Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Lower false positives on spam and virus firewall

Barracuda Networks : 10 April, 2009  (New Product)
E-mail virus and malware prevention firewall from Barracuda Networks now boasts higher speed and lower levels of false positives
Barracuda Networks has announced enhancements to its email virus and malware threat prevention techniques, enabling it's newly renamed Barracuda Spam & Virus Firewall to identify viruses and other email-borne malware threats faster than well known competing anti-virus products. The decision to rename its flagship Barracuda Spam Firewall to Barracuda Spam & Virus Firewall reflects Barracuda Networks ongoing commitment to providing best-of-breed malware protection for threats sent over email in real-time.

"What differentiates Barracuda Networks from the competition is that our products are purpose-built to solve the unique needs of email and Web security appliances," said Stephen Pao, vice president of product management for Barracuda Networks. "Unlike desktop anti-virus engines retrofitted for email server usage, the Barracuda Spam & Virus Firewall features anti-virus technology specifically designed for rapid response to viruses that propagate and mutate quickly over botnets and other bulk delivery techniques."

Demonstrating the efficacy of Barracuda Central's response to email-borne malware, Barracuda Networks is posting malware classification benchmarks against leading anti-virus vendors, including Symantec, McAfee, and Trend Micro.

Combating malware propagation techniques over email requires dedicated focus on the unique properties of the virus and other malware attack types including: the attack sources, referenced URLs, the social engineering techniques used to entice recipients to launch them, and the rate of attack proliferation. Through advanced technologies, such as Barracuda Real-Time Protection and Predictive Sender Profiling developed specifically for spam and email-borne malware, Barracuda Spam & Virus Firewalls provide industry-leading response times to email-borne threats.

Barracuda Real-Time Protection provides industry-leading protection through the rapid identification of threats and the immediate, real-time, dissemination of protection measures to all Barracuda Spam & Virus Firewalls in the field once a virus or other malware has been identified.

To identify these threats as they emerge, Barracuda Central, a 24x7 operations centre operated by Barracuda Networks, monitors statistics from both captive virus traps and anonymous data collected in aggregate from over 70,000 customer systems worldwide. Once Barracuda Central engineers identify a potential virus or malware outbreak based on this trend analysis, Barracuda Central validates the hypothesis by collecting samples of suspect emails from Barracuda Spam & Virus Firewalls around the world that elect to participate in data collection. Through efficient evidence collection, Barracuda Central can quickly classify the viruses or malware.

Immediately upon virus or malware classification, Barracuda Spam & Virus Firewalls running Barracuda Real-Time Protection perform live queries for unknown fingerprints against the Barracuda Central virus and spam fingerprint databases, avoiding any need to wait for the next virus definition download for protection. Once categorized, new fingerprints are automatically included in subsequent spam and virus definitions downloaded by Barracuda Spam & Virus Firewalls through Energize Updates, avoiding the need to perform real-time queries.

To address rapidly mutating threats, Barracuda Networks employs a set of technologies called Predictive Sender Profiling that goes beyond traditional reputation techniques and can identify suspicious behaviours associated with the campaign itself. Examples include hacking of legitimate Web sites or newly infected bots on otherwise legitimate computers or data centres. Predictive Sender Profiling enables immediate blocking of the entire malware campaign, even before more general anti-virus signatures can be developed.

Low false positive ratings critical to complete gateway protection
"Email security solutions must be designed to avoid blocking legitimate email," said Pao. "As such, Barracuda Central has prioritized low false positive rates in its analysis in not just spam traffic but also impending malware threats over email."

In order to maintain low false positives for malware threats over email, Barracuda Central works to restrict individual binary signatures as much as possible to specific instances, utilizing other campaign details to provide corroborating evidence to further generalize the mitigation techniques, avoiding false positive problems caused by overly broad signature definitions.

"Barracuda Networks offers the best of both worlds; industry-leading rapid response and protection from the threats that propagate most aggressively without impacting legitimate work," said Pao.

Barracuda Networks recognizes that not all email-borne viruses propagate rapidly, including infected attachments sent from one user to another rather than through bulk email delivery techniques. The Barracuda Spam & Virus Firewall completes its coverage of proprietary rapid-response threat data with the world's largest open source collection of common malware vulnerability data. ClamAV excels in identifying viruses which are not well covered by rapid-response techniques, including those that are well-known but that do not propagate quickly. The Barracuda Spam & Virus Firewall - as well as other network security appliances in the Barracuda Networks product portfolio - includes the ClamAV engine, and Barracuda Central makes use of the ongoing updates contributed by the open source security research community. With three layers of anti-virus protection - open source signatures, proprietary signatures, and Barracuda Real-Time Protection - the Barracuda Spam & Virus Firewall provides the most comprehensive, purpose-built anti-virus engine for email-borne threats.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo