|
Features
Managing Norman FireBreak
Norman SandBox
Scanning
Detection of aggressive
commercials and security risks
Multi-CPU support
Clusters
Norman FireBreak NetWare WAN
Exclude list feature
Messaging
Sending messages over SMTP
(email)
Protocol support
Managing Norman
FireBreak
Back to top
Most of the administrative tasks for FireBreak can
be performed in the FireBreak object in the
eDirectory (NDS), such as configuration of
auto-updates, messaging and eDirectory options.
Other tasks, like monitoring real-time actions can
be done both at the server console and by browsing
in log files.
FireBreak’s console menus follow the conventions for
NetWare’s “look and feel", including implementation
of “first letter" selection in the menus.
We have also developed a ConsoleOne snap-in module,
as we believe that ConsoleOne represents a
simplified and consequently more user-friendly
approach for configuration and administration of the
FireBreak installation.
Norman SandBox
Back to top
Norman’s SandBox technology detects new and unknown
computer viruses, including trojans and worms.
Today, an email worm can infect tens of thousands of
workstations in a matter of seconds. The antivirus
vendors are expected to find the cure, update the
virus definition files, and distribute these to its
customers immediately. The need for speed is
paramount. Norman’s SandBox is a virtual world where
everything is simulated. An emulator provides an
environment where possible virus infected
executables “run" just as they would do on a real
system. When execution stops, the SandBox is
analyzed for changes. The SandBox is particularly
tuned to find new email-, network- and peer-to-peer
worms.
Scanning
Back to top
Norman FireBreak offers two types of scanning:
on-access scanning
on-demand scanning
On-access scanning is continuous scanning of files
accessed on the server. So if a user tries to copy
an infected file to or from your server, infect a
file on the server, or run an infected file from the
server, Norman FireBreak will detect the file and
repair, quarantine, delete, or ignore it. These
actions are all configurable. Both NSS and Classic
NetWare volumes are supported. This can be done with
or without Norman SandBox.
On-demand scanning is used for scanning selected
parts or the entire server for possible viruses at
your request. This can be done with or without
Norman SandBox.
Detection of aggressive commercials and security
risks
Back to top
This feature instructs FireBreak to scan for objects
that represent possible security risks. Some
administrators have installed programs like password
crackers and remote administrative tools that are
perfectly legal and often useful. However, the lack
of security features in some of these tools can
expose machines to unauthorized users and crackers.
FireBreak detects the activity of such tools and
warns against potential security risks. Warnings
will report the name of the program, and you can
therefore decide if it is a legitimate program or a
cracker that triggers the alarm.
Sometimes unwanted programs are attached to programs
that are downloaded from the Internet e.g. for
evaluation purposes. These programs often remain
hidden and are not always removed when the original
program is uninstalled. Occasionally, these programs
may log on to the Internet and download commercials
all by themselves. They are not harmful like
traditional viruses, but they are annoying and
create unnecessary network traffic. FireBreak
detects and removes such programs.
Multi-CPU support
Back to top
Many large companies use servers with multiple CPUs
to increase performance. This has previously been a
problem for many AV vendors. The latest versions of
Norman FireBreak can run perfectly well in a
multi-CPU environment.
Clusters
Back to top
Network servers are often connected to form one or
more clusters, to ease administration, increase
capacity, reduce load, etc. Norman FireBreak is
fully cluster compatible.
Norman
FireBreak NetWare WAN
Back to top
Another strength of Norman FireBreak is
Enterprise-wide functioning. If two or more NetWare
servers are running Norman FireBreak, one of them
can be configured to be a communications hub. The
hub can then operate as a central monitoring
station, enabling more efficient WAN administration.
For configuration purposes, a configuration object
for Norman FireBreak is created in an eDirectory (NDS).
From this configuration object all the Norman
FireBreak objects can be configured from one central
location, thus reducing the administrative burden
for the administrator.
Exclude list
feature
Back to top
In certain situations there may be a need to exclude
certain files or directories from scanning. Norman
FireBreak has a configurable exclude list, which is
valid for both on-access and on-demand scanning.
Messaging
Back to top
The new messaging module in Norman FireBreak
supports messages and alarms received from Norman
Virus Control v5. All messages and alarms can be
logged, printed, forwarded as SNMP traps, or
broadcasted as NetWare alerts.
Sending messages over SMTP (email)
Back to top
All messages and alarms can now be sent to selected
recipients via email.
Protocol support
Back to top
Norman FireBreak automatically detects and fully
supports the protocol used in its operating
environment. It does not matter whether TCP/IP, IPX
or both protocols are being used.
 |
