Products and Services

VirusBlokAda

Core 4Core 8

Core 12Core 16

Core 20

VirusBlokAda

Core 1Core 5

Core 10

PRODUCT OFFERINGS

30+ EMBEDDEDANTI-MALWARE ENGINES

pdf, doc, docx, xls, xlsx, ppt, pptx, rtf, html, jpeg, bmp, png, riff, svg, gif

ar, arj, cab, chm, cpio, cramfs, dmg, ext, fat,gpt, hfs, ihex, iso, lzh, lzma, mbr, msi, nsis, ntfs,qcow2, rar, rpm, squashfs, udf, uefi, vdi, vhd,vmdk, wim, xar, z

90+ DATA SANITIZATION ENGINESSUPPORT 15 FILE TYPES

30+ SUPPORTED ARCHIVES

MULTI-SCANNINGENGINE

SIGNATURES & HEURISTICS*

DATASANITIZATION

FILE TYPE VERIFICATION

ARCHIVE EXTRACTION

VULNERABILITYENGINE

OESISUPDATE ENGINE

Workflow Engine

1 2

Multi-scanning EnginesIncrease Detection Rates, Detect Unknown Threats, and Reduce Response Time to OutbreaksMulti-scanning with Metadefender Core is designed to be effective, efficient, and fast. We leverage both signature and heuristic scanning from 30+ scan engines on premises and 40+ scan engines in the cloud to increase malware detection rates. The combined threat research from those engines (using a range of methods like behavioral analysis and emulation techniques) contribute to Metadefender's comprehensive detection of malware.

Metadefender Core Package Options

Linux

Windows

Windows Custom Engines

Metadefender-Threat Detection and Prevention PlatformMetadefender Core technology includes scanning with many anti-malware engines,

heuristics, file type detection, data sanitization, archive scanning, and other features that enable organizations to detect and prevent both known and unknown threats.

* Heuristics is a feature of every engine and can be turned on and off

PROXYEMAILENDPOINTFORENSICS

ENDPOINTPOSTURE

KIOSKAPIs

CLOUDAIR-GAPON PREMISES

These technologies are availablefor either cloud or on-premises deployements

The Vulnerability Engine supports over a millionbinaries and 15,000 applications with support for version checks and reported known vulnerabilities.

VULNERABILITY ENGINE

FIRST SEEN

Detected only by heuristics

3 WEEKS LATER

Detected by heuristics and signature based

Scanning

Sanitization

AFTER

AFTER

Scan engines found a track

Scan engines found a track

Scan engines found a track

Data Sanitization EnginesAbsolute Protection from Unknown and Zero-day AttacksMetadefender's 90 data sanitization engines offer users flexibility by supporting 15 file types. The engines meticulously deconstruct and then reconstruct files in the most common formats to ensure virtually no usability impact. As part of the reconstruction process, the file type itself can be converted (e.g. from .docx to .pdf or.png) for even greater security.

Vulnerability EnginePrevent Binaries with Known Vulnerabilities from Entering your OrganizationIdentify known application vulnerabilities with their severity levels (critical, important, moderate, low, and unknown). The Vulnerability Engine supports over a million binaries and 15,000 applications with support for version checks and reported known vulnerabilities.

File Type Verification EnginePrevent Spoofed Files from Entering your OrganizationSpoofed files are a common technique used to exploit an organization’s security system. By changing the file extension, it’s easy to bypass the majority of existing systems that allow you to configure access based on file type. The Vulnerability Engine identifies and corrects over 1,000 file types, including:

3 4

File Types:Engines List:DOC

DOC

docpdf

XLS

xlspdf

XLS

XLSX

xlsxcsvhtmltiffpdfpsjpgbmppngsvg

XLSX RTF

PPT

pptpdf

PPT PPTX

HTML

pdfpsjpgbmppngsvg

HTML

JPG

bmppngtiffsvggifpsepspdf

JPG

BMP

jpgpngtiffsvggifpsepspdf

BMP

PNG

jpgbmptiffsvggifpsepspdf

PNG

DOCX

docxtxthtmlpdfpsjpgbmppngtiffsvg

DOCX

SVG

jpgbmppngtiffgifpseps

SVG

GIF

jpgbmppngtiffsvgpsepspdf

GIF

TIFF

jpgbmppngtiffsvggifpseps

TIFF

RTF

rtf

PDF

pdfbmptifftxthtmlsvgjpgpng

PDF

PPTX

pptxpdf

doconepps/pptrtfsuoxls/xlawps

DOCUMENTDOC EXE

eml/msg

EMAIL

EML

pdf

PDFPDF

7zarjbhbz2cabdaagzgzip, isojar, lhalzh, rartar, tgzwar, xarz, zip

ARCHIVERAR

3g2atp, aviflv, htchsc, kozm4r, m4vmid, movmp3, mp4mpa, mpegmpg, oggprx, pvarm, swfwav, wmawmv, vmx

MEDIAMP3

clbcpxcuehtmhtmlphpinf, inijnlplogrdpregsqltxt, xml

apkaxcomcpldbfdllexeinsmsiocxplscrsh

TEXT EXECUTABLESTXT

bmpbs, celcdr, cptdwggif, icojpg, svgpcx, pdnpic, pngpsd, tgatif, tiff

GRAPHICDWG

vmxvmdk

IMAGE

VMDK

Deployment Options

Offline Online CloudSupport for all isolated(air gapped) networks.

Easy update mechanismfor engines and

applications.

Supported with auto-updates enabled for all

anti-virus engines.

Available via REST API or through a private deploy-ment in your own cloud

infrastructure.

5 6

Archive Extraction EnginePrevent Archive Bombs from Entering your Organization and Speed up the Multi-scanning ProcessThe Archive Extraction Engine supports dozens of archive formats, specializing in the most commonly used ones like: zip, pklite, 7z, jar, jarc, rar, rar5, tar, taz, iso, gzip, cab, arc, arj, lzh, rpm, deb, lzma, wim, sfx, and xz.

Self-extracting archives created by 7zip and winrar are also supported. All Microsoft Office document formats (2007 and higher) are handled as archives when scanning (extracting and scanning each item inside the archive separately).

OESIS Auto-update EngineManage and Push Updates for Solutions Integrating with OESIS FrameworkOESIS Framework is updated on a constant basis. The OESIS auto-update engine enables granular update management by integration partners and their end-user administrators.

R

ARCHIVE EXTRACTION

EXTERNAL NETWORK

INTERNALNETWORK SFT

M

Media processedaccording touser's profile

Transfer through one-way connection

User logs into secure portal and retrieves files

DATA DIODE

METADEFENDER KIOSK WITH

METADEFENDER CORE

SECURE FILE TRANSFER

ID

Prevent Advanced Threats and Targeted Attacks All files being considered for transfer to a secure network are first scanned by Metadefender Core to check for potential threats, which is deployed either on the same system as Metadefender Kiosk or on the same network as a kiosk. Files entering an organization are encrypted and then deposited into the Secure File Transfer solution. File sharing is limited and based on configuration settings.

Control Users and Data Flow

All data and user traffic is recorded and made available for audit to provide insight for administrators. Based on the configuration settings, you can allow guests (such as contractors) using the system to upload files and have the option to integrate with Active Directory for better user control. Depending on how you choose to set up your configuration, you can permit both allowed and blocked files to enter the organization, potentially making blocked files only available to users with administrator roles. We recommend a separate Secure File Transfer instance for any blocked files so that malware analysts can investigate the potential threat further.

Limit Media Entering the OrganizationBy using a data diode that only allows traffic to move one way, any leaking of information out of the network is impossible, enhancing the security needed for critical infrastructure. The organization will still remain secure and air gapped, and can eliminate the need to allow external media into the organization.

These best practices enforce tight restrictions at the network level, allowing data to enter the organization in a controlled and supervised manner, while still complying with regulations.

Threat Prevention for Secure and Air-Gapped Networks

7 8

INCOMING EMAIL ATTACHMENTS

SUSPICIOUS KNOWN MALWARE

OUT OF 412 INCOMING EMAIL ATTACHMENTS

PASSWORD PROTECTED

49

INCOMING THREATS

DETECTED

FILES SANITIZED

34SUSPICIOUS

ATTACHMENTS

3KNOWN

MALWARE

7FILES

SANITIZED

5PASSWORD PROTECTED

OUT OF 245 OUTGOING EMAIL ATTACHMENTS

OUTGOING EMAIL ATTACHMENTS

SUSPICIOUS KNOWN MALWARE

PASSWORD PROTECTED FILES SANITIZED

12SUSPICIOUS

ATTACHMENTS

2KNOWN

MALWARE

0FILES

SANITIZED

6PASSWORD PROTECTED

20OUTGOING THREATS

DETECTED

®

9 10

Available Security ModulesMetadefender Kiosk offers a kiosk-based user interface that allows users to authenticate and analyze any media-based files after processing them with Metadefender Core's multi-scanning technology. Once processed, the files are sent to a secure location within the organization.

Metadefender Secure File Transfer acts as a secure file storage solution, which is responsible not only for storing files received from the kiosk, but also for handling and auditing all data flows and user interactions.

Data Diode (recommended, though optional) also known as cross-domain solution is used to provide secure, one-way data transfer between low- and- high security networks.

Access OPSWAT’S data diode buying guide at https://www.opswat.com/resources to see a comparison of existing data diodes.

Email Threat PreventionMetadefender adds a second layer of defense to protect organizations from ransomware and targeted attacks, integrating with existing email gateway solutions including:

Email gateway administrators can easily route inbound and outbound traffic through Metadefender Core to perform an extensive check using multi-scanning, file type verification, archive extraction and data sanitization technologies to increase detection of threats and to prevent unknown or targeted threats by disarming active content in email attachments that might be malicious.

Administrator Console Email Dashboard

Metadefender Dashboard

Proxy Threat PreventionMetadefender adds a second layer of defense to protect organizations from ransomware and targeted attacks, exposing an ICAP interface that integrates with your existing web proxy or reverse proxy solution.

Administrators can easily route inbound and outbound traffic through Metadefender Core to perform an extensive check using multi-scanning, file type verification, archive extraction, and data sanitization technologies to increase detection of threats and to prevent unknown or targeted threats.

Reverse Proxy Implementation

Web Proxy Implementation

INTERNET USER

INTERNET USER

INTERNET USER

INTERNET USER

INTERNET USER

INTERNET USER

METADEFENDER

THE INTERNET

WEB SERVER

WEB SERVER

WEB SERVER

METADEFENDER

INTERNAL USER

INTERNAL USER

INTERNAL USER

INTERNAL USER

INTERNAL USER

INTERNAL USER

HTTPS SERVER

WEB SERVER

FTP SERVER

PROTECTED DATA

THE INTERNETFIREWALL

11 12

R

13 14

Metadefender.comMetadefender.com is a threat intelligence platform with more than 1 billion submissions analyzed from millions of machines. Data collected is exposed through REST APIs, making integrations seamless and fast. Metadefender.com provides the following types of data:

• Vast binary vulnerability database • Comprehensive reputation service • Binary classification for popular applications and OS • Network traffic reported by each application • Loaded libraries for each application

Our reputation service computes the confidence level for each unique file based on:

• Its associated applications • Vulnerabilities associated with these applications • Reputation of the IP/domains to which these applications connect • Digital signatures of associated applications • Analysis by anti-malware engine partners

Learn more about our Threat Intelligence Platform by visiting metadefender.com.

