PM Consultores Ltda
Ciudad de Paris 5874
Montevideo - Uruguay
(598)26062720

Because there is a world of reasons to be better...

PM Consultores Ltd.
We are resellers of Dr.Web for all Uruguay.
Our cualified stuff provides local support and if we can't
Dr.Web engeneer's backup us.
Dr.Web Enterprise Security Suite
Consists of a set of Dr.Web products designed to protect all hosts in a corporate network and a single Control center that
facilitates the administration of many of the products.
Dr.Web Desktop Security Suite
Protection of workstations, clients of terminal servers, clients of virtual servers, embedded system clients
Dr.Web Server Security Suite
Protection of file storages and applications servers, including terminal server and virtual servers
Dr.Web Mail Security Suite
Protection of e-mail
Dr.Web Gateway Security Suite
Protection of Gateways
Dr.Web Mobile Security Suite
Protection of mobile devices

Dr.Web Enterprise Security Suite

Dr.Web Enterprise Security Suite consists of a set of Dr.Web products designed to protect all hosts in a corporate network and a single Control center that facilitates the administration of many of the products.

Licensing

Protected objects	Supported OS and platforms	Basic license	Additional components
Dr.Web Desktop Security Suite Protection of workstations Protection of terminal server clients Protection of virtual server clients Protection of embedded systems clients	Windows 8/7/Vista/XP/2000 SP 4 + Rollup 1	Comprehensive protection	Control Center
	Windows 8/7/Vista/XP/2000 SP 4 + Rollup 1	Anti-virus	Control Center
	Mac OS X Linux	Anti-virus	Control Center
	MS DOS OS/2	Anti-virus	Control Center
Dr.Web Server Security Suite Protection of file servers and application servers (including virtual and terminal servers)	Windows Novell NetWare Mac OS X Server	Anti-virus	Control Center
	Unix (Samba) Novell SS	Anti-virus
Dr.Web Mail Security Suite Protection of users of e-mail	Unix MS Exchange Lotus (Windows/Linux) Kerio (Windows/Linux)	Anti-virus	Control Center Anti-spam (except for Kerio) SMTP proxy
Dr.Web Gateway Security Suite Protection of users of gateways	Kerio Internet gateways	Anti-virus	Control Center
	Unix Internet gateways	Anti-virus
	MIMEsweeper Qbik WinGate	Anti-virus	Anti-spam
Dr.Web Mobile Security Suite Protection of mobile devices	Windows Mobile	Anti-virus	Control Center
	Android	Anti-virus
	Symbian OS	Anti-virus	Anti-spam

Versatility

As a customer, you'll be given a single key file that will allow you to use a Dr.Web product to protect whatever objects you require for a desired platform. For example, a key file will let you choose between anti-virus protection for a Unix file server and a Windows file server. If you change your platform from Unix to Windows while your license is valid, you don't need to get a different key file. Instead you will be able to go to www.drweb.com to download and install free of charge a distribution file of the program you require.

Ask for a customized Quote

Dr.Web Desktop Security Suite

Protection of workstations, clients of terminal servers, clients of virtual servers, embedded system clients

Licensing of Dr.Web Desktop Security Suite

Types of licenses

Per number of protected workstations
Per number of clients connected to the terminal server
Per number of clients connected to the virtual server
Per number of clients used in embedded systems

Dr.Web Anti-virus for Windows is licensed separately or as a component of Dr.Web Enterprise Security Suite.

License options

	Windows 8/7/Vista/XP/2000 SP 4 + Rollup 1 (32 & 64 bit)	Windows 8/7/Vista/XP/2000 SP 4 + Rollup 1 (32 & 64 bit)	Linux 2.6.x (32 & 64 bit)	Mac OS X 10.4+ (32 & 64 bit)	MS DOS, OS/2
Basic license	Comprehensive protection	Anti-virus	Anti-virus	Anti-virus	Anti-virus
Basic license components	Anti-virus Anti-spy Anti-rootkit HTTP-monitor Office control Firewall	Anti-virus Anti-spy Anti-rootkit Firewall	Anti-virus Anti-spy	Anti-virus Anti-spy Anti-rootkit	Anti-virus Anti-spy Anti-rootkit
Additional components
Control center	+	+	+	+	-

Dr.Web Desktop Security Suite is also included in low-cost Dr.Web bundles for small and medium companies.

Dr.Web Antivirus for Windows

Advantages Technologies Features Updates Requirements Licensing Quote

Advantages

Comprehensive protection from existing threats

Dr.Web for Windows provides reliable protection from most existing threats. Its unsurpassed quality of curing and reliable self-protection capabilities leave no loophole for viruses and other malware to find their way into the protected environment. The built-in firewall and the office control help prevent viruses from exploiting the vulnerabilities of operating systems and applications and allow you to control the operation of installed programs.

Increased labour productivity

Deployment of Dr.Web for Windows provides a positive effect instantly. Because the product provides comprehensive protection, the inflow of spam is cut completely, resulting in a much more productive working environment — important messages no longer get lost in a hefty volume of spam e-mails. In addition, computers in the network are no longer at risk of getting infected, which eliminates downtimes due to virus attacks and subsequent necessary system restoration processes.

Upholding reputations

With Dr.Web for Windows standing guard, criminals can't turn your workstations, embedded system clients, and terminal server clients into sources of viruses and spam that could get onto your customers' computers. Dr.Web for Windows helps you safeguard your reputation as a trustworthy partner.

Flexible licensing

Unlike many competitive solutions, Dr.Web for Windows enjoys the most flexible multi-optional licensing (see the Licensing tab). Doctor Web lets customers buy only the components they need; customers are not made to pay for features they will never use.

Centralized administration

The Control Center, which allows workstation protection to be centrally administered, is included under a Dr.Web Enterprise Security Suite license. The Control Center is equally reliable in networks of any scale and structural complexity — from small workgroup networks to distributed intranets with tens of thousands of hosts. The Control Center also affords the centralized administration of anti-viruses for file servers and application servers, including terminal servers, under Windows and Novell NetWare, for Unix mail servers, Microsoft Exchange, IBM Lotus, Kerio, and also for Dr.Web for mobile devices running Windows Mobile. More...

Experience with large projects

Among Doctor Web's customers are major national and international companies and banks, as well as Russia's government and educational institutions and scientific research institutes. Many of these entities have tens of thousands of computers in their networks. Moreover, Russia's highest government institutions entrust their information security to Doctor Web.

Key Features

Unique engine features

Scans archived files at any nesting level
Reliable detection of packed objects (even if the compression format is unknown to Dr.Web), their detailed analysis aimed at exposing hidden threats
Leader in detecting and neutralizing complex rootkits (Shadow.based (Conficker), MaosBoot, Rustock.C, Sector)
Intelligent memory scan technologies allow viruses to be blocked in the RAM before replicating themselves to the hard drive, making it less likely for malware to exploit the vulnerability of a third-party application or the operating system
Dr.Web can detect and neutralize viruses that can be found only in RAM and do not exist as files on disks, e.g. Slammer or CodeRed

Detection of unknown threats

FLY-CODE is a unique universal decompression technology enabling Dr.Web to unpack data that has been compressed with unknown packers
The cutting-edge, non-signature scan technology Origins Tracing™ ensures the high probability that viruses unknown to Dr.Web will be detected
The heuristic analyzer, whose analyses are based on criteria that is typical of various groups of malicious programs, detects most known threats

Protection components

Detection of all types of threats (Dr.Web Scanner)

Quick and thorough scanning of RAM, boot sectors, hard drives, and removable data-storage devices
Neutralizes viruses, Trojans, and other malware.
Comprehensive databases to detect spyware, riskware, adware, hack tools, and jokers

Real-time protection (SpIDer Guard® file monitor)

Real-time monitoring of the system's health — interception of all calls to files located on local drives, floppy discs, CD/DVD/ Blue-ray disks, flash-drives, or smart cards
File monitor is highly resistant to attempts by malicious programs to disrupt its operation

Anti-rootkit technology (Dr.Web Shield™)

Reliable system protection from viruses featuring rootkit-technologies that allow viruses to hide their presence in a compromised system
Neutralization of complex rootkits (Shadow.based (Confi?ker), MaosBoot, Rustock.C, Sector)

Virus-free e-mail (SpIDer Mail®)*

On-the-fly virus scanning of e-mails over SMTP/POP3/NNTP/IMAP4 that doesn't affect performance of mail clients and doesn't cause receipt delays
Individual processing rules for different types of malicious objects — viruses, riskware, adware, hack tools, paid dialers, and jokers
An analysis of message contents and sending time allows the characteristics of malicious activities to be detected and prevents mail worms from carrying out mass mailings

