Date post: | 23-Apr-2019 |
Category: |
Documents |
Upload: | trinhduong |
View: | 213 times |
Download: | 0 times |
Products and Services
VirusBlokAda
Core 4Core 8
Core 12Core 16
Core 20
VirusBlokAda
Core 1Core 5
Core 10
PRODUCT OFFERINGS
30+ EMBEDDEDANTI-MALWARE ENGINES
pdf, doc, docx, xls, xlsx, ppt, pptx, rtf, html, jpeg, bmp, png, riff, svg, gif
ar, arj, cab, chm, cpio, cramfs, dmg, ext, fat,gpt, hfs, ihex, iso, lzh, lzma, mbr, msi, nsis, ntfs,qcow2, rar, rpm, squashfs, udf, uefi, vdi, vhd,vmdk, wim, xar, z
90+ DATA SANITIZATION ENGINESSUPPORT 15 FILE TYPES
30+ SUPPORTED ARCHIVES
MULTI-SCANNINGENGINE
SIGNATURES & HEURISTICS*
DATASANITIZATION
FILE TYPE VERIFICATION
ARCHIVE EXTRACTION
VULNERABILITYENGINE
OESISUPDATE ENGINE
Workflow Engine
1 2
Multi-scanning EnginesIncrease Detection Rates, Detect Unknown Threats, and Reduce Response Time to OutbreaksMulti-scanning with Metadefender Core is designed to be effective, efficient, and fast. We leverage both signature and heuristic scanning from 30+ scan engines on premises and 40+ scan engines in the cloud to increase malware detection rates. The combined threat research from those engines (using a range of methods like behavioral analysis and emulation techniques) contribute to Metadefender's comprehensive detection of malware.
Metadefender Core Package Options
Linux
Windows
Windows Custom Engines
Metadefender-Threat Detection and Prevention PlatformMetadefender Core technology includes scanning with many anti-malware engines,
heuristics, file type detection, data sanitization, archive scanning, and other features that enable organizations to detect and prevent both known and unknown threats.
* Heuristics is a feature of every engine and can be turned on and off
PROXYEMAILENDPOINTFORENSICS
ENDPOINTPOSTURE
KIOSKAPIs
CLOUDAIR-GAPON PREMISES
These technologies are availablefor either cloud or on-premises deployements
The Vulnerability Engine supports over a millionbinaries and 15,000 applications with support for version checks and reported known vulnerabilities.
VULNERABILITY ENGINE
FIRST SEEN
Detected only by heuristics
3 WEEKS LATER
Detected by heuristics and signature based
Scanning
Sanitization
AFTER
AFTER
Scan engines found a track
Scan engines found a track
Scan engines found a track
Data Sanitization EnginesAbsolute Protection from Unknown and Zero-day AttacksMetadefender's 90 data sanitization engines offer users flexibility by supporting 15 file types. The engines meticulously deconstruct and then reconstruct files in the most common formats to ensure virtually no usability impact. As part of the reconstruction process, the file type itself can be converted (e.g. from .docx to .pdf or.png) for even greater security.
Vulnerability EnginePrevent Binaries with Known Vulnerabilities from Entering your OrganizationIdentify known application vulnerabilities with their severity levels (critical, important, moderate, low, and unknown). The Vulnerability Engine supports over a million binaries and 15,000 applications with support for version checks and reported known vulnerabilities.