Reputation

P FileP Hash

P IP

P URL

Threat Intelligence

P Vulnerability

P Binary Classification

P Malware Classification

P Network Traffic

P Shared Components

P Operating System

P Digital Signature

P Portable Executable Info

P Top Threats

Demo Purposes

P Scan Report

P Data Sanitization

P Dynamic Analysis - Available Soon!

Metadefender Libraries

Network Connections for Common Applications

San Francisco (Headquarters)398 Kansas St.San Francisco, CA 94103,USA

HungaryH-8200 VeszpremBajcsy-Zs. u.15.Hungary

Japan1-35-2 Grains Bldg. #61Nihonbashi-Kakigara-cho,Chuo-Ku, Tokyo, Japan 103-0014

OPSWAT Headquarters in San Francisco, CA, USA

Global OfficesTechnical Support

Standard Gold Platinum

8:00 to 17:00Mon - Fri

Email support

Support Centers

Sales Centers

San FranciscoRomaniaVietnam

San FranciscoJapanUnited KingdomWashington DC

Worldwide Support

7:00 to 19:00Mon - Fri

Email & Phone support

24 HoursEveryday

Email & Phone support

9Hours

12Hours

24Hours

R&D CentersSan FrancisoHungaryRomania

Support 24 hours/7 days a weekOPSWAT is dedicated to delivering the best service, made possible through our three support centers located in San Francisco, Romania, and Vietnam. This enables us to provide true 24 hours a day/7 days a week support with an average response time of just two hours. Learn about our Standard, Gold, and Premium Customer Support offerings at www.opswat.com/support.

Evaluating MetadefenderTo evaluate Metadefender, login to the OPSWAT Portal at portal.opswat.com.

Contacting SalesContact sales@opswat.com or visit www.opswat.com for more information about licensing our technologies. We can also be reached at +1 (415) 590-7300.

Romania United KingdomCall: +44 (0) 20-8328 9830Fax: +44 (0) 20-87115771

VietnamHarbour View Tower35 Nguyen Hue, 14th floor, District 1Ho Chi Minh city, Vietnam

Martin Luther Street,no.2, 4th Floor,300054 TimisoaraRomania

15 16

FINANCE MANUFACTURING TECHNOLOGY

GOVERNMENT DEFENSE ENERGY

1,000+ Satisfied CustomersOPSWAT’s Metadefender products are trusted by thousands of customers, including large corporations, financial institutions, and government and defense- related agencies to provide comprehensive threat protection and prevention.

17 18

Certified Security Application ProgramOPSWAT certifications represent high performance, protection, usability, and ensured compatibility with 200,000,000 endpoints and leading network access controls.

Applications awarded OPSWAT certification signify: P Compatibility with all leading CASB, NAC, SSL-VPN, and SSO solutions P Superior quality ratings from AV-TEST and/or AV-Comparatives P False positive responsiveness

Compatibility TestsApplications undergo compatibility testing with leading CASB, NAC, SSL-VPN, and SSO technologies. Certified compatibility ensures applications can be detected, classified, and displayed from over 200,000,000 endpoints worldwide, by over 1,000 products from vendors like Elastica, SecureAuth, Cisco, Citrix, and Palo Alto Networks.

Quality TestsOPSWAT partners, AV-TEST and AV-Comparatives, examine the performance,protection, and usability of anti-malware applications.

Applications meeting the Gold-certification standard can:P Protect against emerging threatsP Protect endpoints in real timeP Perform efficientlyP Maintain device usability

False Positive TestsFalse alarms waste time, resources, and can damage the reputation of a security product. Applications bearing OPSWAT certified logos are able to log, report, and respond to false positives.

Get Certified1) Log In

Create an account at https://portal.opswat.com/en2) Upload

Provide basic information and a licensed installer through our support form at http://www2.opswat.com/certified/submit

For More InformationLearn more about certification criteria athttp://www.opswat.com/certified