Spam-free e-mail (Dr.Web Anti-spam)*

Real-time filtering of incoming and outgoing e-mail
The anti-spam doesn't depend on a mail client and doesn't cause receipt delaysThe anti-spam doesn't require configuration and starts working as soon as the first message is received
Different filtering technologies ensure the high probability of detecting spam, phishing, pharming, scamming, and bounce messages
Anti-botnet – you won't be disconnected from the Internet because your computer sends out spam
Messages that have been filtered out are placed in a separate folder, so you can always verify that no false detection has occurred
The standalone anti-spam analyzer module doesn't require connection to an external server or access to a database, saving on traffic

Shield from Internet threats (SpIDer Gate™ HTTP monitor)*

The SpIDer Gate™ module scans incoming and outgoing HTTP traffic in real time, intercepts all HTTP connections, performs data-filtering, blocks infected web pages in any browser, scans files in archives, and protects users from phishing sites and other dangerous web resources.
SpIDer Gate operates independently from web browsers
Filtering doesn't affect overall system performance, surfing speed, or traffic
No configuration is required in the default mode; Dr.Web SpIDer Gate starts scanning right after installation

Web-surfing control (office (parental) control)*

Protection of children from exposure to objectionable content.
Block of access to web-sites from the list divided into 10 subject groups (adult content, violence, weapons, drugs, gambling, etc.).
Block of access to removable data storage devices, files, folders or network drives – an additional measure to protect data from deletion or unauthorized access.

Protection from network attacks (Dr.Web Firewall)*

Protects against unauthorized access from a network; prevents data leaks; blocks suspicious connections on package and application layers
The application layer connection control manages the ability of applications and processes to access network resources and registers access attempts in the applications log
Packet layer filtering allows connections to the Internet to be controlled, regardless of which applications are involved. The packet filter log stores information about packets sent over network interfaces

* only "Comprehensive protection"

...and:

On-demand scans\individual PC scan schedules;
Automatic notifications upon the detection of infected, incurable, or suspicious objects;
Virus database updating reminders;
Centralized control over all components from a single control panel;
Transparent operation – detailed reports on the operation of each module.

Updating

Always up-to-date

Updating over the Internet, whether automatically or according to a schedule, doesn't require user interference. Updating can also be launched manually
Updates are very small — just 50-200 KB, and it takes very little time to download them even if a slow Internet connection is used
Updating servers are always available
In most cases, there is no need to reboot the system to complete updating; Dr.Web starts using the updated modules and latest virus definitions right away
To save traffic, the anti-virus can be set to update virus databases only. However, enabling this option is not recommended. To counter the latest threats, Dr.Web undergoes constant refinement. New features are incorporated in the anti-virus package's updated modules and are downloaded from Doctor Web's server automatically during regular updating sessions. To protect a system from new malware, all components of an anti-virus must remain up-to-date
You can also reduce traffic by downloading updates as archived patch files. Patch files are used to deliver minor additions and fixes for virus database or program modules. The special compression algorithm applied to such patches dramatically reduces the amount of transferred data

Virus monitoring service

The Doctor Web virus monitoring service collects samples of malicious programs all over the Internet to create antidotes and release updates as soon as analyses are completed – as often as several times per hour
As soon as an update is released, users can retrieve it from several servers located at various points of the globe
To avoid false positives, an update is tested over a huge number of uninfected files before it is released
The intelligent system automatically adds entries for similar viruses into the database, ensuring the prompt neutralization of emerging threats

Licensing

Types of licenses

Per number of protected workstations
Per number of clients connected to the terminal server
Per number of clients connected to the virtual server
Per number of clients used in embedded systems

Dr.Web Anti-virus for Windows is licensed separately or as a component of Dr.Web Enterprise Security Suite.

License options

Comprehensive protection
Comprehensive protection + Control ?enter
Anti-virus
Anti-virus + Control Center

Both the Anti-virus and the Comprehensive protection licenses include the Firewall.

System requirements

Windows 8/7/Vista/XP/2000 SP4 + Rollup 1 (32- and 64-bit systems)
Free disk space: ~40MB. An additional 8 MB are required to install the firewall

Additional requirements: Internet connection for registration and updating.

Dr.Web Server Security Suite

Protection of file storages and applications servers, including terminal server and virtual servers

Dr.Web Server Security Suite can be purchased as a separate product or as a component of Dr.Web Enterprise Security Suite

License options

	Dr.Web for Windows Servers	Dr.Web for Novell NetWare Servers	Dr.Web for Mac OS X Servers	Dr.Web for Unix Servers
Basic license	Anti-virus	Anti-virus	Anti-virus	Anti-virus
Additional components
Control center	+	+	+	-

Dr.Web Server Security Suite is also included in low-cost Dr.Web bundles for small and medium companies.

Dr.Web for Windows Servers

Anti-virus protection for Windows servers

Advantages Technologies Features Updates Requirements Licensing

Advantages

Compliance with the highest security standards; Dr.Web for Windows Servers is certified by Russia's Federal Security Service (FSB) and Federal Service for Technological and Export Control (FSTEC)
High performance and stability
High-speed scanning combined with low consumption of system resources allows Dr.Web to run smoothly on any server hardware
Trouble-free automatic operation
The delayed scan technology applied to files opened for reading provides flexible load balancing for a server file system
Flexible client-oriented configuration of scanning and actions performed with detected viruses or suspicious files
Simple installation and administration
Sound protection immediately after installation (with default settings)
Transparent operation — detailed logs with customizable verbosity

Technologies

Unique engine features

Scans archived files at any nesting level
Reliable detection of packed objects (even if the compression format is unknown to Dr.Web), their detailed analysis aimed at exposing hidden threats
Leader in detecting and neutralizing complex rootkits (Shadow.based (Confi?ker), MaosBoot, Rustock.C, Sector)
Intelligent memory scan technologies allow viruses to be blocked in the RAM before replicating themselves to the hard drive, making it less likely for malware to exploit the vulnerability of a third-party application or the operating system
Dr.Web can detect and neutralize viruses that can be found only in RAM and do not exist as files on disks, e.g. Slammer or CodeRed

Detection of unknown threats

FLY-CODE is a unique universal decompression technology enabling Dr.Web to unpack data that has been compressed with unknown packers
The cutting-edge, non-signature scan technology Origins Tracing™ ensures the high probability that viruses unknown to Dr.Web will be detected
The heuristic analyzer, whose analyses are based on criteria that is typical of various groups of malicious programs, detects most known threats

Licensing

License types

Per number of protected servers.

License options

Anti-virus
Anti-virus + Control Center

Dr.Web for Windows Server can be purchased as a component of Dr.Web Enterprise Security Suite.

Dr.Web for Windows Server is also included in low-cost Dr.Web Universal bundle for small and medium companies.

Key features

Unique features

Industry pacesetter! Curing active infections
Installation in an infected system without its preliminary curing
Stable operation under minimum/maximum load without affecting file server's performance significantly
The delayed scan technology applied to files opened for reading provides flexible file system load balancing
Scan of any object (if it can be scanned) whenever it is accessed by a user, the system or any application

Self-protection

Protecting its own modules from failures (Dr.Web SelfPROtect)
Automatic restoring of operation of its own modules
Engine protection
Automatic disconnection of workstations that become a threat from the server
Protection from malware and modification of all its objects including critical files, processes, windows and keys

Installation and configuration, updating and launching

Default settings allow using all features of the anti-virus right after its installation
Remote installation using Active Directory
available with the license Dr.Web Enterprise Security Suite + Dr.Web for Windows file servers
- Centralized anti-virus installation using Login Script
- Automatic launch on system start-up (the default launch interval is 30 minutes, unless a launch job is scheduled)
Launch of scanning whenever an object that can be scanned is accessed by a user, the system or any application
Automatic, manual and schedule launching of scanning and updating
Quick loading and unloading of any module
Flexible configuration of separate modules
Customizable scanning parameters and actions performed upon detection of malicious objects
Customizable actions sequences performed one after another to a malicious object if a previous or subsequent action can't be applied
Automatic updating over the Internet
Configuration of different types of jobs

