GFI DownloadSecurity enables you to assert control over what files your users download from HTTP & FTP sites. Downloaded files are content checked for malicious content, Trojans and viruses, and can be quarantined based on file type and which user downloaded them. GFI DownloadSecurity handles the security risk of file downloads without resorting to blocking all file downloads at firewall level!
Control what files enter your network via FTP/HTTP & ensure they are virus-free
The Internet is a must-have tool for most employees within a company. Online ordering of products, customer and product research and more make it a requirement for most white collar employees to have HTTP and FTP access at work. However, this introduces a huge security risk: Users can now download all types of files that could include Trojans, viruses or objectionable material, and more. Simply blocking all downloads at firewall level would significantly reduce employee productivity.
Rather than blocking file downloads completely, GFI DownloadSecurity for ISA Server checks all downloads for harmful content (like viruses and Trojans) and gives you the power to control what type of files enter your network, from where and for whom. Using GFI DownloadSecurity's powerful rules engine, you can configure rule sets based on file type and user, allowing you to quarantine dangerous files for administrator approval.
Overview | Features | Screenshots | Download Trial | Pricing
GFI DownloadSecurity for ISA Server Features
Controls what files enter your network
For security reasons, you need to exercise control over what kind of files enter your network. Yet, simply blocking all downloads would be far too restricting for network users - and would substantially reduce the usefulness of the Internet and therefore employee productivity. Instead, GFI DownloadSecurity for ISA Server enables you to define which file types should be quarantined for administrator approval per user. You can also use this feature to monitor downloads and ensure that Internet bandwidth is not wasted on useless downloads. View screenshot
Scans for viruses in HTTP and FTP downloads
GFI DownloadSecurity scans all incoming HTTP and FTP downloads for known viruses. Integrated with GFI DownloadSecurity for ISA Server are two industrial-strength anti-virus engines. The signature files are updated immediately after new virus outbreaks become known.
Norman Virus Control & BitDefender virus engines are included
GFI DownloadSecurity comes bundled with Norman Virus Control and BitDefender. Norman Virus Control is an industrial strength virus engine that has received the 100% Virus Bulletin award 16 times running. It also has ICSA and Checkmark certification. BitDefender is a very fast and flexible virus engine that excels in the number of formats it can recognize and scan. BitDefender is ICSA certified and has won the 100% Virus Bulletin award and the European Information Technologies Prize 2002. GFI DownloadSecurity automatically checks and updates the Norman Virus Control and BitDefender definition files as they become available. The GFI DownloadSecurity price includes one year of updates.
Kaspersky virus engine optional
To achieve even greater security, users can add the widely respected Kaspersky virus engine as a third or fourth anti-virus engine or as a replacement to one of the other engines. Kaspersky Anti-Virus is ICSA-certified and has won awards from various IT magazines, such as PC Magazine, PC World, Computer Buyer and Byte. It is well known for the unsurpassed depth of its object scanning, the high rate at which new virus signatures are released, and its unique heuristic technology that effectively neutralizes unknown viruses. Adding the Kaspersky engine is highly cost-effective.
McAfee virus engine optional
It is possible to add the renowned McAfee virus engine as a third or fourth anti-virus engine or as a replacement to one of the other engines. This engine is particularly strong at detecting non-virus attacks such as rogue ActiveX controls. Adding the McAfee engine costs approximately 20% of the GFI DownloadSecurity price.
Quarantines - rather than blocks - suspicious file types
GFI DownloadSecurity's rules engine allows you to quarantine downloads such as .exe files, .zip files and other files that could contain harmful content, such as a virus, worm or Trojan. GFI DownloadSecurity enables you to configure multiple file checking rules and define what must be quarantined on a user or group basis, giving you total flexibility in the way you choose to check incoming files.
