ScanMail allows
administrators to choose the level of malware detection that is
appropriate for the company’s security policy. Administrators configure
the security level ScanMail provides
by configuring the scan engine and any further analyses necessary.
The following table outlines the scanning technology available
in ScanMail.
Scanning Technology
|
Scan Technology
|
Description
|
||
Virus Scan Engine
|
The standard malware scan engine available
in ScanMail.
The
Virus Scan Engine employs pattern matching and heuristic scanning
technology to identify threats before malware can infect a system.
|
||
Advanced
Threat Scan Engine (ATSE)
|
Advanced Threat Scan Engine performs aggressive heuristic scanning to check files
for
less conventional threats, including document exploits. Some detected files may be
safe and should
be further observed and analyzed in a virtual environment.
Advanced Threat Scan Engine enhances the features provided by the Virus Scan
Engine.
For more information on Advanced Threat Scan Engine configuration, see Configuring Security Risk Scan Targets.
|
||
Virtual Analyzer
|
Virtual Analyzer performs content simulation and analysis in an isolated virtual
environment to identify characteristics commonly associated with
many types of malware. In particular, Virtual Analyzer checks if
files or URLs attached to messages contain exploit code. Although
many files or URLs do not include executable data, attackers find
ways to cause such files or URLs to exploit vulnerabilities in
programs and operating systems that run them. Because of this,
sending malicious files or URLs to target users has become an
effective way for attackers to compromise systems.
For more information on Virtual Analyzer settings, see Configuring Virtual Analyzer.
|