Scanning

Unique! Installation in an infected system without its preliminary curing
Improved! Multi-thread scanning
Adjusting scanning priority
Unique! The delayed scan technology applied to files opened for reading (adding files to the scanning queue to reduce server workload)
Monitoring of running processes and file requests
Detection and neutralization of viruses and malicious programs in packed files (not archived)
New! Unique! Detection and neutralization of viruses disguised with unknown packers (FLY-CODE technology)
Improved! Unique! The unique non-signature detection technology (Origins Tracing)
Improved! Detection of viruses in archived files at any nesting level
Improved! Detection of viruses in self-extracting archives at any nesting level
Improved! Scan of files prepared by the installer
Memory scan
Scanning of disk drives
Scan of logical drives
CD scan
Scan of network drives
Scanning of directories
File scan
Detection of viruses in archives at any nesting level and in packed objects
Scan of mail files
Scan of boot sectors of disks
Scan of e-mail formats
Three types of scanning (express, full and custom)
Adjusting scanning priority
Several types of scan (all files/selected files/scan according to the filename extensions list/scan according to the masks list)
File and path exclusions
Customizable actions for infected and suspicious objects as well as for objects of other types: cure, move to the quarantine, delete
Customizable action sequences performed to a malicious object if one of the actions can't be applied
Custom actions for infected archives
Custom actions for each infected object
Scan of archived files at any nesting level
Customizable maximum size of a file extracted for scanning
Setting compression level limit for archived files to be scanned
Blocking access to the infected object
Customizable quarantine location

Notifications

Notifying a user about disconnecting his machine from the file server upon detection of a virus threat
Notifying an administrator upon detection of a viral threat

Logging

Anti-virus log containing time of each event, name and type of the scanned object and the type of action applied to the object
Customizable logging verbosity
Customizable log file size

Updating

Always up-to-date

Updating over the Internet, whether automatically or according to a schedule, doesn't require user interference. Updating can also be launched manually
Updates are very small — just 50-200 KB, and it takes very little time to download them even if a slow Internet connection is used
Updating servers are always available
In most cases, there is no need to reboot the system to complete updating; Dr.Web starts using the updated modules and latest virus definitions right away
To save traffic, the anti-virus can be set to update virus databases only. However, enabling this option is not recommended. To counter the latest threats, Dr.Web undergoes constant refinement. New features are incorporated in the anti-virus package's updated modules and are downloaded from Doctor Web's server automatically during regular updating sessions. To protect a system from new malware, all components of an anti-virus must remain up-to-date
You can also reduce traffic by downloading updates as archived patch files. Patch files are used to deliver minor additions and fixes for virus database or program modules. The special compression algorithm applied to such patches dramatically reduces the amount of transferred data

Virus monitoring service

The Doctor Web virus monitoring service collects samples of malicious programs all over the Internet to create antidotes and release updates as soon as analyses are completed – as often as several times per hour
As soon as an update is released, users can retrieve it from several servers located at various points of the globe
To avoid false positives, an update is tested over a huge number of uninfected files before it is released
The intelligent system automatically adds entries for similar viruses into the database, ensuring the prompt neutralization of emerging threats

System requirements

Windows NT/2000/2003/2008 (32 and 64-bit).

Dr.Web for Unix Servers

Dr.Web for Unix Server is a high performance anti-virus for Samba file storages run under Unix-like operating systems (Linux, FreeBSD, Solaris). With its ability to process huge amounts of data in real-time, reliable operation, and flexible configuration, Dr.Web for Unix Server meets the requirements of companies of any size.

Samba SpIDer is a file monitor for a Samba server. Implemented as a loadable plugin for a virtual file system (vfs), Samba interface, it also operates as a client communicating with Dr.Web Daemon and receives scanning requests

Advantages Technologies Features Updates Requirements Licensing

Advantages

High performance and stability
High-speed scanning combined with low consumption of system resources allows Dr.Web to run smoothly on any server hardware
Flexible, client-oriented configuration of scanning and actions performed with detected viruses or suspicious files
Perfect compatibility – the anti-virus doesn't conflict with any known firewall or file monitor
Easy administration, simple installation, and configuration

Technologies

Unique engine features

Scans archived files at any nesting level
Reliable detection of packed objects (even if the compression format is unknown to Dr.Web), their detailed analysis aimed at exposing hidden threats
Leader in detecting and neutralizing complex rootkits.
Intelligent scan technologies allow viruses to be blocked making it less likely for malware to exploit the vulnerability of a third-party application or the operating system

Detection of unknown threats

FLY-CODE is a unique universal decompression technology enabling Dr.Web to unpack data that has been compressed with unknown packers
The cutting-edge, non-signature scan technology Origins Tracing™ ensures the high probability that viruses unknown to Dr.Web will be detected
The heuristic analyzer, whose analyses are based on criteria that is typical of various groups of malicious programs, detects most known threats

Licensing

License types

Per number of protected servers.

License options

Anti-virus

Dr.Web for Unix Server can be purchased as a component of Dr.Web Enterprise Security Suite.

Dr.Web for Unix Server is also included in low-cost Dr.Web Universal bundle for small and medium companies.

Key features

On-demand and scheduled scanning of server volumes
On-the-fly scan –checks files for viruses as they are about to be written or opened
Multi-thread scan
Automatic disconnection of workstations from the server as soon as they've been identified as threat sources
Instant notifications for the administrators and their groups via e-mail, short messages sent to a phone, or pager
Isolation of infected files in the quarantine
Curing, restoration, and removal of quarantined objects
Anti-virus actions log
Automatic updating of virus databases

Updating

Always up-to-date

Updating over the Internet, whether automatically or according to a schedule, doesn't require user interference. Updating can also be launched manually
Updates are very small — just 50-200 KB, and it takes very little time to download them even if a slow Internet connection is used
Updating servers are always available
In most cases, there is no need to reboot the system to complete updating; Dr.Web starts using the updated modules and latest virus definitions right away
To save traffic, the anti-virus can be set to update virus databases only. However, enabling this option is not recommended. To counter the latest threats, Dr.Web undergoes constant refinement. New features are incorporated in the anti-virus package's updated modules and are downloaded from Doctor Web's server automatically during regular updating sessions. To protect a system from new malware, all components of an anti-virus must remain up-to-date
You can also reduce traffic by downloading updates as archived patch files. Patch files are used to deliver minor additions and fixes for virus database or program modules. The special compression algorithm applied to such patches dramatically reduces the amount of transferred data

Virus monitoring service

The Doctor Web virus monitoring service collects samples of malicious programs all over the Internet to create antidotes and release updates as soon as analyses are completed – as often as several times per hour
As soon as an update is released, users can retrieve it from several servers located at various points of the globe
To avoid false positives, an update is tested over a huge number of uninfected files before it is released
The intelligent system automatically adds entries for similar viruses into the database, ensuring the prompt neutralization of emerging threats

System requirements

Linux distributions with kernel version 2.4.x and higher;
FreeBSD v.6.х and higher for Intel x86 platform and amd64;
Solaris v.10 for Intel x86 platform and amd64.

Dr.Web for Novell Netware

Dr.Web for Novell NetWare scans file storages run under NetWare for viruses. It demonstrates high performance combined with reliable detection of viruses where its speed and productivity are only limited by hardware capabilities. The program is launched on the protected server as a loadable module (NLM module) and is controlled from the server console or from a remote console launched on a workstation.

Advantages Technologies Features Updates Requirements Licensing

Advantages

Widest range of supported versions of Novell Netware — from 3.12 up to 6.5
Support of NetWare namespace
Simultaneous support of several network protocols
High-speed scanning of huge amounts of data at minimum consumption of system resources both real-time and on demand
Manageable consumption of CPU resources by adjusting the priority of the scanning process
Simple installation procedure
Flexible client-oriented configuration of scanning and actions performed with detected viruses or suspicious files
User control panel

Technologies

Unique engine features

Scans archived files at any nesting level
Reliable detection of packed objects (even if the compression format is unknown to Dr.Web), their detailed analysis aimed at exposing hidden threats
Leader in detecting and neutralizing complex rootkits (Shadow.based (Confiсker), MaosBoot, Rustock.C, Sector)
Intelligent memory scan technologies allow viruses to be blocked in the RAM before replicating themselves to the hard drive, making it less likely for malware to exploit the vulnerability of a third-party application or the operating system
Dr.Web can detect and neutralize viruses that can be found only in RAM and do not exist as files on disks, e.g. Slammer or CodeRed

Detection of unknown threats

FLY-CODE is a unique universal decompression technology enabling Dr.Web to unpack data that has been compressed with unknown packers
The cutting-edge, non-signature scan technology Origins Tracing™ ensures the high probability that viruses unknown to Dr.Web will be detected
The heuristic analyzer, whose analyses are based on criteria that is typical of various groups of malicious programs, detects most known threats

Licensing

License types

Per number of protected servers.

License options

Anti-virus
Anti-virus + Control Center

Dr.Web for Novell NetWare can be purchased as a component of Dr.Web Enterprise Security Suite.

Dr.Web for Novell NetWare is also included in low-cost Dr.Web Universal bundle for small and medium companies.

Key features

On-demand and scheduled scanning of server volumes
On-the-fly scanning of all files transferred via the server
Multi-thread scan
Automatic disconnection of workstations from the server if they become threat sources
On-demand scan
Scheduled scan
Scanning of files by format or using the list of extensions, directories, and volumes exceptions, scanning of all objects
Heuristic virus scan
Scan of packed, archived, and mail files
Scan logging; adjustable logging verbosity
Notifications upon detection of infected objects
Curing, and removal or moving of infected objects to the quarantine
Anti-virus administration from the server console or a remote console: configure the notification system, monitor protection, and optimize configurations
Instant notifications for the administrators and their groups over – mail
Customizable notifications
Scanning statistics displaying process operational time, number of scanned files, and information about detected viruses
Anti-virus actions log
Automatic updating of virus databases

Updating

Always up-to-date

Updating over the Internet, whether automatically or according to a schedule, doesn't require user interference. Updating can also be launched manually
Updates are very small — just 50-200 KB, and it takes very little time to download them even if a slow Internet connection is used
Updating servers are always available
In most cases, there is no need to reboot the system to complete updating; Dr.Web starts using the updated modules and latest virus definitions right away
To save traffic, the anti-virus can be set to update virus databases only. However, enabling this option is not recommended. To counter the latest threats, Dr.Web undergoes constant refinement. New features are incorporated in the anti-virus package's updated modules and are downloaded from Doctor Web's server automatically during regular updating sessions. To protect a system from new malware, all components of an anti-virus must remain up-to-date
You can also reduce traffic by downloading updates as archived patch files. Patch files are used to deliver minor additions and fixes for virus database or program modules. The special compression algorithm applied to such patches dramatically reduces the amount of transferred data

Virus monitoring service

The Doctor Web virus monitoring service collects samples of malicious programs all over the Internet to create antidotes and release updates as soon as analyses are completed – as often as several times per hour
As soon as an update is released, users can retrieve it from several servers located at various points of the globe
To avoid false positives, an update is tested over a huge number of uninfected files before it is released
The intelligent system automatically adds entries for similar viruses into the database, ensuring the prompt neutralization of emerging threats

System requirements

Novell NetWare 3.12-6.5.

Dr.Web Mail Security Suite

Protection of e-mail

Licensing Dr.Web Mail Security Suite

Types of licenses

Per number of protected users.
Per server license –unlimited scanning of server e-mail traffic for as many as 3,000 protected users.

Dr.Web Mail Security Suite can be purchased as a separate product or as a component of Dr.Web Enterprise Security Suite

License options

	MS Exchange	IBM Lotus Domino	Unix	Kerio
Basic license	Anti-virus	Anti-virus	Anti-virus	Anti-virus
Additional components
Anti-spam	+	+	+	-
SMTP proxy	+	+	+	+
Control center	+	+	+	+

A Dr.Web Mail Security Suite license may also include the SMTP proxy as an additional component. Using these products together improves overall network security and reduces the workload of local mail servers and workstations.

Dr.Web Mail Security Suite is also included in low-cost Dr.Web bundles for small and medium companies.

Dr.Web for MS Exchange

Anti-virus and anti-spam protection of mail traffic directed through MS Exchange 2000/2003/2007/2010 servers

Advantages Technologies Features Anti-Spam Updates Requirements Licensing

Advantages

Compliance with the highest security standards – the product is certified by Russia's Federal Security Service (FSB) and Federal Service for Technological and Export Control (FSTEC)
Wide range of installation and configuration options that meet the requirements of almost any company
High-speed scanning combined with low consumption of system resources allows Dr.Web to run smoothly on any server hardware
The built-in anti-spam doesn't require training, lowers server workload and improves employee productivity
Filtering based on black and white lists allows certain addresses to be excluded from scanning and efficiency to be increased
Filtering of files by type, contributing to lower traffic
Grouping allows different filtering parameters to be specified for different groups of employees which contributes to faster deployment and easier maintenance
High performance and stability achieved with multi-thread scanning
Detection and neutralization of viruses disguised with unknown packers
Automatic launch on system start-up
Easy-to-use updating system using Windows Task Scheduler

Anti-spam

Advantages of Dr.Web anti-spam

The anti-spam doesn't require configuration or training. Unlike anti-spam solutions based on Bayesian filtering, it starts working as soon as the first message arrives, so the anti-spam doesn't require daily training by the system administrator
It detects spam messages regardless of their language
No e-mail receipt delays
Real-time e-mail filtering
High-speed filtering with low consumption of system resources
Scanning objects at any nesting level
It can choose a processing technology for the target object depending on the message envelope or upon detection of blocking objects
Messages that have been filtered out are placed in a separate folder so one can always check them to make sure that no false detection has occurred
With the unique technologies there is no need for blacklists. No company will be discredited after it has been deliberately added to such a list
Completely stand-alone: a constant connection to an external server or access to a database are not required which saves traffic significantly
Doesn't need to be updated more often than once in 24 hours – unique spam detection technologies based on several thousands of rules allow the anti-spam to stay up to date without frequent downloads of bulky updates

Vade Retro

Filtering of spam and other unsolicited messages is performed by a vaderetro plugin that uses its own library (Vade Retro). The library is updated regularly for better quality of filtering. High junk filtering productivity is combined with low consumption of system resources. This is the reason why Dr.Web anti-spam is able to operate efficiently on low-end hardware.

Depending on the results of the analysis each message receives the score from the VadeRetro library – an integer ranging from -10000 to +10000. The higher the score is, the more likely the message is to be spam.

The threshold value is set by the SpamThreshold parameter of the plugin configuration file. If the score equals the value of the SpamThreshold parameter or exceeds it, the message is considered to be spam.

Upon completion of a message analysis, Vade Retro may add (depending on the plugin settings) corresponding headers into the message.

Spam filtering technologies

The Dr.Web anti-spam analyzes messages using several thousands of rules which can be divided into several groups.

Heuristic analysis: A highly intelligent technology that empirically analyzes all parts of a message: header, body, and attachments. It allows detecting unknown types of spam. The heuristic analyzer is being constantly improved; new rules are frequently added. It allows detecting next generation spam messages even before a corresponding rule is created.
Counteraction filtering: The counteraction filtering is one of the most advanced and efficient technologies of Dr.Web anti-spam. It helps recognize techniques and tricks used by spammers to avoid detection.
HTML-patterns: Messages containing HTML code are compared with HTML patterns from the anti-spam library. Such comparison in combination with data on sizes of images typically used by spammers helps protect users against spam messages featuring HTML-code, which often contains online images.
Detection based on SMTP envelope: Detection of fake sender and receiver in an SMTP envelope and fake values of header fields is the latest trend in development of anti-spam technologies. A sender address contained in the received message is easy to fake and therefore should not be trusted. Yet unsolicited mail is not limited by spam. It also includes hoaxes or anonymous threats. Dr.Web anti-spam technologies allow to determine if an address is fake and mark the message as unsolicited. It saves traffic and protects employees from unwanted e-mails contents of which may have unpredictable impact on people's behaviour.
Semantic analysis: Words and phrases of a message are compared with words and phrases from the spam dictionary. All words, phrases and symbols are analyzed – both visible to the human eye and those hidden by spammer tricks.
Anti-scam technologies: Scams (as well as pharming messages – a type of scams) are the most dangerous type of spam. The most notorious example of scam is so-called «Nigerian» scams, loan scams, lottery and casino scams and false messages from banks and credit organizations. A special module of Dr.Web anti-spam is used to filter scams.
Technical spam filtering: Automatic e-mail notifications or bounces are designed to notify a user if a failure in operation of a mail system occurs (e.g the message couldn't be delivered at the specified address). Similar messages can be used by criminals. For example, a worm or ordinary spam can get to a computer as a notification. A special module of Dr.Web anti-spam detects such unwanted messages.

Key features

On-the-fly anti-virus and anti-spam scan of e-mails, including attached files
Anti-virus monitoring of user mailboxes and public directories
Anti-virus protection of mail traffic passing through the MS Exchange server
Curing of infected files
Grouping users by means of Active Directory
Adjustable scanning parameters: the maximum size and types of objects to be scanned objects, actions to be performed with infected objects
Detection of malicious objects compressed with multiple packers
Customizable actions performed with different types of spam, including moving messages to the quarantine or adding a specified prefix into their subject fields
Customizable wording inserted in outgoing e-mails
Isolation of infected and suspicious files in the quarantine
Sending notifications on virus incidents to administrators and other users
Operation logging
Automatic updates

Updating

Always up-to-date

Updating over the Internet, whether automatically or according to a schedule, doesn't require user interference. Updating can also be launched manually
Updates are very small — just 50-200 KB, and it takes very little time to download them even if a slow Internet connection is used
Updating servers are always available
In most cases, there is no need to reboot the system to complete updating; Dr.Web starts using the updated modules and latest virus definitions right away
To save traffic, the anti-virus can be set to update virus databases only. However, enabling this option is not recommended. To counter the latest threats, Dr.Web undergoes constant refinement. New features are incorporated in the anti-virus package's updated modules and are downloaded from Doctor Web's server automatically during regular updating sessions. To protect a system from new malware, all components of an anti-virus must remain up-to-date
You can also reduce traffic by downloading updates as archived patch files. Patch files are used to deliver minor additions and fixes for virus database or program modules. The special compression algorithm applied to such patches dramatically reduces the amount of transferred data

Virus monitoring service

The Doctor Web virus monitoring service collects samples of malicious programs all over the Internet to create antidotes and release updates as soon as analyses are completed – as often as several times per hour
As soon as an update is released, users can retrieve it from several servers located at various points of the globe
To avoid false positives, an update is tested over a huge number of uninfected files before it is released
The intelligent system automatically adds entries for similar viruses into the database, ensuring the prompt neutralization of emerging threats

System requirements

Hardware requirements

Specification	Requirement
Specification	in case Microsoft Exchange Server 2000/2003 is used	in case Microsoft Exchange Server 2007/2010 is used
CPU	Pentium 133 MHz (733 MHz recommended)	One of the following processors: Intel processor that supports Intel 64 architecture; AMD processor that supports the AMD64 platform
RAM	256 MB or more (512 MB recommended)	2 GB
Disk space	20 MB for the installation directory, 50 MB for logs and 512 MB for log archives
Monitor	VGA-compatible monitor

Operating system and software requirements

Specification	Requirement
Specification	in case Microsoft Exchange Server 2000/2003 is used	in case Microsoft Exchange Server 2007/2010 is used
Operating system	One of the following: Microsoft® Windows® 2000 Server or Advanced Server with SP4; Microsoft® Windows Server® 2003 Standard, Enterprise or Datacenter edition with SP1 or higher.	One of the following: Microsoft® Windows Server® 2003 R2 x64 with SP2; Microsoft® Windows Server® 2008 x64.
File system	NTFS or FAT32	NTFS
Exchange Server	Microsoft® Exchange Server 2000/2003 Standard or Enterprise edition	Microsoft® Exchange Server 2007 x64 with SP1 or Microsoft® Exchange Server 2010 x64
	Microsoft® Windows Installer 3.1 or higher Microsoft .NET Framework 3.5 (for correct operation of Administrator Web Console)

Technologies

Unique engine features

Scans archived files at any nesting level
Reliable detection of packed objects (even if the compression format is unknown to Dr.Web), their detailed analysis aimed at exposing hidden threats
Leader in detecting and neutralizing complex rootkits (Shadow.based (Confiсker), MaosBoot, Rustock.C, Sector)
Intelligent memory scan technologies allow viruses to be blocked in the RAM before replicating themselves to the hard drive, making it less likely for malware to exploit the vulnerability of a third-party application or the operating system
Dr.Web can detect and neutralize viruses that can be found only in RAM and do not exist as files on disks, e.g. Slammer or CodeRed

Detection of unknown threats

FLY-CODE is a unique universal decompression technology enabling Dr.Web to unpack data that has been compressed with unknown packers
The cutting-edge, non-signature scan technology Origins Tracing™ ensures the high probability that viruses unknown to Dr.Web will be detected
The heuristic analyzer, whose analyses are based on criteria that is typical of various groups of malicious programs, detects most known threats

Licensing

Types of licenses

Per number of protected users.
Per server license – unlimited scanning of server e-mail traffic for as many as 3,000 protected users.

Dr.Web for MS Exchange can be purchased as a separate product or as a component of Dr.Web Enterprise Security Suite. In the latter case the license also covers the Control Center of Dr.Web Enterprise Security Suite and Anti-spam.

A Dr.Web for MS Exchange license may also include the SMTP proxy as an additional component. Using these products together improves overall network security and reduces the workload of local mail servers and workstations.

License options

Anti-virus
Anti-virus + Control Center
Anti-virus + SMTP proxy
Anti-virus + Control Center + SMTP proxy
Anti-virus + Anti-spam
Anti-virus + Anti-spam + Control Center
Anti-virus + Anti-spam + SMTP proxy
Anti-virus + Anti-spam + Control Center + SMTP proxy

Dr.Web for MS Exchange is also included in low-cost Dr.Web bundles for small and medium companies.

Dr.Web for Unix Mail Servers

Highly intelligent anti-virus and anti-spam protection system for large amounts of e-mail traffic

Advantages Description Components Plugins SMTP Proxy Updates Requirements Licensing

Advantages

Meet highest security standards

Dr.Web for Unix Mail Servers is certified by Russia's Federal Service for Technical and Export Control (FSTEC) and Federal Security Service (FSB) and, subsequently can be used in networks with high security requirements. Dr.Web for Unix servers meets all of the requirements of anti-virus products regarding the protection of personal information as stated by Russian law and can run on computers requiring maximum protection.

Flexible configuration

Dr.Web for Unix Mail Servers can be configured using rules providing greater flexibility compared with competitive solutions that can only be set up using static parameters in configuration files. Messages are filtered and modified according to established policies where the administrator can configure individual processing rules for different users and groups and even for each e-mail. It allows the product to meet any requirements to corporate security.

Low system requirements

The system requirements of Dr.Web for Unix Mail Servers are very low allowing it to run on any server hardware. It makes the anti-virus a perfect choice for companies that can't afford modernizing their server hardware on a regular basis to meet ever growing requirements of most anti-virus solutions.

Minimal TCO

Unlike many competitive solutions Dr.Web for Unix Mail Servers enjoys the most flexible multi-optional licensing. A customer buys only components they need and doesn't pay for software they don't need and will never use.

Perfect scalability

Dr.Web for Unix Mail Servers with its capabilities for processing huge amounts of data real-time, reliability and flexibility meets demands of small companies using one mail server as well as unlimited requirements of multi-national telecom providers for scan of mail traffic.

Rapid response

Multi-thread scanning ensures rapid response of the anti-virus allowing it to scan arriving data real-time along with files received earlier and to deliver e-mails to end-users without a notable delay.

Efficient filtering of unsolicited e-mails

Dr.Web anti-spam is shipped as a solution component (but never as a separate product). It is installed on the server where the anti-virus product resides. It simplifies administration of the solution and lowers its TCO compared with competitive solutions.

Additional advantages of Dr.Web anti-spam

the anti-spam doesn't require configuration or training. Unlike anti-spam solutions based on Bayesian filtering, it starts working as soon as the first message arrives
It detects spam messages regardless of their language
Customizable actions for different categories of spam
The white and black lists of its own rule out a possibility for a company to be discredited by adding it deliberately to lists of unwanted addresses
Record-low number of false positives
Stays relevant with one update in 24 hours – unique spam detection technologies based on several thousands of rules allow the anti-spam to stay up to date without frequent downloads of bulky updates

Enhanced security for corporate mail

The modular structure of Dr.Web for Unix Mail Servers allows integrating the product with various mail systems or using it as an SMTP proxy – a filter processing e-mails before they are received by the mail server. Dr.Web for Unix Mail Servers and an additional SMTP proxy used simultaniously provide:

Better overall network security
Improved filtering quality with no limitations caused by a mail server
Lower workload of local mail servers and workstations
Greater stability of the mail filtering system

Protection of confidential information

The quarantine managed over the web-interface or by means of a special utility and the option for archiving all e-mails transferred through the filter allow tracking causes of data leaks and restoring messages accidentally deleted by users from their mail boxes.

Guaranteed delivery of e-mail

Guaranteed delivery of all messages makes configuring a mail server easier. Even if a user is unavailable for a long period of time and can't receive a message, it will be stored in a special directory.

Easy administration

The web-interface allows administering the product from any computer connected to the Internet.

Open solution

Dr.Web for Unix Mail Servers can be integrated with solutions from other developers. With the open API users can also add new features to the product.

Unlimited number of plugins

New features for protection of e-mail can be added to the product without any limitations so that any written plugin will immediately work with all supported MTA.

These are not the only advantages of Dr.Web for Unix Mail Servers!

Plugins

Currently the following plugins are available for Dr.Web for Unix Mail Servers:

Drweb

Drweb — is an e-mail anti-virus scan plugin for checking e-mails with the Dr.Web engine. The Drwebd is a scanning module required for operation of the plugin. Messages delivered to drwebd for scanning are already parsed, so neither the drwebd module nor the engine feature a mime-parser. The plugin shows good performance, high detection rate and a rapid response combined with low consumption of system resources.

Stable operation

The modular architecture of the solution and its special failure control module provide exceptional stability of the plugin. It is virtually impossible to render it non-operational.

Rapid response

Quarantine

Infected and suspicious objects detected by the plugin can be placed to the quarantine so later one may try to retrieve useful information, cure or delete quarantined messages.

