the diagnostics system determines the cause of the malfunction. Reduces Traffic Load Intelligent spam filtering significantly reduces traffic load in your organization. Optimize System Resources A new anti-virus engine, load balancing of server resources, optimized anti-virus scanning technology and excluding specified objects from scanning increase performance and reduce the resources needed to perform anti-virus scans. Control with Ease Simple, user-friendly management tools, information on mail protection status, plus flexible settings for scans and reporting give you efficient control of your mail and document security. Stay up to Date Frequent database updates mean proactive protection against the very latest malware and spam, while enhanced performance efficiency means you get the protection you need with less system resource. Ensure Efficiency Kaspersky Security for Mail Server’s reliability and high performance ensure uninterrupted operation and effective execution of your company’s business processes. Support for Virtualization VMware Ready certification ensures proven reliability for virtual environments. Ensures efficiency Support for virtualized network infrastructure

Applications inside KS for Mail Server
KS for Microsoft Exchange Servers v. 8.0 KAV for Lotus Notes v. 8.0 KAV for Linux Mail Server Kaspersky Mail Gateway Kaspersky Anti- Spam

KS 8.0 for Microsoft Exchange Servers: Protection diagram
DMZ Clusters Due to the fact that is one of the main channels through which malware and spam are distributed nowadays, it is essential that an effective mail server security solution is in place. The new Kaspersky Security 8.0 for Microsoft Exchange Servers ensures world-class anti-malware and anti-spam protection of your Microsoft Exchange mail servers thanks to the new, powerful antivirus engine, comprehensive antivirus scanning of messages and intelligent spam detection. As a result, not only your mail servers, but also your corporate network stays malware- and spam-free while maximizing business productivity. EDGE Transport Role This server role sits at the network perimeter or DMZ (Demilitarized Zone) and is responsible for all incoming and outgoing messages. The Edge Transport protects against virus and spam through a variety of filtering techniques, including connection filtering, content filtering, and recipient filtering. It also defends against Denial of Server and Direct Harvest Attacks. Edge Transport Rules Agent can also be applied for additional hygiene. These rules scan SMTP and MIME addresses, as well as key words located in the subject or body of an message. HUB Transport Role This server role is responsible for the transport of internal traffic flow throughout the messaging infrastructure. Incoming messages are passed from the Edge Transport server to the Hub Transport server, and then eventually to the mailboxes of end-users. Outgoing messages also flow through the Hub Transport server before reaching the Edge Transport server. Hub Transport Rules Agent can also be applied to enforce company policy and regulatory compliance. Client Access Role This server role enables end-users to connect to the Microsoft Exchange Server platform through either Post Office Protocol 3 (P0P3), Internet Message Access Protocol 4 (IMAP4), Secure Hypertext Transfer Protocol (HTTPS), Outlook Anywhere, Availability service, and Autodiscover service. The Client Access Server also hosts Web services. Mailbox Role This server sole contains Microsoft Exchange Server databases, and is home to end-users mailboxes and public folders. Unified Messaging Role This server role introduces integrated unified messaging (UM) capabilities to Microsoft Exchange Server 2007, combining voice mail, faxes, and into one inbox. Microsoft Exchange users can access their inbox outside of their office from another computer, or from a phone using Outlook Voice Access (OVA). Edge Role Hub Role Mailbox Role Supports all Microsoft Exchange roles

KS 8.0 for Microsoft Exchange Servers: Highlights
New spam recognition engine 4.0 New Anti-Virus Engine 8.0 Flexible settings taking into account business- specific processes Protection of Microsoft® Exchange server 2010, including DAG configuration Scanning of messages in multiple languages VMware Ready New! Powerful Antivirus Engine A new, powerful engine enables increased scanning speed with reduced system resource consumption. New! High Performance The engine ensures increased performance and stability with minimum memory requirements. New! Complete Protection The application offers complete protection of Microsoft Exchange Server 2010 and is compatible with DAG (Database Availability Group). New! Flexible Settings Kaspersky Security 8.0 for Microsoft Exchange Servers offers flexible, user-friendly settings to ensure spam and anti-malware protection that meets your business security goals. New! Multi-language Support The application carries out anti-spam scanning of messages written in different languages, including Asian language sets. New! VMware Ready The application protects mail traffic going through Microsoft Exchange Server whether installed on physical or guest virtual machines.

