Traditional protection uses signature patterns to discover viruses. These patterns not only require a previous outbreak to develop a matching signature, but they also leave computers exposed to new/unknown viruses while engineers analyze in-the-wild threats. iSolation Server eliminates this "zero-hour" vulnerability. It observes the actual behavior of e-mail in a virtual-machine environment to quarantine threats without using signature patterns.

What is the advantage of using iSolation Server?

Rather than merely guessing as to the behavior of incoming e-mail, iSolation Server observes the actual behavior of e-mail in a virtual machine. If the message or related attachments exhibit suspicious behavior, iSolation Server quarantines them for later review. Because it doesn't rely on heuristical guesswork to determine message intent, iSolation Server quarantines messages with significantly fewer false positives and negatives.

How does iSolation Server's virtual machine work?

iSolation Server's virtual machine includes a complete virtual replica of a typical corporate e-mail user';s desktop. As messages are received, iSolation Server screens them for active content and either 1. blocks them according to policy 2. allows them according to policy, or 3. examines them in the virtual machine. The virtual machine contains an installation of Windows 2000 Professional with Microsoft Office 2000, Adobe Acrobat Reader, Winzip, and all of the utilities commonly exploited by virus writers, including Microsoft';s .NET framework.

Does iSolation Server examine all attachments in the virtual machine?

No. iSolation Server sends messages containing no active content (and unable to carry any malicious threat) to the e-mail server without delay. For e-mail with active content, iSolation Server blocks it if: 1. Prohibited by user-defined policy determining that certain files have no valid business purpose. 2.Identical to previously encountered malicious messages. 3. Message contents do not match what they purport to be. 4. The virtual machine discovers malicious activity.

What type of behavior does the virtual machine consider malicious?

Typically, threatening messages damage computers by: 1. Activating. They access operating systems to release their payload. 2. Replicating. They infect other machines by propagating through the network. iSolation Server considers messages accessing the system registry, system files, or various network protocols potentially malicious.

How does Avinti update rules and policies for the virtual machine?

Fortunately, iSolation Server does not require frequent updates or changes to the virtual machine, in contrast to traditional pattern-scanners, which require constant updates to their virus file databases. Since iSolation Server observes broad areas of operating system function, it tackles and quarantines new threats as soon as they enter the wild.

What about strategies for handling new types of threats?

iSolation Server delivers protection without frequent regular updates, unlike signature-based scanning, which requires multiple updates. As new categories of threats evolve, registered customers will have complete access to updates through the avinti.com support portal.

How do I successfully install iSolation Server?

An installation wizard guides you step-by-step through iSolation Server's installation and configuration. Avinti recommends installing iSolation Server with Windows 2003 Server on server hardware meeting the published minimum criteria. Additionally, you will need to configure the iSolation Server within the incoming SMTP stream, which requires a technical understanding of e-mail processing.

Can iSolation Server monitor outbound e-mail?

Yes. Depending on network configuration, this may require a second server. Customers who are interested in providing an additional level of outbound security would be able to configure the iSolation Server appropriately.

Can the iSolation Server route e-mail to the target user if the e-mail server goes down or needs to be taken out of production?

iSolation Server supports SMTP, the standard for e-mail traffic It does not, however, operate as an e-mail server.

Will iSolation Server slow my message stream?

The answer depends on a number of variables. In most environments, messages with attachments are typically a small fraction of the overall message stream. Consequently, approximately 97% of all messages experience little or no delay as iSolation Server relays them. Messages with active application content may be delayed slightly for additional analysis.

Does the iSolation Server support multiple operating systems and configurations?

Virus writers typically design their viruses to infect all Windows variants, rather than a specific version. Windows 2000 Professional and the configuration used in iSolation Server's virtual machine is an ideal test environment for potential threats.

Can an administrator monitor the iSolation Server e-mail queue in real time?

iSolation Server administrators can observe the general mail flow through the number of messages waiting to be observed.

Where does iSolation Server fit into an e-mail security scheme?

Experts recommend a layered virus protection approach to minimize security threats. iSolation Server is an essential layer of this layered approach because it eliminates the threat of new and unknown viruses. Avinti recommends that you position the iSolation Server after your spam protection and before your e-mail server. Additionally, iSolation Server functions most effectively when placed after a scanner that filters for known viruses.

How much does iSolation Server cost?

Avinti has different pricing models that are suited to your organization's needs. For more information, or to evaluate iSolation Server, please contact your Avinti representative.

Where can I read the iSolation Server license agreement?

The Avinti End-User License Agreement is located online. More

Contact sales toll-free:
(866) 591-8236