Easy administration

Flexibility of configuration files allows customizing parameters of the plug-in as the user sees fit. All actions of the plug-in are logged and can be analyzed to identify bottlenecks. Prompt alerting enables administrators to respond to emerging threats in a timely manner.

Open solution

The open MailD architecture enables users to implement additional features that will use DrWeb plug-in with the help of the open SDK and detailed documentation.

Headersfilter

Headersfilter is a header-based message filter used to check e-mails and their attachments. The plugin allows users to add custom filtering rules. Regular expressions can be used to define such rules. Flexible settings of the plug-in allow implementing any number of rules. The plug-in never overloads a system and performs required tasks very quickly.

Easy administration

Flexible rules that can be created using regular expressions allow setting e-mail processing according to requirements of the user. A prompt notification system ensures that a system administrator can perform necessary actions in a timely manner.

Open solution

The open MailD architecture enables users to implement additional features that will use DrWeb plug-in with the help of the open SDK and detailed documentation.

Stable operation

The modular architecture of the solution and its special failure control module provide exceptional stability of the plugin. It is virtually impossible to render it non-operational.

Rapid response

Modifier

The modifier changes processed e-mails using established rules which allows processing incoming and outgoing messages in accordance with corporate standards. In particular using the plugin and the archiving feature allow preventing information leaks. Analysis of filtered messages can be performed via a quarantine management utility.

Easy administration

Flexible configuration allows performing an unlimited number of modifications of processed messages, so a system administrator can create an infinite number of rules to ensure compliance with e-mail security policies. Regular expressions provide full customization of filtering parameters while prompt notifications allow the administrator to take necessary actions in a timely manner.

Open solution

The open MailD architecture enables users to implement additional features that will use the DrWeb plug-in with the help of the open SDK and detailed documentation.

Stable operation

The modular architecture of the solution and its special failure control module provide exceptional stability of the plugin. It is virtually impossible to render it non-operational.

Rapid response

Vaderetro

The vaderetro plugin utilizes its own library updated regularly for better quality of filtering. High junk filtering productivity is combined with low consumption of system resources allowing the anti-spam to operate smoothly on older hardware.

Upon completion of a message analysis, Vade Retro may add (depending on the plugin settings) corresponding headers to the message.

System requirements

Supported OS and mail systems

Linux (glibc 2.2 and higher), FreeBSD 6.x, 7.x, 8.x, Solaris 10 (Intel only).
CommuniGate Pro, Courier MTA, Exim, Postfix, QMail, Sendmail, ZMailer.

Description

Dr.Web for Unix Mail Servers with its flexible configuration, reliability and its capabilities for load-balancing and real-time processing of huge amounts of data meets demands of small companies using one mail server as well as requirements of multi-national ISPs for scan of unlimited amounts of data.

Dynamic load balancing optimizes server performance without additional testing.

The configuration testing and service control interface enables on-the-fly configuration of operation of services which significantly simplifies system maintenance and allows its faster deployment.

Settings of the filtering service and quarantine can now be stored in storages of different types ranging from ordinary files to databases like Oracle.

LDAP directory services are used to store settings. It provides integration of the solution into the structure of the corporate directories service and makes administration of the solution easier.

Dr.Web for Unix Mail Servers is a group of interacting software modules. The range of tasks performed by the solution depends on loaded plug-ins (libraries, responsible for processing of e-mails).

The e-mail messages are processed by the modules of the e-mail daemon as follows: incoming messages are received by the Receiver module which transfers them to the Checker module (drweb-maild). The Checker module uses plug-ins one by one to analyze the messages.

Messages that passed scanning by mail daemon's plugins are forwarded to the mail system by the Sender module. Plugins processing e-mail traffic generate reports on scanning results are created. Such reports are generated by the Notifier module (drweb-notifier) and can be mailed to senders or recipients of messages and to a system administrator. he processing of e-mails by the e-mail daemon can be flexibly regulated by rules.

In accordance with effective security policies filtered out messages can be placed in the quarantine. If necessary, all actions (search, removal of messages from the quarantine, archiving) can be carried out using the web-interface, a special utility or administration messages. Quarantine management with administration messages is also available to users.

Rules are added into the daemon's configuration file — it is one of the most useful features of the software. Rules set in the mail daemon configuration file allow changing operational parameters of the mail daemon depending on the contents of processed messages. The current version of the mail daemon allows setting rules for sender and recipient addresses and for particular types of malicious objects found in messages.

Dr.Web for Unix Mail Servers can archive all incoming and outgoing messages allowing restoring accidentally deleted e-mails and determining how an infection spread over a network.

Updating

Always up-to-date

Updating over the Internet, whether automatically or according to a schedule, doesn't require user interference. Updating can also be launched manually
Updates are very small — just 50-200 KB, and it takes very little time to download them even if a slow Internet connection is used
Updating servers are always available
In most cases, there is no need to reboot the system to complete updating; Dr.Web starts using the updated modules and latest virus definitions right away
To save traffic, the anti-virus can be set to update virus databases only. However, enabling this option is not recommended. To counter the latest threats, Dr.Web undergoes constant refinement. New features are incorporated in the anti-virus package's updated modules and are downloaded from Doctor Web's server automatically during regular updating sessions. To protect a system from new malware, all components of an anti-virus must remain up-to-date
You can also reduce traffic by downloading updates as archived patch files. Patch files are used to deliver minor additions and fixes for virus database or program modules. The special compression algorithm applied to such patches dramatically reduces the amount of transferred data

Virus monitoring service

The Doctor Web virus monitoring service collects samples of malicious programs all over the Internet to create antidotes and release updates as soon as analyses are completed – as often as several times per hour
As soon as an update is released, users can retrieve it from several servers located at various points of the globe
To avoid false positives, an update is tested over a huge number of uninfected files before it is released
The intelligent system automatically adds entries for similar viruses into the database, ensuring the prompt neutralization of emerging threats

Licensing

Types of licenses

Per number of protected users.
Per server license – unlimited scanning of server e-mail traffic for as many as 3,000 protected users.

Dr.Web for Unix Mail Servers can be purchased as a separate product or as a component of Dr.Web Enterprise Security Suite. In the latter case the license also covers the Control Center of Dr.Web Enterprise Security Suite and Anti-spam.

A license for Dr.Web for Unix Mail Servers may also include the SMTP proxy as an additional component. Using these products together improves general network security and reduces the workload of local mail servers and workstations.

License options

Anti-virus
Anti-virus + Control Center
Anti-virus + SMTP proxy
Anti-virus + Control Center + SMTP proxy
Anti-virus + Anti-spam
Anti-virus + Anti-spam + Control Center
Anti-virus + Anti-spam + SMTP proxy
Anti-virus + Anti-spam + Control Center + SMTP proxy

Dr.Web for Unix Mail Servers is also included in low-cost Dr.Web bundles for small and medium companies.

Components

Receiver: The Receiver component is responsible for the receipt of e-mails, either directly from e-mail systems, or on SMTP/LMTP protocols, and their subsequent transfer to the drweb-maild component. Depending on the e-mail systems and protocols used, the functions of the Receiver component are performed by different modules (drweb-receiver, drweb-milter, drweb-cgp-receiver, etc.), and simultaneous operation of several modules of the Receiver component is supported, which allows to receive and process e-mail from several sources simultaneously. Certain modules of the Receiver component support modification/sending of received messages based on the check results received from the drweb-maild component. For example, the drweb-milter module has the functionality, which allows it to return the results of check of messages to the SendMail system before an SMTP session ends.
drweb-maild: This is the main component for processing e-mails. The drweb-maild component performs the mime-parsing of messages, transfers the messages for processing to plug-ins and stores messages in the database.; The processing of e-mails is made by plug-ins to the drweb-maild module. Plug-ins can be launched and unloaded at any time, without terminating the drweb-maild module. The messages are processed by plug-ins according to the processing order specified by the administrator. The plug-ins are assigned to two queues – BeforeQueueFilters and AfterQueueFilters.; Immediately after the message is received, it is processed by the plug-in from the BeforeQueueFilters queue. Then, if the AfterQueueFilters queue is empty, the processing results of the message are sent to the Receiver component. If the AfterQueueFilters queue has some other plug-ins, the message, after it is processed by the plug-in from the BeforeQueueFilters queue is forwarded to the database and then is sent to the internal queue of the drweb-maild module and the return code of the successful check is sent to the Receiver component. Then the message is checked by the plug-ins from the AfterQueueFilters queue.; The check results are either sent to the Receiver component (if such possibility exists, for example, if the check result time-out has not expired yet), or to the Sender component. All the messages generated by plug-ins are also sent via the Sender component. Certain plug-ins require support of the database in order to function. Such plug-ins cannot be assigned to the BeforeQueueFilters queue.
drweb-notifier: The module generates reports on the operation of the complex. Additionally, installed plug-ins can add their own types of notifications. Request for generation of reports can be sent to both by plug-ins (for example, when a virus is found), as well as other components of the system. For example, the drweb-maild module can send requests to generate a statistics report of all plugged in components and the Sender component can send a request to generate a DSN report when a message cannot be delivered.
Sender: This component sends messages either directly to different e-mail systems, or on SMTP/LMTP protocols. Depending on the e-mail systems and protocols used, the functions of the Sender component are performed by different modules (drweb-sender, drweb-cgp-sender, etc.). The Sender component can receive requests to send messages from drweb-maild, drweb-notifier and drweb-monitor components.
drweb-agent: The drweb-agent module provides the option to process e-mails both autonomously or together with Dr.Web Enterprise Security Suite. All components of the system, except for drweb-monitor, receive their configuration files via the drweb-agent module, that is why it should be launched before other components. The drweb-agent module checks the license and collects statistics on the operation of the components of the system: names of detected blocked objects, the volume of the traffic checked, etc.
drweb-monitor: An auxiliary component which launches and terminates the modules of the system in the specified order and controls their operation. In case some module of the system fails to operate drweb-monitor re-launches it and, if it is specified in settings, notifies the administrator about this.

