|
Features
On-access scanning of mailboxes
Norman SandBox
Attachment blocking
Scanning of archive files
Norman
Service Monitor
Automatic
updates
Extended
logging
On-access scanning of mailboxes
Back to top
Norman Virus Control for Exchange uses an
AVAPI 2.0 plug-in, which connects to the
Exchange Information Store on the server for
scanning access to emails and attachments.
NVC for Exchange becomes an integrated part
of Exchange itself and is controlled by
Exchange. All incoming and outgoing emails
are scanned on-access in both private and
public information stores. Each element of
the email is scanned separately on-access.
I.e. the attachment and the mail body are
scanned individually. Access is only granted
to items that are free from computer viruses
or when a detected virus has been removed.
If scanning of an attachment fails, access
to the item is denied until it is
successfully scanned to prevent that a
program error does not expose the system to
viruses.
Norman SandBox
Back to top
Norman’s SandBox technology detects new and
unknown computer viruses, including trojans
and worms. Today, an email worm can infect
tens of thousands of workstations in a
matter of seconds. The antivirus vendors are
expected to find the cure, update the virus
definition files, and distribute these to
its customers immediately. The need for
speed is paramount. Norman’s SandBox is a
virtual world where everything is simulated.
An emulator provides an environment where
possible virus infected executables “run"
just as they would do on a real system. When
execution stops, the SandBox is analyzed for
changes. The SandBox is particularly tuned
to find new email-, network- and
peer-to-peer worms.
Attachment
blocking
Back to top
There are various ways to block attachments
so that it will fit different needs and
security policies. You can select from the
following:
Block all attachments
Block attachments with double extensions
Block attachments with CLSID extensions
Block named attachments/extensions
Scanning
of archive files
Back to top
A new advanced decompression module has been
developed to scan files that have been
compressed with different archive programs.
With this module NVC can now scan more than
30 archive types and variants like ZIP, TAR,
RAR, ARJ, UUENCODE, ARC etc. Files that
contain other files of different archive
formats will also be scanned to further
increase security. In addition, if malware
is found within an archived file, NVC will -
if possible - clean the infection and repack
the file (only valid for some formats).
Norman
Service Monitor
Back to top
When NVC for Exchange is installed on a
system, Norman Service Monitor will be
configured to monitor the Information Store
component of Exchange. This warrants better
control over Exchange on the server and
notifies the administrator if something is
wrong.
Automatic
updates
Back to top
Norman Internet Update (NIU) is an
integrated part of NVC and can be configured
to regularly check for new and updated files
on Norman’s product servers. NIU provides
complete updating and upgrading of the
application software and virus definition
files to ensure that the latest version of
the software is always installed.
NIU employs incremental updates of virus
definition files to keep the size of the
updates as small as possible, thereby
reducing download time.
Extended logging
Back to top
Extended logging can be used either to
provide the administrator with more detailed
information about email traffic, or as a
simple statistic resource. The log files are
created daily and deleted after 6 days.
 |
