UTM Premium

 

iStock_000000769069XLarge

Hard Hitting UTM Premium protection

To provide complete piece of mind NetPilot Vanguard and NetPilot Globemaster units come equipped with 12 months subscription to all the options for Unified Threat Management – UTM Premium protection.

Anti-Virus for email

Anti-virus capabilities are powered by market leader Sophos, offering a gateway anti-virus scanning of all incoming, outgoing emails (UTM Standard AV is based on Clam). Unlike ISP operated anti-virus services, NetPilot’s anti-virus solution checks all mails being sent between users internally within the organisation not just email coming from external sources. Further, it checks all email accounts coming from all ISPs not just the single ISP selling you their service – and even better – regardless of whether the email is POP, SMTP and potentially even hotmail web based!

Virus signatures are automatically downloaded by UTM equipped NetPilots. The NetPilot will check every hour and update both the database of over a million signatures and even update the scanning engine – if required.

Network administrators can choose to quarantine emails that have positively identified as carrying a virus, as well as quarantine or forward emails that cannot be opened for scanning because they are encrypted.

The NetPilot makes an ideal second tier of defense for organisations that have already deployed desktop anti-virus. In the real world where individual PC subscriptions can expire or unprotected laptops be plugged in without the network administrator knowledge, NetPilot can still protect those users and the rest of the organisation.

The UTM option for email policies works in conjunction with the anti-virus option by allowing the network administrator to exercise greater controls based on source and destination addresses as well as many other attributes.

UTM Premium using Sophos Anti-virus has been independently tested and accredited by West Coast labs and awarded their Checkmark certification.

Anti-Virus for Web Browsing

NetPilot will check all pages and downloads against the same virus database as used for checking emails, protecting users from internal and external threats. This service is powered by Sophos.

Anti-Spam

The NetPilot UTM Anti-Spam component provides a powerful combination of countermeasures including Spam Assessment (based on the award winning Spam Assassin technology), several databases of known spammers including Spam Cop, together with Bayesian learning.

In addition, the UTM option for email policies works in conjunction with the anti-spam option by allowing the network administrator to exercise greater controls based on source and destination addresses as well as many other attributes so he can undertake quarantine, black and white listing functions.

The Spam Assessment component scans a pre-loaded set of over one thousand spam characteristics and allocated a score based on the likelihood of it being Spam. If the email rates more than a preset threshold, it is flagged up as Spam. Spam Assessment can delete the offending message before it arrives at the desktop and send a message to the sender to inform them the message has not been delivered, or it can pass it over to the Email Policy mechanism for further analysis.

NetPilot can additionally run checks on incoming email against databases of known spammers. This offers the network manager a very easy to deploy anti-spam measure with proven 99% success rates.

Bayesian filtering is a mathematical approach that, unlike many other anti-spam technologies, adapts over time and takes the changing strategies of spammers into account. It therefore offers moving goal posts which obviously make it far harder for the spammers. Central to Bayesian filtering is the principle that the likelihood of events happening in the future can be inferred by analyzing past events. Spam emails are therefore likely to be made up of similar elements, while valid emails (sometimes referred to as ‘ham’) will have their own determining characteristics. Bayes classifiers learn as they go, updating both the rules and the scores so that when a new evasion trick comes along, the message may still have enough other bad features that the filter will recognize it as spam and if so, the system will learn the new trick automatically.

Content Filtering

This is available on all NetPilot models. It is a managed service offering whereby a NetPilot unit checks across the internet with a remote database what category requested URLs are classified. The NetPilot unit administrator defines which users may view which categories – so local flexible controls are available – which is often a key requirement. The database is very large – over 15 million URLs and divided into over ninety categories and growing.

Email Policy Controls

Email policy controls give the administrator even greater scope to create more extensive rules to deal with email, customized to your organisation’s needs.

The Email Policy system can also work in conjunction with other UTM services which deal with email – in particular Sophos powered anti-virus scanning and anti-spam. When either of these two services discovers an incoming (or outgoing) email which is deemed to be infected with a virus or is spam, they can quarantine the email, which is where the Email Policy system can take over. Additional rules and controls used by the Administrator can then be initiated.

The Email Policy can also be actively employed as a second tier of checks. For example after (or even before) an incoming mail has been checked for the usual spam characteristics you could to decide that any email coming from a known source (say from one of your customers) would always be treated as a ham (good) message, regardless of the content. In this fashion you are creating what is know as a whitelist. The exact opposite could also be set up, say any emails coming to your staff from your competitors could always be deleted (blacklisted) regardless of the content being deemed spam or whether it caries a virus or not !

Email Policies can also be used to control size of emails, create footers, create out of office responders, check content for inappropriate content or block particular users from gaining external email access.

Advanced Firewall

We offer two firewall options: the standard firewall and a the advanced firewall, all models now come with both options. The standard firewall offers excellent security that is powerful, yet easy to administer. The advanced firewall is for those with the technical knowledge that want to construct more detailed rule sets.

The advanced firewall uses powerful stateful packet inspection techniques. To provide the best security, a firewall must track and control the flow of communications. Unlike rudimentary packet filters that are found in cheap personal firewall products, NetPilot’s stateful inspection analyses information flow into and out of a network so that security decisions can be made in real time. It accomplishes this by tracking the state and context of all communications traversing the firewall, even when the connection involves complex protocols.

The advanced firewall also offers the flexibility to allocate particular services and define protocol attributes to particular physical ports. In this fashion, multiple WAN, LAN, DMZ and other ports can be configured.

NetPilot firewalls have undergone rigorous independent testing from West Coast Labs and have been awarded Checkmark accreditation.

Intrusion Prevention System

The intrusion detection system detects attacks or looks for behavior on the network that is unusual or against acceptable use policies. It also provides an audit trail to show how the attack occurred, from where and how far it went. Once something unusual has been detected, the intrusion prevention system can be configured to automatically communicate with the NetPilot advanced firewall to block potential future exploits.

Anti-Spyware

The NetPilot uses firstly URL filtering to ensure you don’t browse sites that are known to infect PCs. Secondly, NetPilot stores identities of Spyware and blocks them in the same way it blocks viruses. The databases of Spyware and Virus identities are updated automatically by NetPilot.

 

NetPilot and SoHoBlue ranges

Specification subject to change. Document version: August 2013
All Trademarks acknowledged.