Kaspersky Security for Linux Mail Server
Product presentation
PAGE 1 |
Kaspersky Security for Linux Mail Server: brief
introduction
Kaspersky Security for Linux Mail Server protects incoming and outgoing
mail traffic from malicious objects, spam and unwanted content.
Kaspersky Security for Linux Mail Server works on highly loaded mail
servers under Linux and FreeBSD and supports Postfix, Sendmail,
CommunigatePro and Exim.
PAGE 2 |
1 2 3
Replaces several existing products
KAV for
Milter API
KAV for
Linux mail
Server
(5.5/5.6)
Kaspersky
Security for
Linux Mail
Server 8
PAGE 3 |
1 2 3
KAS 3
Industry
Standard
MTA
Kaspersky
Mail
gateway
(5.6)
Usage scenarios and target markets
Act as an AV/AS Mail Gateway (Enterprise-Middle Business) and separate the
corporate LAN from the “dangerous” Internet
•
Justification: Microsoft and IBM currently dominate the business email and collaboration
market, but do not offer sufficient levels of protection for IT staff
• Integration with popular MTA (ISP model)
•
Internet services providers use pure MTA and create their own mail systems for customers
(Iskon, Telefonica, Europe Host)
Collaboration with Messaging Platforms
•
CommunigatePro, Zimbra, Kerio,
Axigen etc. using Milter API or command line
AV scanner (SMB)
Target Markets:
• ISP that provide mail hosting services
• Enterprises
• Nerdy SME
PAGE 4 |
1 2 3
What’s new
Combines Kaspersky Anti-Virus, Kaspersky Anti-Spam
and Mail Gateway into one single solution.
Latest Anti-spam engine
• Enhanced spam detection (99.75% compared with KAS 3’s detection
rate of 99.15%)
Latest Anti-Malware Engine
First product to incorporate ZETA Shield to prevent APT
Improved integration with Linux-based mail systems, supports
AMaVis for expanded platform support and flexible integration
File content filtering
PAGE 5 |
1 2 3
Benefits: protection and automation
Enhanced spam detection rate combined with a reduced false
positive rate
• Real-time detection with Enforced Anti-Spam Update Service
• KSN integration
• Cloud-based Reputation Filtering technology
Enhanced Anti-malware and APT detection capabilities
•New Anti-malware engine with enhanced speed and better detection
•ZETA Shield Engine designed to spot targeted attacks or APT
Integration and Automation
• Integration with popular Linux-based MTAs such as Postfix, Sendmail, Exim and
CommunigatePro
• Traditional Milter API and SMTP Proxy as well as File Scanner and AMaVis
support
PAGE 6 |
1 2 3
Benefits: performance and management
Performance and scanning speed
•High performance (average 40 email /sec)
•Minimal latency
•File-server scanning capability allows mail server to route larger
attachments to a separate file server.
Flexible management and connectivity
•Web interface and traditional command line interface (CLI)
•Flexible traffic and email process rules
•Supports Open LDAP and Active Directory
•Personal blacklists and whitelists, personal quarantine
•Scalable architecture (сonfig, logs, quarantine can be placed on
different systems)
•IPv6 support
•Monitoring, notifications, SNMP and rich reporting
PAGE 7 |
1 2 3
Enforced Anti-Spam update technology
600
Amount of messages
The majority of spam
mails are distributed in
the first 10 minutes
500
400
Enforced Anti-Spam can update the system
within a couple of minutes – blocking
Amount of messages
attacks at their peak
300
200
100
0
PAGE 8 |
1 2 3
Targeted Attacks and ZETA Shield: how it works
Flash
Dropper
Shell code
API Hashes
Hex string
Flash
ActionScript
Word
x86 Entropy
Appended
Data
Encoded
Exe
Clean Word
ActionScriptHexDecodesFlash
x86EntropyInOLE2AppendedData
PAGE 9 |
1 2 3
Exploit
Reputation Filtering inside KSLMS Anti-Spam
Reputation Filtering (Rescan) – is a “Gray Cloud” that causes
suspicious emails detected by UDS2 to be held in the client’s
quarantine for a rescan after some time (30-50min).
Benefits for customers:
• Increased detection rate
• Fewer false positives
Comparison (VBSpam comparison chart, July 2012):
Kaspersky Anti-Spam 3.0 (without reputation filtering and UDS 2) – 99.15%,
Kaspersky Security for Linux Mail Server 8.0 – 99.7% (TOP 5)
PAGE 10 |
1 2 3
How it looks
PAGE 11 |
1 2 3
Summary: a revolution in Linux security
Integrated mail security solution that
delivers essential messaging security
functions including anti-malware, antispam and content filtering
Significantly improved spam detection
rate
Utilizes the latest Anti-malware, Antispam technologies – including cloudassisted
Able to combat zero day or zero hour
Malware and Spam
Maximizes configuration flexibility while
simplifying management capabilities
PAGE 12 |
1 2 3
Thank you!
PAGE 13 |