KS 8.0 for Microsoft Exchange Servers: Features
Anti-spam protection Intelligent spam recognition technologies Detecting spam in the form of images Using DNSBL lists and SURBL technology Message classification and rules White- and blacklists Malware protection Intelligent Spam Recognition Technologies The application scans all messages for spam based on formal attributes such as the sender’s and IP address, the size of message and message header. In addition, the content of messages and attachments is analyzed using intelligent technologies including unique graphical signatures which detect spam in the form of images. New! Additional Message Scanning For additional protection against spam, messages are scanned using DNSBL lists of spammers’ addresses and SURBL technology which detects spammer URLs in the message. New! Additional scan of messages. For additional protection against spam, messages are scanned using DNSBL lists of spammer addresses and SURBL technology, which detects spammer URLs in messages. Message Classification As administrator, you can configure separate processing rules for each category of unsolicited mail to prevent any loss of information. For instance, messages that are known to be spam can be blocked; suspicious mail can be directed straight to the Unwanted Mail folder; and formal messages such as message delivery and message read confirmations can go directly to the Inbox. New! White and Black Lists There is a facility for individual users to create their own trusted (white) and black lists by sender’s SMTP or IP address. A white list can also be created using the receiver’s SMTP address. Any message received from a white-listed sender is not scanned and is delivered straight to the recipient. However, if the address is black-listed the message it will be tagged with a special heading and processed according to the rules configured by you, the administrator. Flexible administration

Anti-spam protection Real-time scanning Public folders scanning On-demand and on-schedule background scanning Backup copying Flexible settings and scanning exclusions Malware protection Real-time Scanning The program detects and removes all types of viruses, worms, Trojans and other malicious objects from the stream of incoming and outgoing messages, including attachments in almost any format. It detects and removes not only known malware but also potentially dangerous programs. On-demand and On-schedule Background Scanning All folders and messages stored on the server are subject to background scanning to ensure that all objects are processed using the latest version of the antivirus databases. This has minimal impact on server load. Backup Copying Before deleting messages, the application makes backup copies so that it is possible to restore important information if attempts to treat an object result in failure or if a message was incorrectly categorized as spam. A wide range of search parameters make it easier for you to find objects in the backup storage area. Flexible administration

Anti-spam protection Customized configuration Configurable update modes Remote administration via MMC Detailed reports Notification system Malware protection Customized Configuration You can configure the application based on your company’s IT security policy and hardware capabilities. For example, you can exclude certain file types from scanning or configure the spam intensity level. You can also configure antivirus and anti-spam processing scenarios for different message categories, create white and blacklists by senders’ or receivers’ addresses, etc. Database Updates Updates to antivirus databases are available on demand or can be completed automatically according to a schedule. You can either download updates directly from the Kaspersky Lab website or from a local server. If required, you can update antivirus and spam recognition databases separately. Convenient Administration The administrative interface is based on the popular Microsoft Management Console with remote administration being an option. Detailed Reports You can monitor the operation of the application and the antivirus protection status using the detailed HTML reports or by viewing the Windows event log. You have complete control over the frequency with which reports are generated and the information to be included in them. All reports can be stored on the hard drive or sent via . Sophisticated Notification System As the administrator, you can receive notifications about any critical events in the application’s operation, either by or by viewing the Windows event log. Flexible administration

KAV 8.0 for Microsoft Exchange vs. competitors
Features/ Competitors Kaspersky Security 8.0 for Microsoft Exchange Symantec Mail Security for Microsoft Exchange 6.0 Trend Micro ScanMail for Exchange Server McAfee GroupShield for Exchange 2010 ESET NOD32 for Microsoft Exchange Server Antivirus V V V V V Anti-spam V V V V V Content filtering X V V V X DAG compatible V V V V V Reports V V V V X Support for MS Exchange 2010 V V V V V Support for Windows 2008 R2 V V V V V VMware Ready V V V V V

KS for Microsoft Exchange Servers v. 8.0 KAV for Lotus Notes v. 8.0 KAV for Linux Mail Server Kaspersky Mail Gateway Anti-Spam for Linux

KAV 8.0 for Lotus Domino: Protection diagram
Server clusters Replication Local NSF Bases Kaspersky Anti-Virus 8 for Lotus Domino provides effective antimalware protection for Domino servers used in large-scale corporate networks with complex topology and heavy loads. Groupware servers such as Lotus Domino are designed to perform tasks on different levels – from the exchange of messages to hosting an organization’s entire workflow system. Malicious programs penetrating a network via can lead to the loss of business-critical data. Kaspersky Anti-Virus 8.0 for Lotus Domino scans messages and documents on Domino servers, safeguarding a company’s workflow from potential IT threats. Provides effective anti-malware protection for Lotus Domino servers used in large-scale corporate networks with complex topology and heavy loads