SMTP Proxy

A mail server's limited capabilities often prevent mail anti-virus scanners from realizing their potential. As a result, virtually all network administrators become confronted with the problem of what to do when their anti-virus and anti-spam protection systems can't be set to operate at maximum efficiency. Dr.Web for Unix Mail Gateways solves this problem.

The product can be installed in the demilitarized zone (DMZ) or integrated with an existing mail system. With the mail scanning server placed in the demilitarized zone, a mail server is not connected to the Internet directly. In this case, even if a hacker succeeds in compromising the server, he won't get access to sensitive company information. The solution performs a full scan of SMTP/LMTP mail traffic.

Advantages

Improved filtering quality with no limitations caused by a mail server
Decreased workload for internal mail servers, content filtering servers, mail and Internet gateways, and workstations
Increased stability of mail scanning and better overall network security

Protection from spammer attacks: An administrator can restrict parameters of the SMTP-session to prevent spammer attacks.
Protection from disguised spam: With the IP validation feature, your company is protected from spam messages sent with forged sender IP addresses.
Protection from hacker attacks: The product can withstand passive attacks such as PLAIN and LOGIN, as well as active non-dictionary attacks.
Protection from spam traps: Dr.Web for Unix Mail Gateways can check whether the recipient address is a spam trap.
Correct processing of malformed e-mails: The product can block messages with an empty sender field but correctly processes messages that violate standards due to malforming by certain mail clients.
Reduction of Internet traffic: Dr.Web for Unix Mail Gateways allows the size of mail attachments to be restricted.
Open Relay servers with limited relay list: If a company needs to use an open mail relay server, Dr.Web for Unix Mail Gateways will help an administrator restrict the list of domains to which the server will relay messages.

Dr.Web Gatеway Security Suite

Protection of gateways

Licensing of Dr.Web Gateway Security Suite

Types of licenses

Per number of protected users.
Per server license –unlimited scanning of server e-mail traffic for as many as 3,000 protected users.

Dr.Web Gateway Security Suite can be purchased as a separate product or as a component of Dr.Web Enterprise Security Suite

License options

	Unix gateways	Kerio gateways	MIMEsweeper	Qbik WinGate
Basic license	Anti-virus	Anti-virus	Anti-virus	Anti-virus
Additional components
Anti-spam	-	-	+	+
Control center	-	+	-	-

Dr.Web Gateway Security Suite is also included in low-cost Dr.Web bundles for small and medium companies.

Dr.Web Mobile Security Suite

Protection of mobile devices

Dr.Web for Symbian OS
Dr.Web for Windows Mobile
Dr.Web for Android

Licensing of Dr.Web Mobile Security Suite

Dr.Web Mobile Security Suite is licensed per number of protected devices.

Special offer

Users of Dr.Web Desktop Security Suite can use Dr.Web Mobile Security Suite free of charge.

	Dr.Web for Symbian OS	Dr.Web for Windows Mobile	Dr.Web for Android
Protection components	Anti-virus + Anti-spam	Anti-virus	Anti-virus
Control center	-	+	-
Supported OS	Symbian Series60	Windows Mobile 2003/2003 SE/5.0/6.0/6.1/6.5	Android OS: 1.5/1.6/2.0/2.1/2.2
Key features
Real-time scan	-	+	+
Scan of files received over GPRS/Infrared/Bluetooth/Wi-Fi/USB-connection or while synchronizing with a PC	+	+	+
Two types of scan: full and custom	+	+	+
Toggling on/off memory card scan	-	+	+
On-demand scan of the entire file system or of separate files and folders	+	+	+
Scan of ZIP, SIS, CAB, RAR, JAR archives	+	+	+
Black and white lists for numbers from which callls and short messages are received	+	-	-
Deletion of infected files	+	+	+
Moving suspicious files to the quarantine	+	+	+
Restoring files from the quarantine	+	+	+
Detailed scanning reports	+	+	+

Dr.Web Mobile Security Suite is also included in low-cost Dr.Web bundles for small and medium companies.

Dr.Web Enterprise Security Suite Control Center

Centralized control over the protection of all hosts in the corporate network

Advantages AntiVirus Server AntiVirus Agents Web Administrator Unique Features Requirements Licensing

Advantages

Dr.Web Enterprise Security Suite Control Center provides centralized security administration for all hosts in the corporate network:

Workstations, terminal servers, virtual servers, embedded system clients;
File servers and application servers (including terminal and virtual servers);
E-mail servers;
Gateways;
Mobile devices.

Manage your corporate anti-virus protection from anywhere in the world with Dr.Web Enterprise Security Suite Control Center. All you need is a web browser. The Control Center runs on any operating system on any computer connected to the Internet, and no additional software is needed.

The intuitive interface will help you deploy an anti-virus network in the shortest time possible in any corporate network regardless of its size and organization; it does not matter how many machines and branch offices are connected over the network, what its topology is, or whether an Active Directory server is available. Administrators do not need to acquire any special skills to deploy the anti-virus network.

The Dr.Web Control Center lets administrators control all components of the anti-virus network from inside the network or remotely over the Internet, monitor the security status of all protected hosts, and receive notifications on virus incidents and configure an automatic response to such events. All that's needed is a TCP/IP connection between the administrator's computer and the anti-virus server.

Low-cost administration

The Control Center's maintenance costs are reduced to a minimum thanks to simple administration routines and the Web-administrator's ability to provide an at-a-glance view of the entire corporate anti-virus network from anywhere in the world.

The versatile Web-administrator, combined with the solution's seamless integration with Windows NAP and the option to create custom event handlers in any script language, reduces the workload of system administrators by freeing them of daily anti-virus routines.

Exceptional scalability

Equally reliable in networks of any scale and structural complexity, from small workgroup networks to distributed intranets with tens of thousands of hosts, the Control Center offers exceptional scalability. Interaction between the anti-virus servers of the Control Center (which is connected to a SQL-server used for data storage) and between the servers and protected workstations that make up the complex communication system is organized hierarchically.

This results in a single anti-virus network of interconnected workstations, making it possible to collect information about the entire network on one server. The hierarchical organization makes the Control Center the perfect choice for multi-branch companies whose networks are not connected to the Internet.

Wide range of supported network protocols

The Control Center simultaneously supports TCP/IP (IPV6 included) and IPX/SPX and NetBIOS protocols for interaction between the anti-virus server and protected computers, allowing the solution to be used in diverse network environments. Communication between different components of the system can be encrypted to ensure secure communication between anti-virus network components, thus making it safe to administer the network from any computer anywhere in the world.

Traffic reduction

Compared with competitive solutions from other developers, the Control Center guarantees minimal network traffic. A special data transfer protocol for TCP/IP and NetBIOS networks provides data traffic compression in TCP/IP, IPX/SPX, or NetBIOS networks.

Transparent operation

The operation of a Dr.Web anti-virus network is completely transparent. An administration audit log records all installation and configuration activities. All components can record their activities in separate log files with customized verbosity, and all file operations performed by the anti-virus software are reflected in the statistics. A notification system informs administrators about problems in the network. Such notifications can be displayed by the Web-administrator or sent via e-mail.

The notification system provides an administrator with the following features:

customizable text of threat notifications
notifications on virus attacks, scan results, and file deletions
a special threat-alert icon
an option to view reports in the Web-administrator or export information into CSV, HTML or XML formats
customizable logging verbosity
retrieval of information on the following
- virus activities with detected viruses arranged by group
- detected client vulnerabilities
- scanning errors
- anti-virus components running on protected PCs
- abnormal behaviour of protected machines

Anti-virus server

The Control Center included in Dr.Web Enterprise Security Suite connects to anti-virus server that facilitates the centralized administration of an anti-virus network including its deployment, virus database and software component updating, network protection status monitoring, virus incident notifications, and statistics collection. Detailed descriptions of all features related to the centralized management of individual products can be found in the «Control Center» tab of the corresponding products.

