Scribd
Upload
175 views27 pages

Advanced File Protection Solutions

This presentation discusses how OPSWAT's Metadefender platform can help organizations protect themselves from file-based threats across different entry points into their environments. The Metadefender platform uses multiple antivirus engines and techniques like data sanitization to detect both known and unknown threats. It can integrate with email systems, proxies, firewalls and other tools to scan files uploaded from the internet, received via email, or transferred on removable media or between systems. The platform aims to provide comprehensive protection against today's advanced malware and file-based attacks.

Uploaded by

Ahmed Tantawy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
175 views27 pages

Advanced File Protection Solutions

This presentation discusses how OPSWAT's Metadefender platform can help organizations protect themselves from file-based threats across different entry points into their environments. The Metadefender platform uses multiple antivirus engines and techniques like data sanitization to detect both known and unknown threats. It can integrate with email systems, proxies, firewalls and other tools to scan files uploaded from the internet, received via email, or transferred on removable media or between systems. The platform aims to provide comprehensive protection against today's advanced malware and file-based attacks.

Uploaded by

Ahmed Tantawy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Trust no file.

Trust no device
Advanced Protection Against Known & Unknown Threats
Presentation Agenda

01 Challenges

02 Metadefender

03 Multi Scanning

04 Data Sanitization CDR

05 Vulnerability Scanning

06 Data Loss Prevention (DLP)

07 One Platform Protecting Different Entry Points

08 Kiosk Hardware Options

09 Licensing Model

10 Q&A
2
Challenges

➢ Most of the recent attacks are related to files.


➢ Many high-risk files are essential for business productivity (Microsoft Office, PDF, etc.).
➢ File upload is essential for many web portals but it is also an attack vector (Procurement Department).
➢ The complexity of files is increasing.
➢ Most organizations are focusing on detection rather than prevention (sandboxing).
➢ Malware is increasingly being able to evade traditional detection methods such as single anti-malware
engines and sandboxes.
➢ Most of recent malware/ransomware have been delivered by email/attachments.
➢ Phishing attacks and drive-by downloads are easy ways for attackers to gain initial access.
➢ Users will continue to click on links and open documents.
➢ USBs challenge - battle between security (blocking USBs) and operability (allowing USBs)
➢ Zero Day malwares 3
Attack Perimeters

➢ Malicious files are penetrating into the environment mainly on four ways:
▪ Files are downloaded from the internet
▪ Files are uploaded to the environment by external users
▪ Files are received as an email attachment
▪ Files are being copied from removable media

➢ OPSWAT can protect all mentioned perimeters by integrating with:


▪ Proxy solutions
▪ Firewalls
▪ Web Application firewalls
▪ Email solutions
▪ Kiosks
▪ Data Diodes
▪ Custom APIs

4
MetaDefender

5
MetaDefender
Protecting Organizations from Advanced Threats

32+ 30+
EMBEDDED
EMBEDDED DATA
ANTI-MALWARE
SANITIZATION ENGINES
ENGINES

FILE TYPE
VERIFICATION

MULTI-SCANNING DATA
ENGINE SANITIZATION
WORKFLOW

ENGINE
ARCHIVE VULNERABILITY

15K+
HANDLING ENGINE
APPLICATIONS SUPPORTED
BY VULNERABILITY ENGINE
OESIS UPDATE

30+ SUPPORTED
ARCHIVES
ENGINE

AR EXT LZH RAR DEPLOYMENTS


ARJ FAT. LZMA RPM
CAB GPT MBR UDF
CHM HFS MSI UEFI ON PREMISES AIR-GAP CLOUD
CPIO IHEX NSIS VDI
CRAMFS ISO NTFS. VHD
DMG LZH QCOWZ And more.. METADEFENDER PRODUCT OFFERINGS

OESIS KIOSK ENDPOINT MAIL SECURE STORAGE


APIs ICAP 6
FRAMEWORK SOLUTION
Multi Scanning
Detect and Prevent Malware
Window Engine Packages

8
12 1 MB PDF file takes only 1 Sec
16 for scanning and sanitization
20

Linux Engine Packages

5
10
Custom Engines
Additional engines that can be
integrated with any package to Custom Engines
provide a customized threat Additional engines that can be

detection solution. integrated with any package to


provide a customized threat
detection solution.
Multi Scanning
Detection Ratio (probability that malicious file will be discovered and stopped)

Core 4 86.75

Core 8 92.74

Core 12 97.45

Core 16 98.85

Core 20 99.75

Core 32+.. 99.87

80% 82% 84% 86% 88% 90% 92% 94% 96% 98% 100%

Detection of top 10,000 threats


8
Multi Scanning
Detection and Update Interval (time between new threat is seen on the internet until the environment is protected )

Metadefender Outbreak Detection


Average Detection times of 50 outbreaks
Metadefender Package Average Outbreak Detection Time

Metadefender 4 4 days, 1 hour, 58 minutes

Metadefender 8 3 days, 9 hour, 42 minutes

Metadefender 12 1 days, 10 hour, 34 minutes

Metadefender 16 0 days, 17 hour, 11 minutes

Metadefender 20 0 days, 8 hour, 52 minutes The more engines, the


faster the detection
Metadefender 32+ 0 days, 0 hour, 10 minutes times

9
Data Sanitization (CDR)
Eliminate Zero Days, Ransomware and Targeted Attacks

Identify the file and Sanitize the data to remove Generate a new, sanitized file
scan for known any potentially malicious maintaining functionality
threats content