File Type Verification EnginePrevent Spoofed Files from Entering your OrganizationSpoofed files are a common technique used to exploit an organization’s security system. By changing the file extension, it’s easy to bypass the majority of existing systems that allow you to configure access based on file type. The Vulnerability Engine identifies and corrects over 1,000 file types, including:
3 4
File Types:Engines List:DOC
DOC
docpdf
XLS
xlspdf
XLS
XLSX
xlsxcsvhtmltiffpdfpsjpgbmppngsvg
XLSX RTF
PPT
pptpdf
PPT PPTX
HTML
pdfpsjpgbmppngsvg
HTML
JPG
bmppngtiffsvggifpsepspdf
JPG
BMP
jpgpngtiffsvggifpsepspdf
BMP
PNG
jpgbmptiffsvggifpsepspdf
PNG
DOCX
docxtxthtmlpdfpsjpgbmppngtiffsvg
DOCX
SVG
jpgbmppngtiffgifpseps
SVG
GIF
jpgbmppngtiffsvgpsepspdf
GIF
TIFF
jpgbmppngtiffsvggifpseps
TIFF
RTF
rtf
pdfbmptifftxthtmlsvgjpgpng
PPTX
pptxpdf
doconepps/pptrtfsuoxls/xlawps
DOCUMENTDOC EXE
eml/msg
EML
PDFPDF
7zarjbhbz2cabdaagzgzip, isojar, lhalzh, rartar, tgzwar, xarz, zip
ARCHIVERAR
3g2atp, aviflv, htchsc, kozm4r, m4vmid, movmp3, mp4mpa, mpegmpg, oggprx, pvarm, swfwav, wmawmv, vmx
MEDIAMP3
clbcpxcuehtmhtmlphpinf, inijnlplogrdpregsqltxt, xml
apkaxcomcpldbfdllexeinsmsiocxplscrsh
TEXT EXECUTABLESTXT
bmpbs, celcdr, cptdwggif, icojpg, svgpcx, pdnpic, pngpsd, tgatif, tiff
GRAPHICDWG
vmxvmdk
IMAGE
VMDK
Deployment Options
Offline Online CloudSupport for all isolated(air gapped) networks.
Easy update mechanismfor engines and
applications.
Supported with auto-updates enabled for all
anti-virus engines.
Available via REST API or through a private deploy-ment in your own cloud
infrastructure.
5 6
Archive Extraction EnginePrevent Archive Bombs from Entering your Organization and Speed up the Multi-scanning ProcessThe Archive Extraction Engine supports dozens of archive formats, specializing in the most commonly used ones like: zip, pklite, 7z, jar, jarc, rar, rar5, tar, taz, iso, gzip, cab, arc, arj, lzh, rpm, deb, lzma, wim, sfx, and xz.
Self-extracting archives created by 7zip and winrar are also supported. All Microsoft Office document formats (2007 and higher) are handled as archives when scanning (extracting and scanning each item inside the archive separately).
OESIS Auto-update EngineManage and Push Updates for Solutions Integrating with OESIS FrameworkOESIS Framework is updated on a constant basis. The OESIS auto-update engine enables granular update management by integration partners and their end-user administrators.
R
ARCHIVE EXTRACTION
EXTERNAL NETWORK
INTERNALNETWORK SFT
M
Media processedaccording touser's profile
Transfer through one-way connection
User logs into secure portal and retrieves files
DATA DIODE
METADEFENDER KIOSK WITH
METADEFENDER CORE
SECURE FILE TRANSFER
ID
Prevent Advanced Threats and Targeted Attacks All files being considered for transfer to a secure network are first scanned by Metadefender Core to check for potential threats, which is deployed either on the same system as Metadefender Kiosk or on the same network as a kiosk. Files entering an organization are encrypted and then deposited into the Secure File Transfer solution. File sharing is limited and based on configuration settings.
Control Users and Data Flow
All data and user traffic is recorded and made available for audit to provide insight for administrators. Based on the configuration settings, you can allow guests (such as contractors) using the system to upload files and have the option to integrate with Active Directory for better user control. Depending on how you choose to set up your configuration, you can permit both allowed and blocked files to enter the organization, potentially making blocked files only available to users with administrator roles. We recommend a separate Secure File Transfer instance for any blocked files so that malware analysts can investigate the potential threat further.
Limit Media Entering the OrganizationBy using a data diode that only allows traffic to move one way, any leaking of information out of the network is impossible, enhancing the security needed for critical infrastructure. The organization will still remain secure and air gapped, and can eliminate the need to allow external media into the organization.
