AntiVirus Protection

Threats from the cloud increase on a daily basis. Organizations of all sizes need effective security solutions which provides the functionality they need at a price they can afford. The EdgeXOS cloud firewall appliance provides the perfect platform to deliver on both respects.

The EdgeXOS Cloud5ecure™ thin-client protects against viruses using best of breed security from Webroot labs. With network connectivity more critical than ever before, and the use of SaaS and other cloud-based services on the rise, it is more important than ever to have a comprehensive cloud security solution that incorporates:

• Block 100% of known viruses
• Easily quarantine and remove viruses from desktop systems
• Enure realtime protection against the latest virus threats
• Protect against unknown malware using HIPS (Host Intrusion Prevention System)
• Secure endpoints and networks from USB plug-ins and mobile devices

Host Intrusion Prevention System aims to stop viruses before they infect your systems. HIPS uses behavior-based analysis to determine if any code is acting in a suspicious or malicious manner. This analysis is dome in realtime in order to detect and prevent infection BEFORE any damage is caused.

The EdgeXOS's antivirus solution is best-of-breed and has won multiple awards over the years for its dynamic virus detection techniques. The HIPS layered approach has been able to detect of 85% of "unknown" viruses in various tests, i.e. viruses and malware which has never been added to its database. HIPS four layers of detection include:

Behavioral Protection
Designed to detect code variants, known families and consealed categories of malware, the behavioral protection suite guards against unknown malware by analyzing behavior just prior to code execution. This threat detection engine detects zero-day threats without the need for signature updates or separate HIPS software.

Suspicious file detection
Suspicious file detection will identify files that are highly likely to be malicious based on their behavior (i.e. what the code is attempting to do within the system). This detection provides the benefits of a traditional runtime behavior-based system without impacting system performance.

Suspicious behavior detection
Similar to the previous layer however this layer focuses on the system processes which are continously running to make sure that otehr code does not interact with these running processes in an attempt to take them over, over write the exsiting application.

Buffer overflow detection
A buffer overflow is probably the most common method used to attack weak code. These techniques are well known and easy to exploit by hackers. This layer detects these attempts and will catch attacks targeting security vulnerabilities in both operating system software and applications.