KAV 8.0 for Lotus Domino: Highlights
Anti-Virus Engine 8.0 Centralized management of server clusters Support for IBM Lotus Domino 8.5 Support for Linux VMware Ready Anti-Virus Engine 8.0 Ensures stable, high performance with low impact on system resources. Centralized management of server clusters The application allows different configuration profiles to be created and applied to all servers, without duplicating the settings on every server. Support for IBM Lotus Domino 8.5 The application supports the most up-to-date versions of Lotus Domino. Support for Linux The application supports Red Hat 4, 5 and SLES 9, 10 SP2, 11. Administrator role separation The application is now capable of assigning different duties to the various administrators responsible for the operation of servers, making it possible to enforce internal IT security policies. VMware Ready The application protects s and documents on IBM Lotus Domino servers installed on real and virtual (guest) operating systems.

KAV 8.0 for Lotus Domino: Features
Effective protection Real-time scanning Scanning of databases, other objects and traffic during replication Protection against malware outbreaks Backup Flexible settings and scanning exclusions High performance Real-time scanning. The application scans messages, attachments (including packed and archived attachments) and OLE objects for viruses and other types of malware. All documents stored in the database can be scanned on demand by the administrator. Scanning of databases, other objects and traffic during replication. The application performs antivirus scanning of messages and all other Lotus Domino objects: databases and OLE objects, as well as traffic sent between Lotus Domino servers during the replication process, ensuring a company’s entire workflow system based on Lotus Domino can be protected by the application. Protection against malware outbreaks. If the application detects several events of the same type during a defined time period – e.g. one and the same virus has been detected several times – the administrator is notified about the potential threat of a malware outbreak and can stop the sending and receiving of messages. Backup. The application saves copies of infected, damaged and suspicious objects to backup storage, allowing important information to be restored in the event of an object becoming corrupted. A wide choice of search parameters is offered to make searching for an object in backup storage more convenient. Flexible settings and scanning exclusions. The application can set scanning exclusions according to file type or the size of the scanned object and it is also possible to disable scanning of attachments and OLE objects. The administrator can define rules for the processing of attached files, e.g. only scanning attachments for malicious objects if they are not excluded on the basis of size or type. Flexible administration

Effective protection Automatic scalability Flexible architecture Cross-platform support (Windows and Linux) Optimized use of system resources New! New! High performance New! Automatic scalability. The application automatically modifies the number of scanning threads depending on the volume of traffic. The maximum number of threads is set by the administrator of the server. Flexible architecture. The application’s distributed architecture enables existing profiles to be easily transferred to new servers or network nodes if the number of servers changes. Cross-platform support. On a multiplatform network (e.g. Windows and Linux), the application protects all mail servers equally and they work as a single system, regardless of the operating system installed on them. Optimized use of system resources. The application scans objects in the server’s operating memory without saving them to the hard disk. This allows the application to work faster and reduce server loads. Flexible administration

Effective protection Distributed management of protection parameters Replication of application statistics Easy-to-use installation and management tools Message tagging Detailed reports Regular database updates New! New! High performance New! Distributed management of protection parameters. The application supports the distributed storage of settings on all protected servers. This allows application settings to be saved in the event of the failure of one or more servers. Replication of application statistics. The application supports the distributed logging of events and the storage of statistics on all protected servers. Easy-to-use installation and management tools. Application installation and management can be performed via a web interface or via the standard Lotus Notes interface. A full web interface enables the administrator to remotely install and manage the application from the most popular web browsers. Message tagging. A note saying that a message has been scanned and verified virus-free can be added to outgoing messages, which enhances trust. Detailed reports. The administrator can monitor the operation of the application and the antivirus protection status with the help of comprehensive reports, or by viewing the event log via the application’s interface. The frequency with which reports are generated as well as their content can be defined by the administrator. Database updates. Database updates can be received from Kaspersky Lab servers on request, automatically according to a preset schedule or from a local public shared folder. The optimized updating procedure saves time for the administrator and reduces the amount of traffic required for updates. Flexible administration

KAV 8.0 for Lotus Domino vs. competitors
Features/ Competitors KAV 8.0 for Lotus/Domino Symantec Mail Security for Domino Trend Micro ScanMail for Domino McAfee GroupShield for Domino Antivirus V V V V Anti-spam X V V V Content filtering X V V V Web interface V X X V Reports V V V V Support for IBM Lotus Domino 8.5.x V V V V Support for Linux V V V V VMware Ready V X V V