These best practices enforce tight restrictions at the network level, allowing data to enter the organization in a controlled and supervised manner, while still complying with regulations.
Threat Prevention for Secure and Air-Gapped Networks
7 8
INCOMING EMAIL ATTACHMENTS
SUSPICIOUS KNOWN MALWARE
OUT OF 412 INCOMING EMAIL ATTACHMENTS
PASSWORD PROTECTED
49
INCOMING THREATS
DETECTED
FILES SANITIZED
34SUSPICIOUS
ATTACHMENTS
3KNOWN
MALWARE
7FILES
SANITIZED
5PASSWORD PROTECTED
OUT OF 245 OUTGOING EMAIL ATTACHMENTS
OUTGOING EMAIL ATTACHMENTS
SUSPICIOUS KNOWN MALWARE
PASSWORD PROTECTED FILES SANITIZED
12SUSPICIOUS
ATTACHMENTS
2KNOWN
MALWARE
0FILES
SANITIZED
6PASSWORD PROTECTED
20OUTGOING THREATS
DETECTED
®
9 10
Available Security ModulesMetadefender Kiosk offers a kiosk-based user interface that allows users to authenticate and analyze any media-based files after processing them with Metadefender Core's multi-scanning technology. Once processed, the files are sent to a secure location within the organization.
Metadefender Secure File Transfer acts as a secure file storage solution, which is responsible not only for storing files received from the kiosk, but also for handling and auditing all data flows and user interactions.
Data Diode (recommended, though optional) also known as cross-domain solution is used to provide secure, one-way data transfer between low- and- high security networks.
Access OPSWAT’S data diode buying guide at https://www.opswat.com/resources to see a comparison of existing data diodes.
Email Threat PreventionMetadefender adds a second layer of defense to protect organizations from ransomware and targeted attacks, integrating with existing email gateway solutions including:
Email gateway administrators can easily route inbound and outbound traffic through Metadefender Core to perform an extensive check using multi-scanning, file type verification, archive extraction and data sanitization technologies to increase detection of threats and to prevent unknown or targeted threats by disarming active content in email attachments that might be malicious.
Administrator Console Email Dashboard
Metadefender Dashboard
Proxy Threat PreventionMetadefender adds a second layer of defense to protect organizations from ransomware and targeted attacks, exposing an ICAP interface that integrates with your existing web proxy or reverse proxy solution.
Administrators can easily route inbound and outbound traffic through Metadefender Core to perform an extensive check using multi-scanning, file type verification, archive extraction, and data sanitization technologies to increase detection of threats and to prevent unknown or targeted threats.
Reverse Proxy Implementation
Web Proxy Implementation
INTERNET USER
INTERNET USER
INTERNET USER
INTERNET USER
INTERNET USER
INTERNET USER
METADEFENDER
THE INTERNET
WEB SERVER
WEB SERVER
WEB SERVER
METADEFENDER
INTERNAL USER
INTERNAL USER
INTERNAL USER
INTERNAL USER
INTERNAL USER
INTERNAL USER
HTTPS SERVER
WEB SERVER
FTP SERVER
PROTECTED DATA
THE INTERNETFIREWALL
11 12
R
13 14
Metadefender.comMetadefender.com is a threat intelligence platform with more than 1 billion submissions analyzed from millions of machines. Data collected is exposed through REST APIs, making integrations seamless and fast. Metadefender.com provides the following types of data:
• Vast binary vulnerability database • Comprehensive reputation service • Binary classification for popular applications and OS • Network traffic reported by each application • Loaded libraries for each application
Our reputation service computes the confidence level for each unique file based on:
• Its associated applications • Vulnerabilities associated with these applications • Reputation of the IP/domains to which these applications connect • Digital signatures of associated applications • Analysis by anti-malware engine partners
Learn more about our Threat Intelligence Platform by visiting metadefender.com.
Reputation
P FileP Hash
P IP
P URL
Threat Intelligence
P Vulnerability
P Binary Classification
P Malware Classification
P Network Traffic
P Shared Components
P Operating System
P Digital Signature
P Portable Executable Info
P Top Threats
Demo Purposes
P Scan Report
P Data Sanitization
P Dynamic Analysis - Available Soon!
Metadefender Libraries
Network Connections for Common Applications
San Francisco (Headquarters)398 Kansas St.San Francisco, CA 94103,USA
HungaryH-8200 VeszpremBajcsy-Zs. u.15.Hungary
Japan1-35-2 Grains Bldg. #61Nihonbashi-Kakigara-cho,Chuo-Ku, Tokyo, Japan 103-0014
OPSWAT Headquarters in San Francisco, CA, USA
Global OfficesTechnical Support
Standard Gold Platinum
8:00 to 17:00Mon - Fri
Email support
Support Centers
Sales Centers
San FranciscoRomaniaVietnam
San FranciscoJapanUnited KingdomWashington DC
Worldwide Support
7:00 to 19:00Mon - Fri
Email & Phone support
24 HoursEveryday
Email & Phone support
9Hours
12Hours
24Hours
R&D CentersSan FrancisoHungaryRomania
Support 24 hours/7 days a weekOPSWAT is dedicated to delivering the best service, made possible through our three support centers located in San Francisco, Romania, and Vietnam. This enables us to provide true 24 hours a day/7 days a week support with an average response time of just two hours. Learn about our Standard, Gold, and Premium Customer Support offerings at www.opswat.com/support.
Evaluating MetadefenderTo evaluate Metadefender, login to the OPSWAT Portal at portal.opswat.com.
Contacting SalesContact [email protected] or visit www.opswat.com for more information about licensing our technologies. We can also be reached at +1 (415) 590-7300.
Romania United KingdomCall: +44 (0) 20-8328 9830Fax: +44 (0) 20-87115771
VietnamHarbour View Tower35 Nguyen Hue, 14th floor, District 1Ho Chi Minh city, Vietnam
Martin Luther Street,no.2, 4th Floor,300054 TimisoaraRomania
15 16
FINANCE MANUFACTURING TECHNOLOGY
GOVERNMENT DEFENSE ENERGY
1,000+ Satisfied CustomersOPSWAT’s Metadefender products are trusted by thousands of customers, including large corporations, financial institutions, and government and defense- related agencies to provide comprehensive threat protection and prevention.
17 18
Certified Security Application ProgramOPSWAT certifications represent high performance, protection, usability, and ensured compatibility with 200,000,000 endpoints and leading network access controls.
Applications awarded OPSWAT certification signify: P Compatibility with all leading CASB, NAC, SSL-VPN, and SSO solutions P Superior quality ratings from AV-TEST and/or AV-Comparatives P False positive responsiveness
Compatibility TestsApplications undergo compatibility testing with leading CASB, NAC, SSL-VPN, and SSO technologies. Certified compatibility ensures applications can be detected, classified, and displayed from over 200,000,000 endpoints worldwide, by over 1,000 products from vendors like Elastica, SecureAuth, Cisco, Citrix, and Palo Alto Networks.
Quality TestsOPSWAT partners, AV-TEST and AV-Comparatives, examine the performance,protection, and usability of anti-malware applications.
Applications meeting the Gold-certification standard can:P Protect against emerging threatsP Protect endpoints in real timeP Perform efficientlyP Maintain device usability
False Positive TestsFalse alarms waste time, resources, and can damage the reputation of a security product. Applications bearing OPSWAT certified logos are able to log, report, and respond to false positives.
Get Certified1) Log In
Create an account at https://portal.opswat.com/en2) Upload
Provide basic information and a licensed installer through our support form at http://www2.opswat.com/certified/submit
For More InformationLearn more about certification criteria athttp://www.opswat.com/certified