1 / 10

SOFT-TRONIK, a.s.

SOFT-TRONIK, a.s. Defending Malware. Michal Červinka Pre-sales SE. Defending Malware. Blocking Access to Malware Sites Detecting Hidden File Types Removing Active Content from HTML Pages Blocking Mobile Malicious Code Implementing Anti-malware Protection ….

tilden
Download Presentation

SOFT-TRONIK, a.s.

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SOFT-TRONIK, a.s. Defending Malware Michal ČervinkaPre-sales SE

  2. Defending Malware • Blocking Access to Malware Sites • Detecting Hidden File Types • Removing Active Content from HTML Pages • Blocking Mobile Malicious Code • Implementing Anti-malware Protection • …

  3. Blocking Access to Malware Sites • BCWF Categories • Spyware/Malware Sources • Spyware Effects/Privacy Concerns • Phishing

  4. BCWF DRTR

  5. Detecting Hidden File Types • ProxySG provides • file extensions • MIME data types • apparent data types (DOS/Win executables, MS CAB) As a destination in Web Access Layer • ProxyAV delivers • file extensions • true file-type checking in any container (archive …) • executables, images, documents, archives

  6. Removing Active Content • Strip • Java Applets • Plugins • ActiveX • JavaScript, VB Script Action at web access layer

  7. Blocking Mobile Malicious Code • script string rewriting (substitute keywords) • script injection (prevent execution) CPL only CPU intensive

  8. Anti Malware Scanning • Scan once, serve many times • ISTAG for cacheable objects • fingerprints for non cacheable • Many ICAP Error Codes • file scanning timeout • maximum individual file size exceeded • maximum total uncompressed size exceeded • maximum total number of files in archive exceeded • maximum number of archive layers exceeded • decode/decompress error (unsupported compression method, corrupted compression file) • password protected archive • out of temporary storage space • other errors

  9. http Parsing • ProxySG blocks malformed HTTP requests and returns a 400 Invalid Request error by default SGOS#(config) http tolerant-request-parsing

  10. Michal ČervinkaPre-sales SEmichal.cervinka@soft-tronik.czSOFT-TRONIK, a.s.OstravaTvorkovských 5709 00 Ostrava - Mariánské Horytel.: +420 597 488 811 fax: +420 596 622 486PrahaNagano Office and Technology Park,Nagano IIIU nákladového nádraží 10130 00 Praha 3tel: +420 266 109 211 fax: +420 283 840 236www.soft-tronik.cz

More Related