KAV for Linux Mail Server: Features
Provides effective antivirus protection for corporate mail traffic and supports the most widely-used solutions Antivirus real-time SMTP traffic scanning Customizable notifications Quarantine and backup copies File server scanning Additional message filtering by attachment type and by user group Flexible management and remote administration Antivirus scanning. All elements of messages are scanned for malicious code. The application scans for and removes all types of viruses, Trojans, spyware, malicious and potentially hostile programs from incoming and outgoing mail messages and attachments in most formats. Customizable notifications. When a suspicious or infected object is detected, the system administrator, sender and recipient of the message receive a message, the contents and format of which are defined by the system administrator. System messages can be sent in any language. Quarantine. Infected, suspicious and damaged objects detected in a server’s file system or in traffic can be moved to the quarantine folder, where they will be disinfected, deleted or stored according to pre-defined settings. Backup copies. Backup storage can be created to store copies of infected objects before they are treated, making it possible to restore if necessary. File server scanning. In addition to scanning mail traffic, Kaspersky Anti-Virus for Linux Mail Servers offers on demand scanning of the server’s file systems. The scanning is performed with the help of iChecker, a check-summing technology which significantly reduces the amount of time required for additional scans of each object. Additional message filtering By attachment type. The application can be configured to filter mail traffic by attachment name and file type and to apply specified processing rules for each category. By user group. Administrators can create user groups, assign individual message processing rules to each group and define user privileges for each group. Remote administration. Kaspersky Anti-Virus for Linux Mail Server can be configured either traditionally, via the application’s configuration file, or using the Web interface. Configuration of updates. Antivirus databases can be updated from Kaspersky Lab’s servers via the Internet or from local update servers on demand or on schedule. Administrators can choose the type of antivirus databases to be used: standard (detection of true malware only) or extended (databases used to detect potentially hostile software – spyware, adware and more). Kaspersky Lab antivirus databases are updated hourly.

Kaspersky Mail Gateway: Features
Provides full-scale protection for mail systems against viruses and spam Can be used as standalone MTA in Linux systems Antivirus scanning Spam filtering Quarantine Detailed reports and notification system Message filtering by attachment type and user group Protection against unauthorized access of the server Flexible management Kaspersky Mail Gateway is a versatile solution that provides full-scale protection for mail system users against viruses and unsolicited s (e.g., spam). Kaspersky Mail Gateway can be installed on a separate server and does not require integration into the existing mail system. The solution significantly increases the level of protection against today’s computer threats, making it possible to combine different vendors’ antivirus solutions on the same network. Because it is designed to operate autonomously, the application fits neatly into any environment and combines easily with other vendors’ programs installed on other network nodes. Its installation and configuration do not require extensive experience with Linux systems. Antivirus scanning. The program scans for and removes all types of viruses, and malicious and potentially hostile programs in all elements of incoming and outgoing messages, including attachments. Spam filtering. The application scans mail traffic for spam based on formal attributes and analysis of message contents and their attachments using intelligent technologies, including special graphical signatures for detecting spam in the form of images. User notification. If a suspicious or infected object is detected, the system administrator, sender and recipient of the message receive a notice, the contents and format of which are defined by the system’s administrator. If a message is categorized as spam, it can be blocked, sent to a quarantine folder or delivered to the recipient with a special tag in the subject field. Quarantine. Infected and suspicious objects and messages identified as spam can be moved to a quarantine folder, where the administrator can view or delete them, or forward them to the end user. Additional message filtering By attachment type. The application can be configured to filter mail traffic by attachment name and file type, helping to immediately identify objects that are likely to contain viruses. By user group. The administrator can define separate message processing rules for each group of mail system users by defining limitations in accordance with the security policy and employee needs. Protection of the server against unauthorized access The application can be configured to prevent DoS attacks and third party attempts to use the server for launching unauthorized mass mailings. In some cases, this helps reduce the server load and increase the processing speed of mail traffic. Flexible management and administration: Remote administration. Kaspersky Mail Gateway can be managed remotely using a web interface, as well as traditionally, using the configuration file. Configuration and optimization of the application. Depending upon mail traffic volume and the stringency of the company’s security policy, the administrator can change the application’s operating parameters, from maximum system performance to maximum user protection. The administrator can also configure various timeouts for sending and/or receiving messages, manage the application’s queue and limit the number of objects that can be scanned simultaneously in the background mode. Configuration of updates. The antivirus database can be updated on demand or automatically according to a predefined schedule from Kaspersky Lab servers on the Internet or from local servers specified by the system administrator. Some modules of the antivirus engine and the linguistic analyzer can be updated, as well. Graphical reports. The program includes the capability of viewing virus activity for a given period of time in graphical form. Information regarding the types of viruses detected during antivirus scans can also be viewed. In addition, the administrator can receive detailed information on the program’s status and operation by using a broad range of reports with the desired level of detail.

