Brochure
GFI MailSecurity brochure (PDF - 120Kb)
MailSecurity for
Exchange 2000 White papers
Why
you need GFI MailSecurity
GFI
MailSecurity's deployment strategies: Which operating mode(s) to use
in your network environment
One
virus engine is not enough: The case for maximizing network
protection with multiple anti-virus scanners
Why
you need an email exploit detection engine: Companies must
supplement anti-virus protection for maximum security
Protecting your network against email threats: How to block email
viruses and attacks
Why anti-virus
software is not enough: The urgent need for server-based email
content checking
Email
security
MailSecurity Reviews
Protects against email viruses, exploits &
threats
The need to monitor email messages for dangerous, offensive or
confidential content has never been more evident. The most deadly
viruses, able to cripple your email system and corporate network in
minutes, are being distributed worldwide via email in a matter of
hours (for example, the Love Letter virus). Products that only
perform anti-virus scanning do not provide sufficient protection.
Worse still, email is likely to become the means for installing
backdoors (Trojans) and other harmful programs to help potential
intruders break into your network. Products restricted to anti-virus
alone will never protect against this.
Your only defense is to install a comprehensive
email content checking and anti-virus solution to safeguard your
mail server & network. MailSecurity acts as an Email Firewall and
protects you from email viruses, exploits and threats, as well as
email attacks targeted at your organization.
MailSecurity is available as an SMTP gateway version
and for VS API. The gateway version should be deployed at the
perimeter of the network as a mail relay server and scans inbound
and outbound mail. The VS API version integrates seamlessly with
Exchange Server 2000/2003 and scans the Exchange 2000/2003 information stores.
Both versions can be deployed simultaneously to achieve optimum
protection.
Why MailSecurity above other anti-virus products?
Because MailSecurity alone gives you these essential email security
features:
-
multiple virus engines - for virus engine
independence and better security
-
email content & attachment checking - to
quarantine dangerous emails
-
exploit shield - for email intrusion detection &
defense
-
email threats engine - to analyses & defuses HTML
scripts, .exe files & more
-
best of breed Exchange message scanning technology
MailSecurity for Exchange 2000/2003
Features
Email content checking/filtering
MailSecurity's key feature is the ability to content check email. It
can quarantine mail with dangerous attachments, such as *.exe, *.vbs
and other files. Such attachments are highly likely to carry a
virus, worm or email attack. It is therefore best to quarantine and
check these files before they are distributed to the email users.
When an email is quarantined, it can be reviewed by the
administrator for approval or rejection.
Products that only offer anti-virus scanning will
not protect against undiscovered viruses or email exploits and
attacks designed to break into your network.
In addition to harmful attachments, MailSecurity can
check for script code in the message body itself, as well as
scanning for offensive content (for which a company could be sued)
and information leaks (distribution of confidential information by
users).
You can also choose to delete attachments like *.mp3
or *.mpg files, as these hog bandwidth and can needlessly burden a
mail server's disk space.
View screen
shot of attachment checking rule options
Virus checking with multiple virus scanning engines
A key feature of MailSecurity is that it is virus engine
independent. GFI's 'best of breed' Exchange message scanning
technology can be combined with one or more 'best of breed'
anti-virus engines to protect your company from virus threats.
Running multiple virus engines gives you much greater security.
Because each anti-virus engine has its strengths and weaknesses,
multiple virus engines complement each other to provide higher
levels of security. Note: In some countries and industries, it will
become a legal requirement to scan your mail with multiple virus
scanners!
|
Norman Virus Control & BitDefender
virus engines are included
MailSecurity comes bundled with Norman Virus Control 5 &
BitDefender. Norman Virus Control 5 is the industrial strength
virus engine that has received the 100% Virus Bulletin award 16
times running. It also has ICSA and Checkmark certification.
BitDefender is a very fast and flexible virus engine that excels
in the number of formats it recognizes and can scan. BitDefender
is ICSA certified. MailSecurity automatically checks and updates
the Norman Virus Control & BitDefender definition files as they
become available. Included in the price of MailSecurity are
updates for 1 year. |
|
McAfee virus engine optional
To achieve even greater security, it is possible to add the renowned
McAfee virus engine as a third anti-virus engine or as a replacement
of one of the other engines. The McAfee virus engine is particularly
strong at finding non-virus malware such as rogue ActiveX controls.
