Upload
others
View
12
Download
0
Embed Size (px)
Citation preview
F-Secure ThreatShield is a gateway-level security solution for protecting email and web traffic, with built-in network sandboxing technology. It is designed specifically to protect against spam, ransomware, phishing, and advanced targeted attacks.
Its unique network sandboxing technology automatically detonates suspicious attachments and URLs, triggering a multi-faceted threat detection and behavioral analysis process. With this approach, ThreatShield easily finds targeted, more advanced attacks, such as script-based and handmade malware and 0-day exploits.
ThreatShield provides unique value for IT teams by combining your gateway protection needs into one unified solution. Less hardware means less maintenance load, and it also creates considerable synergy between system administrators, who can jointly manage the gateway-level protection for email, web traffic, and sandboxing.
F-SECURE THREATSHIELD
2
Multi-engine anti-malware
Detects a broader range of malicious features,
patterns, and trends.
Real-time threat intelligence
F-Secure’s Security Cloud identifies, analyzes,
and prevents new and emerging threats.
Web traffic scanning
Scans for malicious content in ingoing and
outgoing web traffic (HTTP & HTTPS).
Web content control
Enables restriction of unproductive and
inappropriate Internet usage.
Browsing protection
Proactively prevents end-users from visiting
malicious and phishing sites.
Spam filtering
Prevents unwanted spam emails with 99.9%
detection rate with zero false positives.
Email scanning
Scans ingoing and outgoing attachments and
links for malicious content.
Advanced threat protection**
Network sandbox that detonates, analyzes,
and detects malicious activity.
F-Secure ThreatShield is a gateway-level security solution for protecting email and web traffic, with built-in network sandboxing technology. It is designed specifically to protect against spam, ransomware, phishing, and advanced targeted attacks.
Supported OS: CentOS, Redhat, Ubuntu, Debian. Check the version numbers online.
KEY FEATURES
**THREATSHIELD PREMIUM
3
Team Synergies ThreatShield creates considerable knowledge
and work synergies between system
administrators, who can jointly manage the
gateway level protection for email, web and
sandboxing from one portal.management tools.
Cost-efficient prevention Preventing commodity attacks and spam, and
detecting the more advanced and targeted
attacks via sandboxing, early at the gateway
level is vastly more cost efficient and safer than
on the endpoint itself.
Less infrastructure maintenance It lowers the maintenance workload by
consolidating email and web gateway
infrastructure, in addition to that of a network
sandbox, to only one set of hardware.
ThreatShield provides unique value for IT teams by combining email, web and sandboxing gateway needs into one unified solution.
KEY BENEFITS
4
HOW DOES IT WORK?
Incoming email and
web traffic is directed to
ThreatShield for analysis
before going any further in
the environment.
Email and web traffic,
including contents like
attachments and URLS,
are intercepted by
HTTP(S), SMTP, and FTP
proxies.
Administrators have rich
reporting and advanced
security analytics on
blocked content at
their disposal, making
investigation and incident
response fast and effective.
Protected endpoints and
servers can safely browse,
download, transfer, and
read or open emails.
Based on the risk profile of the content,
it is delivered to F-Secure Security Cloud
for in-depth analysis, including sandbox
detonation.
Content is subjected to a local threat analysis
and detection process to filter out malware,
spam, and unwanted web content.
High-risk or suspicious content is delivered
to the network sandbox component for
detonation and advanced threat detection.
5
Threat Intelligence Check The object is first analyzed based on various
lightweight identifiers, such as reputation and
prevalence, and is automatically blocked if
any known threats are detected. This check is
made for fast initial decisions, and can already
filter nearly 99% of all common malicious
content.
Static Metadata AnalysisAfter detonation, the object’s metadata
and structure is automatically extracted and
put through a multi-stage static analysis
process, which looks for patterns and features
associated with malicious behavior.
Dynamic Behavior AnalysisFinally, a dynamic runtime analysis is
performed to find strange, suspicious, and
outrights malicious behavior, such as editing
the system registry, launching network
connections, making API calls, influencing
system processes and drivers, and causing
unusual file system activity.
Its unique network sandboxing technology auto-matically detonates suspicious attachments and URLs, triggering a multi-faceted threat detection and behavioral analysis process. With this approach, ThreatShield can easily find targeted, more advanced attacks, such as script-based and handmade malware and 0-day exploits.
ADVANCED THREAT DETECTION
1 2 3
6
Nobody knows cyber security like F-Secure. For three decades, F-Secure has driven innovations in cyber security, defending tens of thousands of companies
and millions of people. With unsurpassed experience in endpoint protection as well as detection and response, F-Secure shields enterprises and consumers
against everything from advanced cyber attacks and data breaches to widespread ransomware infections. F-Secure’s sophisticated technology combines the power
of machine learning with the human expertise of its world-renowned security labs for a singular approach called Live Security. F-Secure’s security experts have participated in more European cyber crime scene investigations than any other company in the market, and its products are sold all over the world by over 200
broadband and mobile operators and thousands of resellers.
Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.
www.f-secure.com www.twitter.com/fsecure www.facebook.com/f-secure
ABOUT F-SECURE