Anti-Spam for Linux: Features
Provides thorough and accurate protection from spam for users of corporate Linux-based mail systems and public services List-based filtration SPF and SURBL technologies Analysis of formal attributes and signature analysis Linguistic heuristics Graphical spam detection Real-time UDS requests Options for processing spam Flexible management Management of user groups List-based filtration. Sender IP addresses are checked against blacklists of spammers, which are maintained by Internet service providers and public organizations (DNS-based Blackhole Lists). System administrators can add addresses of trusted correspondents to a safe list, ensuring that their messages are always delivered without undergoing filtration. SPF and SURBL technologies. The filtration process also involves verifying senders using the Sender Policy Framework. Detection of spammer IP addresses using DNSBL is supplemented by SURBL technology (Spam URI Real-time Block List), which can identify spam URLs in the message body. Analysis of formal attributes. The program recognizes spam by such typical characteristics as distorted sender addresses or the absence of the sender’s IP address in DNS, an excessive number of intended recipients or hidden addresses. The size and format of messages are also taken into consideration. Signature analysis. Lexical signature databases are updated around the clock. Using spam signatures, the program can even recognize modified versions of spam messages that have been altered to evade spam filters. Linguistic heuristics. The program scans messages for words and phrases that are typical of spam messages. Both the content of the message itself and any attachments are analyzed. Graphic spam. A database of signatures for graphic spam equips the program to block messages containing spam images, a type of spam that has become increasingly common in recent years. Real-time UDS requests. The Urgent Detection System is updated with information on spam messages literally seconds after they first appear on the Internet. Messages that could not be assigned a definitive status (e.g., spam, no-spam) can be scanned using UDS. Flexible management. Our web interface allows system administrators to manage the application both locally and remotely. The filtration level is easily configurable, as are blacklists and safe lists. It is also possible to disable/enable individual filtration rules and automatically block mail encoded in Asian language sets. Management of user groups. The administrator can create user groups either using lists of addresses or domain masks (for example, and apply individual settings and filtration rules to each group. Options for processing spam. The program can be configured to process spam by either automatically deleting it, redirecting it to the quarantine folder with a note to the user or sent for further filtration to the mail client. Detailed reports. Administrators can easily monitor the application, the protection status and license status, using HTML reports or alternatively, by viewing log files. Data can be exported in CSV and Excel formats. Updating databases on schedule. Updates to antivirus databases can be downloaded on a schedule set by the administrator (by default they update every 20 mins). When undecided about the status of a suspicious message, the program also makes requests to the UDS server.

Customer references – KS for Mail Server
MTS, Russia Customer Profile Mobile TeleSystems (MTS) is the leading telecommunications group in Russia, Eastern Europe and Central Asia with million mobile subscribers “The Mobile service allows MTS subscribers to easily access their from any mobile phone model. It’s very important for us to protect our users from spam and malware. Kaspersky Lab’s solution provides reliable protection of MTS subscribers and meets all our needs.” Industry Telecommunications Challenges To protect Mobile users from spam and malware without slowing the traffic rate. Kaspersky Security for Mail Server, Russian Edition Kaspersky Anti-Spam for Linux, Russian Edition Results Currently, Kaspersky Lab solutions for mail servers protect over subscribers of Mobile . The anti-spam and anti-malware protection levels meet all MTS’s requirements Pavel Roitberg Product Director, MTS

Fashion company s.Oliver Customer Profile Global fashion company with more than 5,500 employees; s.Oliver products can be found in more than 30 countries “Immediately after the Kaspersky software was implemented, its operation was secure and stable, which, in addition to the simplified administration, is one of the reasons we are very pleased with the solution from Kaspersky Lab.” Industry Fashion Challenges Company needed protection for its complex heterogeneous network - distributed in 30 countries - against spam and malware Kaspersky Security for Mail Server – which currently has 3,000 licenses in use Results Solution provides optimum security for Linux mail servers Solution minimizes the amount of spam The company has been spared financial losses caused by viruses, worms etc. Michael Muthig, Head of IT Services

ABBA Hotels Customer Profile ABBA Hotels is a Spanish urban hotel chain. It now has 24 centers in some of Europe’s best-known cities “Virus and malware incidents have fallen from 40% to barely 5%, and as a result, our technicians have been able to dedicate their time to other matters. There has therefore been a reduction in support costs, in addition to a very significant improvement in the protection of our systems.” Industry Hotels & Restaurants Challenges Every day, hundreds of people connect to their corporate networks from the hotels and many of them are using their own computers and flash drives that might contain malware. Kaspersky Enterprise Space Security Results Substantial improvement in the detection of malware Virus and malware incidents have fallen from 40% to barely 5% Reduction in support costs José MaríaSerra, Systems Director of ABBA Hotels