Adding the McAfee engine costs approximately 20% of the MailSecurity
price.
Seamless integration with Exchange Server 2000/2003 through VS API
MailSecurity for Exchange 2000 uses the new Virus Scanning API (VS
API) of Exchange 2000/2003. This API is implemented at very low-level in
the Exchange store. This allows MailSecurity to run with high
performance and guarantees that each message is scanned before any
client can access a message or attachment. MailSecurity can
therefore also scan internal mail, as well as inbound and outbound
mail. MailSecurity supports:
-
Native MIME/MAPI content scanning
-
Proactive & enhanced background scanning
-
Priority-based queuing & multithreaded queue
processing
-
Per-messaging database configuration options
-
Event logging & performance monitor counters
Microsoft strongly encourages the development and
adoption of Exchange VS API-based content security solutions. In
fact, Microsoft does not support any solutions not using VS API,
meaning Microsoft Support might ask you to de-install content
security solutions not based on VS API.
More information on VS API
Email exploit detection engine
GFI's leading research on email exploits has contributed to the
creation of MailSecurity's email exploit detection engine. This
industry-first detects emails that contain known email exploits -
think of it as "email intrusion detection". It therefore safeguards
you from any current or future email viruses and attacks that use
known exploits. MailSecurity is the ONLY email security product to
protect against email exploits.
Automatic removal of HTML scripts
The advent of HTML email has made it possible for hackers/virus
writers to trigger commands by embedding them in HTML mail.
MailSecurity detects and disables these commands before sending the
'cleaned' HTML mail to the recipient. MailSecurity is the only
product to protect you from potentially malicious HTML email, not
only safeguarding you from HTML viruses but also from attacks
directed at your network via HTML email.
Automatic quarantining of Microsoft Word
documents with macros
MailSecurity protects you from present and future Word and Excel
macro viruses by automatically quarantining documents with macros.
This means you can safely allow Word and Excel files to be sent via
email, because MailSecurity will quarantine them if they are
potentially malicious.
Detects attachment extension hiding
Email attachments with scripts (for example *.vbs) can be disguised
as *.txt files by using the CLSID of the extension instead of the
actual file extension. MailSecurity detects this and quarantines
script or executable files, even if they are disguised as *.txt
files, for example.
Rules-based configuration
MailSecurity's MMC based configuration allows you to create multiple
content checking and attachment checking rules, so that you have
total flexibility in the way you wish to content check mails.
Apply rules to AD users or groups
Rules can be applied to specific users or groups, allowing you to
create a company-wide email security policy based on the needs of
specific departments or users. Because MailSecurity supports Active
Directory, there is no additional administration burden.
Approve/Reject quarantined mail using the
moderator client/email client/public folders
You can approve/reject quarantined email using either the moderator
client or an email client. The second method allows you to
distribute the moderating task across multiple administrators,
either by defining different administrators for different groups of
users, or by using a public folder and granting multiple
administrators access to this folder. View screenshot of
approving
mail via an e-mail client and
approving mail
via the moderator.
Lexical analysis
MailSecurity's content checking module supports lexical scanning of
mails, by allowing you to specify Boolean combinations of words
using AND or OR as operands.
Great value
MailSecurity is the most cost-effective content checking &
anti-virus product available for Exchange 2000. The standard license
includes a full year of anti-virus updates, as well as 3 months of
free, unlimited support. The cost of anti-virus updates in the
second year is minimal as well, approx. 15% of the purchase price,
depending on the amount of users you have.
MailSecurity's companion product, Mail essentials
You can add anti-spam, disclaimers, mail archiving, Internet mail
reporting, server-based auto replies and POP3 downloading through
MailSecurity's companion product, Mail essentials 7, which is
available in a bundle with MailSecurity.
Anti-spam (gateway version only)
MailSecurity includes a powerful spam filter that searches for
keywords that identify spam. You can then either delete the spam or
move it to a folder for review.
