Defend Against Malware And External Attacks

From Secure Web Gateway
Share/Save/Bookmark
Jump to: navigation, search

Overview

In this world of ubiquitous computers and persistent threats from hackers, protecting your computer is a must.  The key pathway through which malware attacks the system is the Internet and its popular service, the Web.

There are numerous ways to protect and remove malware from our computers. Not a single method is enough to ensure your computer is secure. The more layers of defense, the harder for hackers to hack your computer. SafeSquid provides you three different features/sections to protect your computer from various antivirus -

  •  SvScan Antivirus
  •  ClamAV Antivirus
  •  ICAP Antivirus

Prerequisite

To scan the viruses for HTTPS websites HTTPS Inspection should be enabled in SafeSquid. Check the document to configure HTTPS inspection - How to enable HTTPS Inspection

SvScan

SvScan is a built in module in SafeSquid that protects the users against viruses, Trojans, malware and other threats.

SvScan is used for scanning both HTTP and HTTPS traffic.

Read more about SvScan

ClamAV antivirus

ClamAV antivirus is extra layer of security beside SvScan which protects you from viruses. ClamAV is an open source antivirus engine that is built to detect viruses, trojans, malware and other threats. It supports multiple file formats (documents, executables or archives), utilizes multi-thread scanner features. With this antivirus feature you can detect and block files containing viruses known to the ClamAV daemon scanner. You can integrate your own ClamAV server with SafeSquid here.

Read more about clamAV

ICAP antivirus

ICAP antivirus perform virus scanning, content modification and blocking inappropriate content. You can integrate different types of ICAP servers with SafeSquid.

Here you can integrate the SafeSquid with any ICAP (Internet Content Adaptation Protocol) based network services like-

Dr. Web’s ICAP based antivirus

In this scheme, a client interacts with an HTTP server through a proxy server. The proxy server is a client of the ICAP server (Dr. Web ICAP).

Dr. Web ICAP module is a client of Dr. Web Daemon. Dr. Web ICAP allows to perform virus scanning (using Dr. Web Daemon) of all HTTP traffic coming from the HTTP server and transmitted by the proxy server via the ICAP protocol. The given scheme does not allow FTP traffic scanning.

Note that HTTPS traffic is not scanned as it is encrypted and cannot be decrypted without the public key of the HTTPS server.

 

Kaspersky Antivirus for Proxy Server

Kaspersky Antivirus provides basic protection for your computer. Kaspersky delivers essential protection that helps defend your PC against the latest viruses, ransomware & more.

In includes antivirus file, software and website scan, anti-phishing, protection against ransomware, control over internet traffic, vulnerability search, etc.

Symantec Scan Engine

Symantec Endpoint Protection is a security software suite that includes intrusion prevention, firewall, and anti-malware features. Symantec Scan Engine is a TCP/IP server and programming interface that enables third parties to incorporate support for Symantec content scanning technologies into their proprietary applications.

Trend Micro IWSS

Trend Micro InterScan Web Security Suite stops Internet threats when they try to enter your network. This software suite provides a complete solution that blocks spyware and malware attacks at the Internet gateway. It also prevents access to known malicious web sites and provides an option to clean infected end-user PCs.

Read more about ICAP