Rome Biomedical Campus University Customer Profile The Rome Biomedical Campus University promotes integrated structures for teaching, research and healthcare. There are approximately 1,000 clients and 50 servers. “The protection of data and communications is an essential condition for enabling new generation services in critical environments like the hospital and Kaspersky helps us remain protected.” Industry Educational Challenges Considering the extensive computerization, all aspects linked with security have a fundamental role in ensuring that the Campus can count on a reliable and robust infrastructure No. of users: 1,000 employees Solution installed: Kaspersky® Enterprise Space Security Results Kaspersky’s solution provides: product reliability, correct removal of threats, flexible management and an efficient support service Marco Venditti, manager of the ICT infrastructures department

Security for Internet Gateway
HTTP(S), FTP, SMTP, POP3 Secure Internet access for all employees in an organization is one of the central pillars of any business security strategy. Kaspersky Security for Internet Gateway is a world-class anti-malware solution that ensures secure Internet access for a company’s entire workforce, automatically deleting malicious and potentially dangerous programs from data traffic entering the local network via HTTP, HTTPS, FTP, POP3 and SMTP protocols. Kaspersky Security for Internet Gateway helps to reduce the costs associated with web threats by preserving valuable network bandwidth and ensuring malware threats do not interrupt business operations. Optimized scanning technology, high performance and support for the latest platforms make Kaspersky Security for Internet Gateway a High Value solution for medium and large organizations handling considerable network traffic volumes. Protected points Microsoft Forefront TMG Microsoft ISA Servers Proxy Servers: Squid

Products benefits High performance and reliability
Real-time protection Multi-platform support Support for Microsoft Forefront TMG Powerful manageability and reporting system High Performance and Reliability. A new, powerful antivirus engine plus optimized, intelligent scanning technology and load balancing increase performance and reduce the resources needed for virus scanning. Real-Time Protection Frequent database updates provide always-on, proactive protection against the latest known and potential threats. Multi-Platform Support Kaspersky Security for Internet Gateway supports most popular gateways based on the Windows and Linux platforms. Support for Microsoft Forefront TMG Kaspersky Security for Internet Gateways supports Microsoft Forefront TMG, a new product which replaces Microsoft ISA Server, providing effective anti-malware protection for corporate networks. Powerful Manageability and Reporting System Simple, user-friendly management tools, protection status information, flexible scanning settings and reporting systems ensure efficient security control. Versatility In addition to providing web protection, the solution can be used to protect corporate mail (for Microsoft ISA/TMG). Support for Virtualized Network Infrastructure Kaspersky Security for Internet Gateway is VMware Ready certified, and offers proven reliability for virtual environments. Versatility Support for virtualized network infrastructure

Applications inside KS for Internet Gateway
v. 8.0 KAV for Microsoft ISA Server and Forefront TMG SE KAV for Microsoft ISA Server EE KAV for Proxy Server

KAV 8.0 for Microsoft ISA Server and Forefront TMG Standard Edition
DMZ HTTP(S), FTP, SMTP, POP3 Published servers Mobile users Kaspersky Anti-Virus for Microsoft ISA Server and Forefront TMG Standard Edition is designed to provide secure Internet access to a company’s entire workforce, automatically deleting malicious and potentially dangerous programs from data traffic entering the local network via the HTTP, HTTPS, FTP, POP3 and SMTP protocols. Scanning of HTTP(S), FTP, SMTP and POP3 traffic

KAV 8.0 for Microsoft ISA Server and Forefront TMG Standard Edition: Highlights
Anti-Virus Engine 8.0 – ensures stable, high performance with low impact on system resources Support for Microsoft Forefront TMG Standard Edition 2010 Mail traffic protection Integrated information panel: real-time monitoring of the antivirus protection status VMware Ready New! Anti-Virus Engine 8.0 Ensures stable, high performance with low impact on system resources. New! Support for Microsoft Forefront TMG Standard Edition 2010 The application supports the new Microsoft product superseding Microsoft ISA Server. New! Mail Traffic Protection Kaspersky Anti-Virus for Microsoft ISA Server and Forefront TMG Standard Edition scans mail traffic transferred via SMTP and POP3. New! Real-Time Monitoring of Antivirus Protection Status The application features an integrated information panel to display real-time statistics about the antivirus status of Microsoft ISA/TMG servers, including information about database updates. New! VMware Ready The application protects data transferred via Microsoft ISA/TMG servers installed both on physical and virtual (guest) machines.

