|
ANTI-VIRUS - FILTERING:
Effektive Scan Technology:
IKARUS Managed Security Services use the IKARUS T3 Scanner, that
reaches almost 100% of virus recognition rate. It scans for computer
viruses, Trojans, worms, active-x, scripts, malicious javaspplets,
etc.
Second Level Scanner:
Should an anti-virus scanner have already been installed in your
company, the IKARUS Managed Security Services are the ideal solution
as the second level scanner - as 4 eyes see more than just 2!
Virus and configuration support:
IKARUS Kunden naturally receive support on matters of configuration
of the IKARUS Managed Security Services , as well as support on
problems with computer viruses Mondays to Fridays from 08:00 to
18:00.
|
SPAM - FILTERING:
Protection for bandwidth and no lost of time.
Over 50% of Spam mails have recently flooded the entire e-mail
traffic. This percentage will enormously increase in the future.
IKARUS Managed Security Services can identify and delete up
to 98% of all Spams. This means that spam is filtered out
before it reaches your gateway. This will not only help you
and your employees to save time, but at the same time it releases
your internet connections. Our SPAM
CALCULATOR gives information on working time saved.
|
|
|
Spam Filtering Technologies:
IKARUS Managed Security Services offer the possibility to filter
out spam most effectively. Using different methods and self learning
algorithms, it examines e-mails according to many rules. Spam will
be detected and treated in accordance with your settings (delete,
mark or redirect). The sensitivity levels of the spam filter can
be set from low to high in 9 different levels. Additionally rules
and sensitivity levels can be defined to help you increase spam
filtering. Detailed information of the functionality of our implemented
technologies is obtainable in our "AntiSpam Technology"folder
or on our website: www.mymailwall.at
Verwendete Technologien:
- Heuristic Analysis
The heuristic analysis is a rule-based scan technology which
recognizes certain characters of an E-Mail. These characters
indicate Spam mails e.g. when a mail contains a remove link
or a certain words such as "VIAGRA" or alphabetical
symbols of foreign languages etc. These indicators will be sorted
into different "bad categories". If the sum of this
"bad categories" exceeds a certain point, the mail
will be identified as Spam.
- Bayer's Text Analysis
The Bayer's Analysis traces statistics which is resulted from
analysing a lot of Spam mails. This mechanism is a self-learning
method and will get more intelligent with the number of mails
it analyses. The statistics will be used as a reference of rules
for other new E-Mails. The Bayer's Analysis is considered one
of the most powerful mechanisms for Spam recognition. At the
same time it delivers the least "false positive" rate.
("False positives" are regular E-Mails which are classified
as Spam. The more strict a heuristic Spam filter is configured,
the higher the "false positive" rate become.). Combined
Spam filtering parameters are therefore more reasonable. This
means that mails with a very high probability of being identified
as Spam can be deleted immediately. Whereas others with low
Spam rating should be only marked (tagged) and double-checked
by the final users.
- Lexical Text Analysis
This analysing form examines the content of an E-Mail and filters
text strings (e.g. Sales offers, Invitation to visit a website
etc.). These text strings will be linked with Bool's Operators.
(OR, AND, NOT etc.) and analysed if it is the matter of such
offers. If this is the case, the E-Mail will be qualified as
Spam.
- Spam Database
Spammails are slightly changed only every once in a while (either
upon each package sent or at each E-mail address). In order
to identify such poly-morpheme Spam mails, Hash Signatures from
E-Mails received are extracted and compared with signatures
of Spam mails in a updateable database. The Variations of Spam
mails can be recognized by Hash Signature System. The filtering
of different special characters, data and tags, which Spam mails
aim to avoid in anti-Spam programs, out of suspicious Spam mails
increases the effectiveness of this system.
To keep the database updated, Hash Signatures are always added
using a so-called "real time Spam Collectors", which
gather E-mail addresses of Spam mails .
- Black Lists and White Lists
Sometimes it is just necessary to specify such RBL lists. Though
this technique is a little out of date as Spammer can pick out
and change any random E-mail addresses for most valid domains,
there are still some certain domain names that are used by Spammer
to send out Spam mails. Those domain names can be listed in
the black list to prevent Spam.
White list is a counterpart of black list. On this list E-mail
addresses and domains will be administered which are aimed for
sending higher numbers of mails such as subscribed mailing lists
or newsletter. Those e-mail addresses can also be added that
are not exploited by Spammers, but belong to a domain which
is normally misused by Spammers as Open Relay to send out Spam
mails.
- Subject Line Analysis
A lot of Spam mails resemble each other in the subject line.
By means of a sample list which contains typical subject lines
of Spam mails, it is possible to identify and filter out Spam.
("Save Money", "Viagra online" etc.
- Protection against Directory Harvesting Attacks
The so-called "attack directory" is used by Spammers
to get access to valid E-Mail addresses of a domain. E-Mails
will be sent to many different addresses to prove whether the
receiving mail servers return an error message. If this is not
the case, the E-mail address is valid and will be added to the
Spam mailing lists. Should such an directory harvesting attack
be registered, all E-mails from this sender will be blocked.
-
Mailbombing Protection
Denial of Service (DoS) Attack is a form of Mail Bombing
in which it is attempted to send mass E-mails over a Dictionary
Mailer to a domain. This protection regulates the E-mail traffic
to avoid a congestion. It means that both number of open mail
session and mails in spool are monitored. A method preferred
by Spammers is sending out E-mails with multiple receivers.
Mail servers of victims are use das multiplicators. To protect
against this attack, IKARUS Spam Filtering predefines a maximum
limit for allowed receivers.
- Anti Spoofing
Spammers send their E-Mails from external domains, but use
internal senders' addresses to disguise themselves.
Examples:
- A Spam mail to mike@yourcompany.com could disguise in mikesfriend@yourcompany.com
as sender. This internal sender address can be either a valid
or an invalid address of the domain.
- The same address for sender and receiver can be used as
if users would send a mail to themselves
Email spoofing is reliably recognized and blocked by IKARUS
Spam Filtering.
|
