Proven Strategies to Combat Changing Security Threats
E-mail viruses have evolved from fun hacker experiments for notoriety, to financially-motivated, sophisticated attacks that change constantly to defeat traditional defenses. Recent headlines have shown the devastating results of company data compromised.
Fallout from these attacks includes both direct financial consequences as well as loss
of customer trust and irreparable damage to the company’s image.
Almost every week, technical and business media report on a new worm or virus that
exposes corporate or customer data. Because the main mechanism to spread these
viruses is e-mail, no company, small or large, is immune to these changing and more
sophisticated threats.
To combat these more advanced attacks, Avinti has developed iSolation Server™ to stop
threats such as zero-day threats, targeted attacks and first-instance malware that are not
detected by traditional anti-virus products. Available as a product or as a managed
service, the iSolation Server™ uses a proprietary, high-performance Observation
Engine™ that observes malware behavior to proactively and safely block threats before
they reach internal mail systems.
The study demonstrated Avinti’s proactive, behavior-based
approach stopped 99.09% of all new, previously unknown viruses.
In a recent independent lab study*, Avinti’s iSolation Server™ was tested along
with eight other anti-virus software vendor solutions using custom created
malware variants designed to mimic common avoidance detection techniques.
The test was done with over 4,200 variants that were created from known
viruses. The success rate of competing signature-based solutions was far more
varied, with an average of less than 36% of new viruses caught.
*Avinti iSolation Server Comparative Test Results, Independent Security Evaluators, May, 2007.
Security Strategies & Techniques
A now commonly accepted practice is to layer multiple anti-virus security products together in the hope that one vendor’s product will stop what another’s has missed. This is a good approach. However many enterprises simply layer redundant
signature-based solutions, in effect paying multiple vendors for the same service, and hoping that one will implement a
signature fast enough to stop the newest attack. This practice is ineffective against most new viruses, especially those that produce thousands of variants to overwhelm the signature-writing process of traditional anti-virus products.
Implementing a Differentiated Layered Strategy
The most effective strategy incorporates differentiated security layers that can effectively handle both
existing and new, changing threats. A differentiated layered strategy combines a proactive, observation-based
solution like Avinti’s iSolation Server™ with traditional, signature-based anti-virus products to maximize protection
against first instance threats, without 100% reliance on signatures.
Available as a product or as a managed service, the iSolation Server enhances malware security with a proprietary, highperformance
Observation Engine™. Avinti’s solution looks at actual malware behavior in a secure environment to
proactively and safely block threats before reaching internal enterprise systems. The approach is unique because it safely
observes the actual behavior of potentially threatening messages, stopping malware the first time it reaches the network.
Avinti’s iSolation Server incorporates traditional anti-virus and anti-spam protection and works well as a stand-alone
solution or with existing products. It filters e-mail based on user-set policies to identify potential new threats. Clean
messages are delivered immediately to the e-mail server, while at-risk messages and attachments are sent to the highperformance
Observation Engine™. The Observation Engine™ proactively observes suspected malware in a secure and
protected environment and quarantines malware based on actual behavior, providing an extremely high degree of accuracy.
Results: Avinti Catches What Others Can't
As a recent example of Avinti’s effectiveness in catching new threats, one customer implemented a differentiated layered
strategy, using a well-known “all in one” enterprise anti-virus appliance, along with Avinti’s iSolation Server. Over a tenmonth
period Avinti’s iSolation Server blocked more than 25 viruses per month that had passed through the defenses of the
all-in-one security gateway. This clearly demonstrates the value of a differentiated layered security strategy utilizing Avinti’s
proactive malware solution.
Enterprises of all sizes need to implement new tactics in e-mail security to combat the changing methods being designed to
bypass traditional anti-virus defenses. As a stand-alone product, or as a compliment to existing solutions, Avinti’s iSolation
Server is an effective approach to stopping today’s advanced security threats.
E-mail viruses have evolved from fun hacker experiments for notoriety, to financially-motivated, sophisticated attacks that change constantly to defeat traditional defenses. Recent headlines have shown the devastating results of company data compromised.
Fallout from these attacks includes both direct financial consequences as well as loss
of customer trust and irreparable damage to the company’s image. 