Flexible administration
KAV 8.0 for Microsoft ISA Server and Forefront TMG Standard Edition: Features Effective protection High performance real-time scanning, including archived files Scanning of outgoing traffic Scanning of HTTP(S), FTP, SMTP and POP3 traffic from published servers Support for HTTPS (Forefront TMG only) Support for VPN connections Backup New! High performance New! Real-Time Scanning The application detects and removes all types of malware from data passing through Microsoft ISA Server and Forefront TMG. Also scans archived and packed files of almost any format. Scanning of Outgoing Traffic The application scans traffic travelling in both directions helping to safeguard a company’s reputation by ensuring that not only incoming but also outgoing traffic is free of malicious objects. New! Scanning of HTTP(S), FTP, SMTP and POP3 Traffic to Published Servers The application scans traffic entering published servers, such as when a web interface is used to access corporate mail. New! Support for HTTPS (Forefront TMG only) The application scans data transferred via HTTPS, allowing control of protected connections. New! Support for VPN connections The application monitors traffic passing through VPN connections established using Microsoft ISA Server or Forefront TMG. New! Backup The application saves copies of infected, damaged and suspicious objects to backup storage, making it possible to restore an object if it has been erroneously tagged as suspicious. This is useful for data transmitted via HTTP/FTP and objects sent via SMTP. A wide range of search parameters makes searching for an object in the backup storage more convenient. New! Flexible administration New!

KAV 8.0 for Microsoft ISA Server and Forefront TMG Standard Edition: Features Effective protection Automatic scalability High performance thanks to Optimized architecture New Anti-Virus Engine 8.0 Special mode for big-size files High performance Scalability It is possible to launch several antivirus engines simultaneously, allowing for enhanced scanning performance and optimised server load depending on configuration and traffic volume. The number of antivirus engines is determined automatically when the application is installed and can be modified by administrators. High Performance Optimized architecture, a new antivirus engine and a special mode for big-size files means traffic can be scanned extremely rapidly, without noticeably delaying the delivery of information to the end user. Flexible administration

KAV 8.0 for Microsoft ISA Server and Forefront TMG Standard Edition: Features Effective protection Management via MMC Flexible policy management Detailed reports, statistics and notifications Control over performance Regular database updates New! High performance Management via MMC This administration console allows local or remote management of the application. The console has an easy-to-use intuitive graphical interface. New! Flexible Policy Management The application offers advanced capabilities for configuring and managing traffic processing policies during scanning. Using the policy management tools, administrators can configure different data scanning rules for different servers, computers, IP address ranges, domain names and subnets. Administrators can also create lists of trusted sites and configure other exemptions to tailor the application’s performance to specific business needs and to comply with a specific corporate security policy. Detailed Reports and Notifications Administrators can control application performance and the antivirus protection status of Microsoft ISA Server and Forefront TMG using detailed reports or looking through the event log. Standard ISA alerts are used for notification of important events. Administrators can select the type of notification from the standard options available in Windows and decide how often and for what period of time the reports are generated. Control over Performance Administrators can measure the application’s performance and its compatibility with other server software using the standard Windows (Performance Monitor) tools to which the application’s own counters are added. Database Updates Databases can be updated either on demand or automatically from Kaspersky Lab servers over the Internet or from the customer’s own preset local servers. The optimised update process saves administration time and minimises external traffic. Flexible administration

KAV 8.0 for ISA/TMG SE vs. competitors
Features/ Competitors KAV 8.0 for ISA /TMG Trend Micro InterScan Web Protect for ISA Microsoft Forefront TMG Scanning of HTTP V V V Scanning of FTP V V V Scanning of SMTP V X V Scanning of POP3 V X V Scanning of HTTPS V X V TMG support V X V Backup copies V X X Reports V V V

KAV for Microsoft ISA Server Enterprise Edition: Features
Corporate network, Branch I Corporate network, HQ Configuration Server To see features click in the right corner in the bottom Microsoft ISA Server Array Microsoft ISA Server Array Provides effective server array protection Features >>

KAV for Microsoft ISA Server Enterprise Edition: Features
Provides comprehensive scanning of data entering the local area network from the Internet via HTTP and FTP protocols Protection of server arrays Optimized performance: Automatic scalability Selection of objects to be scanned and trusted servers Configuration of group rules Centralized administration