10
Vulnerability Scanning
Detect vulnerabilities in software before it’s deployed

Over 1 billion binaries


Over 20,000 applications

11
Data Loss Prevention (DLP) - Detect and Block Sensitive data in Files

➢ Prevent sensitive data from entering or leaving the organization

▪ Content that matches custom regular expressions

▪ Social security numbers

▪ Credit card numbers

➢ Aid compliance with PCI, HIPAA, Gramm-Leach-Bliley and more

➢ Supports over 40 common file types

12
Securing Files Through Different Channels

OPSWAT Components

Metadefender Core

API Email Security ICAP Server

Kiosk Vault Client


13
MetaDefender Email Security- Prevent threats that evades your sandbox

Email Traffic Email Security OPSWAT Kiosk Email Server User

Deployment Options

➢ Your environment - Direct Exchange


➢ Your environment - Behind your email gateway
➢ Your cloud - Protecting Office 365 / google apps

14
MetaDefender ICAP- Integration with Proxy

Internet

Metadefender Core DMZ

ICAP
Perimeter
Firewall

Web Proxy

Users

15
MetaDefender ICAP - Integration with Reverse proxy

Internet

Metadefender Core DMZ

ICAP
Perimeter
Firewall

Web Proxy

Users

16
MetaDefender, Vault & Kiosk – Safe file import from removable media

Metadefender Core

Users

OPSWAT Kiosk Users


17
MetaDefender, Vault & Kiosk – Safe file import from removable media
and safe file exchange with 3rd parties

Internet

Third Party

Perimeter
Metadefender Core Firewall

Vault
Internal
Firewall

OPSWAT Kiosk Users


18
MetaDefender, Vault & Kiosk – Safe file import to air gapped networks
(basic)

Metadefender Core

AIR GAPPED ENVIRONMENT

OPSWAT Kiosk Data Diode Vault

19
MetaDefender, Vault & Kiosk – safe file import to air gapped networks
(advance)

AIR GAPPED ENVIRONMENT


Metadefender Core

Metadefender Core Middleware

OPSWAT Kiosk Data Diode


Vault Sandbox Device

20
Custom API integrations with MetaDefender

Metadefender Core

API

API Calls

User’s Custom built application

21
Email access in Air Gapped network

Internet

LOW-SIDE HIGH-SIDE
Email
Gateway DATA DIODE SYSTEM 1

OPSWAT EMAIL
DATA DIODE SYSTEM 2 (AV & DLP)

OPSWAT EMAIL
(AV & CDR) INBOUND DIRECTION
OUTBOUND DIRECTION
USER EXCHANGE

22
MetaAccess - The Next Generation of Cloud Access Control

Access to cloud Application

AUTHENTICATION
Salesforce

PROTOCOL
Office 365
Dropbox
And others
Identity Provider
Okta
Ping
Centrify
Microsoft Azure
And others
23
Metadefender KIOSK - Secure Gateway for Files In & Files Out

Features K1000 K2000 K3000


Media Type Support USB Ports (2 ea.), 15-in-1
USB Type A & C, 3-1 Card
USB (2 ea.) + card reader, CD/DVD Drive,
Reader, DVD Drive
Floppy
Computer Specs Intel Core i5-8500 (six-core) Intel Core i5-8500 (six-core)
Processor / 32 GB RAM / 256 Intel Core i7 Processor / 16 Processor / 32 GB RAM / 256
GB SSD GB RAM / 512 GB SSD GB SSD
21.5” WVA WLED – Touch 12.3” Display – Touch Screen 19” Display– Touch Screen
Screen
Dimensions & Weight W 19.3in x H 20in x D 20.67in
W: 20in x H: 42in x D: 18in W: 19.45in x H: 51.21in x D:
(with table stand)
(with floor stand) 23.50in
16.53 pounds with table
28 pounds (with floor stand) 127 pounds
stand
Secure Windows Image Included Included Included
24
Licensing Model

➢ MetaDefender Yearly Subscription


▪ Number of anti-malware engines (8,16, 20 or 32)
▪ Data sanitization (optional)
▪ DLP (optional)
▪ Vulnerability assessment (optional)
➢ Integration Options
▪ ICAP
▪ API
▪ Email
▪ Kiosk
▪ Vault
▪ Client
▪ Data Diode
➢ MetaAccess
▪ Number of workstations
25
Q & A Session

26
Riyadh Office Head Office (Dubai)
The Galleries, Building 3, 7th Floor
King Abdulaziz Road, Al Rabie District
Downtown Jebel Ali
Grand Center, 4th Floor, Office #17
PO Box 500741 Dubai, UAE
P.O. Box 8290 Riyadh 13315 – 4324
Kingdom of Saudi Arabia
Abu Dhabi Office
Office 1201, Floor 12 , Block 6, East 1-16
Salam HQ Bldg. PO Box 37195
Abu Dhabi, UAE

TALK TO US
RIYADH, KSA: DUBAI, UAE: ABU DHABI, UAE:
T +966 11 450-7082 T +971 4 440-5666 T +971 2 644-3398 STAY CONNECTED TO US ON
F +966 11 450-7087 F +971 4 363-6742 F +971 2 639-1155 SOCIAL MEDIA

You might also like