Trojan and executable analyzer
The GFI DownloadSecurity Trojan & Executable Scanner detects unknown malicious executables (for example, Trojans) by analyzing what an executable does. Trojans are dangerous as they can enter a victim's computer undetected, granting an attacker unrestricted access to the data stored on that computer. Anti-virus software will NOT catch unknown Trojans because it is signature-based. The Trojan & Executable Scanner takes a different approach by using built-in intelligence to rate an executable's risk level. It does this by disassembling the executable, detecting in real time what it might do, and comparing its actions to a database of malicious actions. The scanner then quarantines any executables that perform suspicious activities, such as accessing a modem, making network connections or accessing the address book.
Can block/check applications' hidden downloads
Some software applications automatically connect to their home pages to download updates using HTTP tunnelling. Although this can reduce administration, it can also present a security risk because unknown applications or Trojans can use the same technique to download malicious files onto a user's PC, without the user knowing. GFI DownloadSecurity can protect you against the automatic downloading of files to users' computers by known and unknown applications. You can configure GFI DownloadSecurity to allow updates from known/approved sites (e.g., Microsoft.com) and block automatic updates from unknown sites.
Check/block incoming files by file type, not only by extension
GFI DownloadSecurity blocks/quarantines files based on file type (for example, executable) and file extension. Microsoft ISA Server can only block by extension, meaning users could bypass its file blocking system by renaming the extension. GFI DownloadSecurity allows you to ensure that this does not happen on your network.
Network-wide blocking of Java applets & ActiveX controls
ActiveX controls and Java applets are a huge security risk as they can be Trojans or may contain security holes that could be exploited. Although users are prompted by their browser whether they wish to run the ActiveX control or Java applet, those who are unaware of the risks could potentially infect your network by downloading a control from a distrusted site. GFI DownloadSecurity allows you to specify the sites from which you trust ActiveX controls or Java applets and blocks all Java applets and ActiveX controls from mistrusted/unknown sites. This way, GFI DownloadSecurity secures your network from any user who makes the wrong decision in downloading a control or applet.
Approve/reject quarantined downloads using the moderator client, email client or web-based moderator
GFI DownloadSecurity provides several options for moderating quarantined downloads and web pages. The moderator client gives you a familiar Windows interface for approving/rejecting files. The web-based moderator allows you to approve/reject downloads from anywhere on your network. Alternatively, GFI DownloadSecurity can also forward quarantined files to an email address, enabling you to use a public folder to distribute the quarantined items to multiple administrators.
Complete integration with ISA Server - Easy installation & administration
GFI DownloadSecurity was built from the ground up to work with ISA Server. It links in as an ISAPI extension and can leverage features such as alerts, reporting and more that are already found in ISA Server. You do not need to change anything in your network configuration.
Cost-effective
GFI DownloadSecurity is highly cost-effective compared to other content filtering and anti-virus products. Because the product runs on ISA Server, no dedicated machine or network consultancy is required.
How GFI DownloadSecurity for ISA Server works
Users will not notice GFI DownloadSecurity until they download a file: Then GFI DownloadSecurity displays a download progress dialog box and the download proceeds. Once the download is complete, GFI DownloadSecurity scans the file for viruses. If the file has no viruses and does not trigger a rule, the user receives it immediately. If the file triggers a rule, it is put into quarantine for administrator approval. Once approved, the file is sent to the user as an email attachment or link. If the file is rejected, the user is notified.
Combine GFI DownloadSecurity with GFI MailSecurity
GFI DownloadSecurity can be purchased in combination with GFI MailSecurity. GFI MailSecurity for Exchange/SMTP is an email content checking, exploit detection, threats analysis, anti-Trojan and anti-virus solution that removes all types of email-borne threats before they can affect your email users. GFI MailSecurity and GFI DownloadSecurity integrate seamlessly, allowing you to configure content security rules and moderate quarantined files from the same interface.
You're in good company...
Many leading companies have chosen GFI DownloadSecurity. Here are just a few: Baby Lulu Inc., Staffordshire Building Society, Sky Pharmaceuticals, Joseph Rowntree Foundation, TexakaBank, Tayburn Ltd and many more.
|
- Microsoft ISA Server.
- Windows 2000/2003 Server.
|