KAV for Proxy Server: Features
Protects all HTTP and FTP Internet traffic that passes though the proxy server High reliability Real-time scanning of Internet traffic Choice of filtration parameters Detection of potentially harmful programs Remote administration via web interface Flexible scan settings and group security policies Configurable update modes Detailed reports and notification system Kaspersky Anti-Virus for Proxy Server protects all HTTP and FTP Internet traffic that passes though the proxy server. The application provides security for users when working online and deletes malicious programs and worms that spread via instant messaging programs. Real-time scanning of Internet traffic. The program detects and deletes all types of viruses, worms, Trojans and other malicious programs in traffic that passes through most types of proxy servers. Choice of filtration parameters. The program includes a wide choice of filtration parameters (IP and URL addresses, MIME types and file size), which can be used to create individual scanning rules for different user groups. Scanning of archived files. Kaspersky Anti-Virus provides the highest quality detection and treatment of viruses in any type of file or attachment. The program supports more than 70 formats for archivers (over 420 versions) and more than 260 types of compressed file formats (over 1,330 versions). Detection of potentially harmful programs. Using the extended protection option, the application can detect and delete not only known malicious programs, but also potentially harmful programs (such as spyware). Remote administration. The application can be administered remotely via the web interface or via a single configuration file. Group security policies. The administrator can set individual traffic filtration rules for each user group, which defines permission rules in line with the corporate security policy and employee requirements. User notifications. The program automatically blocks any infected objects and sends the user a notification in the form of an HTML page. The system administrator can configure the content, format and language of notifications. Reports and statistics. The application can compile statistical reports to help administrators track virus activity and monitor the application’s performance. Configurable update modes. Updates to antivirus databases and program modules are available on demand, automatically or on schedule. They can be downloaded directly from Kaspersky Lab servers via the Internet or from a local corporate server. High reliability. Protection from memory leaks, hardware conflicts, input/output errors and critical system conflicts ensures fast and stable application performance.

KAV for Proxy Server HTTP, FTP Installation Scenarios
Plug-in Installation Scenarios As a standalone solution With proxy servers: Squid

KAV for Proxy Server vs. competitors
Features/ Competitors KAV for Proxy Server Trend Micro InterScan Web Security Suite Websense Web Security Gateway Scanning of HTTP V V V Scanning of FTP V V V Reports and statistics V V V Policies V X V Web console V V V

Customer references – KS for Internet Gateway
Pakistan International Airlines Customer Profile PIA is the flag carrier airline of Pakistan. It is the 31st largest airline in Asia, operating to 23 domestic destinations and 36 international destinations in 25 countries “We can say that a high level of protection has been achieved through the Kaspersky Lab solution for our servers and workstations. It meets requirements at the corporate level and the experience is good!” Industry Transport Challenges The company required a centralized anti-malware solution that would ensure a high level of security. Number of nodes : 3100 Number of Servers: 100 Number of Internet Users: 3200 Platforms: Microsoft XP, Microsoft Server 2003/2008, ISA Server Number of months the solution has run internally: 24 months Results PIA has achieved smooth access to the network for devices and other shared resources malware-free and all machines are protected from external attacks Syed Ahmed Faraz, IT Manager

The University of Chile Customer Profile University of Chile is one of most prestigious universities in Latin America with more than 25,000 undergraduate students “ The Kaspersky Lab solution was chosen for its optimal price-quality ratio, comprehensive protection and excellent after-sale services. The Kaspersky Lab support team efficiently installed and configured the system and has continued to provide us with a high standard of support.” Industry Education Challenges An antivirus system for the largest university in Chile, which can protect the entire campus network and all related organizations. Results Protection of the university network which has thousands of workstations, as well as servers, gateways and firewalls, which all use a variety of systems and platforms. Lugarda Andrade, IT Coordinator

Liverpool City Council Customer Profile Liverpool City is one of the fastest growing local government regions in New South Wales, Australia. Liverpool’s population in 2006 stood at 164,603. “The solution protects the council’s network from viruses and other threats. This leading-edge technology ensures that our organization is at the forefront in terms of securing our network and providing the best service for our community.” Industry Government Challenges The main challenge of such a widely-dispersed network was to create a common protection system that could be centrally managed while maintaining integrity across the entire system. Kaspersky Total Space Security Results The solution’s network port scan enabled the council to detect HTTP and other port-based threats and eliminate them completely. Due to its small use of resources, the solution did not affect the overall performance of the network’s servers Phil Tolhurst, General Manager

Contacts James Bond, product manager Contact me: +7 (499)

Web, Messaging & Infrastructure protection

Similar presentations

Presentation on theme: "Web, Messaging & Infrastructure protection"— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

Web, Messaging & Infrastructure protection

Similar presentations

Presentation on theme: "Web, Messaging & Infrastructure protection"— Presentation transcript:

Similar presentations

About project

Feedback