English |  Deutsch  |  簡体中文  |  繁體中文
CP Secure Content Security Gateway Anti-spyware, Anti-virus, Anti-worm solution
PRODUCTS SOLUTIONS SUPPORT PARTNERS NEWS COMPANY RESOURCES
antivirus  
Solutions
Overview
Enterprise Solutions
Small/Medium Solutions
Stream-Based Scanning Technology
Customer Testimonials
Most organizations are aware that some varieties of malicious software enter their networks and computers through web traffic.  A user only needs to browse a web page, click on a URL link in an email, or view web email to unwittingly activate HTTP-based spyware and worms.  As IDC and InfoWorld have pointed out, the web is the new vector for malware attacks.

But most organizations are not aware of the magnitude of this problem.  To see the thousands of malware that come in through web traffic and realize the true extent of this threat, they would need to deploy an extremely high performance gateway anti-malware product that could detect and stop malware on HTTP without generating latency and impeding network performance.  They would be alarmed to learn that the majority of the malware CP Secure customers catch is on HTTP.  How is this possible?

The Traditional Approach

Today's scanning technology, used in everything from desktop anti-virus software to gateway anti-virus appliances, is batch-based.  Many anti-virus vendors built their batch-based scan engines during an era when viruses were transmitted via removable media.  They based their algorithms on the assumption that the entity to be scanned could be randomly accessed. 

In this batch-based method, scanning commences only after the entire file is received, and outputting starts only after the entire file has been scanned (see figure 1).  Therefore, end-users often experience long delays or sometimes even timeouts while the file is transferred and scanned.  When applied to the new malware threats in real-time web traffic, the traditional scanning approach introduces unacceptable levels of latency that bring enterprise web activities to a standstill.

  

CP Secure's Solution

Stream-based scanning is based on the simple observation that network traffic travels in streams.  CP Secure's scan engine starts receiving and analyzing traffic as the stream enters the network (see figure 2).  As soon as a number of bytes are available, scanning commences.  The scan engine continues to scan more bytes as they become available, while at the same time another thread starts outputting the bytes that have been scanned.  CP Secure's pipeline approach, in which the receiving, scanning, and outputting processes occur concurrently, ensures that network performance is not impeded.  The result is that internet traffic is scanned virtually in real-time – a performance advantage that is easily noticeable to the end-user.  Anti-malware scanning of real-time web traffic at the internet gateway is now feasible.

Figure 1 : Traditional Batch-based Scanning

  

Figure 2 : CP Secure's Stream-based Scanning

The Benefit

CP Secure’s patent-pending stream-based scanning architecture enables, for the first time, the scanning of very high volumes of real-time internet traffic for malware, without bringing enterprise internet activities to a standstill.  Organizations can now protect their confidential data and maintain organizational continuity by stopping spyware and viruses at the internet gateway, without stopping the internet.
 
Products
CSG 2500
CSG 1500
CSG 1000+
CSG 300
CSG 110
Technology
Stream-Based Scanning
Articles
Spyware Basics
Anti-Spyware
Today's Malware Threats
Copyright © 2007 CP Secure, Inc. All rights reserved.
Legal Notices |  Site Map