Deployment: The Control Center's anti-virus server can be installed on a computer connected to the local network. It stores distribution files of anti-virus packages for different operating systems, updates of virus databases and package program modules, user key files, and the configurations of protected objects. The server can also send information upon request from the agent to the corresponding machine.; The cross-platform architecture of the server software allows it to be run on both Windows and Linux servers. No other competitive solution can boast such compatibility.; The server can communicate with agents over virtually any network protocol currently in use (TCP/IP (including both IPv4 and IPV6), IPX/SPX, NetBIOS), allowing the anti-virus network to be deployed using an existing network infrastructure.
Updating: The anti-virus server retrieves updates of virus databases and agent components. It keeps the Internet traffic of the anti-virus software low and automatically configures updating routines.; Updates of protection components can be retrieved from the anti-virus server as well as directly from Doctor Web updating servers, allowing anti-virus software on computers and laptops to be kept up to date. This can be vital for machines that may be unable to connect to the anti-virus server regularly.
Collecting statistics: The anti-virus server stores the configuration of each agent in the network and scanning statistics from each anti-virus component of each protected machine in its database. To store data, the server can utilize both its built-in database and an external database. With a single source for storing server information and critical data backups, restoring server operations after database files become corrupted, or when the server must be ported to another machine, becomes easy.

Dr.Web Enterprise Security Suite unique features:

comprehensive protection from most known threats powered by the built-in anti-virus, anti-spam, firewall and office control (available with a comprehensive protection license);
support of Windows and Unix server platform, simple installation procedure and reliable protection providing minimal TCO compared with competitive solutions;
centralized protection of all network hosts: workstations, mail and file servers as well as application servers including terminal servers;
support of 32- and 64-bit operating systems;
installation of agent software in an infected system with a high probability for successful curing;
minimal network load achieved through implementation of a small-sized engine featuring latest technologies;
highly efficient detection of threats including unknown viruses;
administration of the entire network protection infrastructure from one computer (over the administration web-interface) from any location even outside the corporate network;
implementation of individual security policies for groups of employees at the company;
several administrators can manage different groups separately making Dr.Web Enterprise Security Suite a good choice for companies with high security requirements as well as for multi-branch organizations;
configurable security policies for any type of users including mobile users and for any workstation even if it is currently unavailable ensure up-to-date protection at any time;
protection of the solution's settings against modification by users;
protection of networks that are not connected to the internet;
several installation methods – active directory policies, launch scripts and the built-in remote installation procedure. installation can still be performed even if the host is unreachable for a Dr.Web enterprise suite server;
support of most known internal and external databases: Oracle, PostgreSQL, Microsoft SQL Server or Microsoft SQL Server Compact Edition or any other DBMS that supports SQL-92 over ODBC can be utilized as an external database;
support of custom event handlers written by the user in any script language providing direct access to internal interfaces of Dr.Web Enterprise Security Suite;
updates rollback – even if updating causes an error, the host won't remain unprotected;
simultaneous support of several network protocols (TCP/IP (including IPV6), IPX/SPX, NetBIOS) allowing to deploy the anti-virus network using an existing network infrastructure;
Dr.Web Enterprise Security Suite is an open solution allowing a system administrator to use it to install and synchronize products from other developers thus lowing information security system deployment costs;
easy-to-understand protection control system and unsurpassed usability and efficiency of network stations search;
customizable list of components of products to be updated and version upgrade control enable an administrator to distribute only updates that are necessary and have been tested in the network.

Anti-virus agents

Anti-virus agents are installed on protected computers, servers, and mobile devices, and if necessary on the machine running the anti-virus server. Agents send virus event reports and other relevant information to the anti-virus server.

Dr.Web Enterprise Security Suite agents let you control anti-virus protection for the following types of objects:

Protected objects	Supported OS and platforms
Workstations Terminal server clients Virtual server clients	Windows Mac OS X Linux
File servers and application servers (including virtual and terminal servers)	Windows Novell NetWare Mac OS X Server
E-mail and SMTP-gateway users	Unix MS Exchange Lotus (Windows/Linux) Kerio (Windows/Linux)
Internet gateway users	Kerio
Mobile devices	Windows Mobile

Anti-virus agents work as efficiently as any other product or solution from Doctor Web. Agents that protect Windows workstations feature components such as a scanner, SpIDer Guard® file monitor, SpIDer Mail® monitor, SpIDer Gate™ HTTP monitor, a self-protection module, and office control.

Additional protective features for Windows workstations

Dr.Web Enterprise Security Suite scanner is a new component specifically designed for the Dr.Web Enterprise Security Suite agent for Windows. It allows an administrator to perform a remote silent scan without significantly hindering the performance of target machines.
Mobile mode. Agents can work on laptops that remain disconnected from an anti-virus network for an extended period. If the employee goes on a business trip, his laptop won't remain unprotected, and the anti-virus will still be able to receive updates.

System requirements

In order to install the Dr.Web Enterprise Security Suite Control Center, the following requirements must be met:

IP (including IPV6) , IPX or NetBIOS network (all protected computers and the server must be connected to the network). The following requirements must be met for machines on which the anti-virus software will be installed:
- Port 2193 TCP and UDP as well as the port 23 for NetBIOS must be open - for communication between the server and anti-virus components.
- Socket 2371 for IPX / SPX must be open to allow anti-virus components to connect to the server.
- Ports 2193 and 2372 for UDP must be open to enable the network scanner to search the network.
- Ports 139 and 445 for TCP and UDP utilized by the network installer must be open.
- Port 9080 for HTTP utilized by the Web-administrator must be open.
- Port 9081 for HTTPS utilized by the Web-administrator must be open.
an anti-virus server: Pentium III 667 or faster CPU, at least 512 MB (1GB if the internal database is used) RAM, up to 12 GB of free disk space (8 GB is utilized by the built-in database in the installation directory, and 4 GB is used in the system temp directory), Windows 2000/XP/2003/Vista/2008/Windows 7 & 8, Linux (glibc2.3 and later), FreeBSD (6.4 and later), Solaris (Intel and Sparc);
the anti-virus server must be able to connect to the Dr.Web Global Updating System over the Internet for automatic retrieval of contents for the centralized installation and updating directory;
a TCP/IP connection must be established between the Web-administrator and the Dr.Web Anti-virus server;
any web browser for the Web-administrator.

IMPORTANT! MS Installer 2.0 is required to install the anti-virus server under Windows. The installer is included in Windows 2000 (SP3) and in later versions of Windows. If an earlier version of Windows is used, download and install MS Installer 2.0 prior to installing the anti-virus server.

IMPORTANT! No other anti-virus software (including other versions of Dr.Web) must be installed on workstations connected to the anti-virus network.

The system requirements for other products that can be managed with the Dr.Web Enterprise Security Suite Control Center can be found in the software product descriptions.

Web-administrator

The Web-administrator is a component of the Dr.Web Control Center that does not require installation and enables a system administrator to control the operation of all anti-virus services from any computer and solve emerging problems in a timely manner.

The Web-administrator is a visual remote administration tool available at any time and from anywhere to control the anti-virus protection of up to thousands of geographically dispersed workstations and mail servers via a single graphical interface. The Web-administrator can be used on any machine under virtually any operating system. The user-friendly interface allows easy control over the entire protected network.

Low-cost administration

The Web-administrator lets you control the dynamic anti-virus network environment easily. System administrator productivity increases, administrative routines are optimized, and daily tasks are performed in a matter of minutes. Just adjust the key parameters of your anti-virus servers and protected objects, and launch jobs.

Instant response to threats

With regular scan and updating scheduling tools, the Web-administrator makes administering an anti-virus network simple. Various tools for collecting and analyzing information let you control the status of protected objects in the network, respond to emerging threats within seconds of detection, pinpoint sources of infection, and promptly adjust corporate security policy to changing conditions.

Full control over network security

The Web-administrator lets you configure any component of the anti-virus network and monitor the status of agents. And most importantly, administrators can configure a schedule for anti-virus servers or any group of agents while staying put; there is no need to move around to different locations.

The virus database's version control and agent blocking help keep installed components up to date and prevent the spread of infection.

Versatile licensing

With the Web-administrator, you no longer need to consider which operating system you use. The console launched under Windows or Mac OS allows you to connect to an anti-virus server run on a Linux machine and change server settings as you see fit.

Getting statistics with one click

The statistics-collecting feature enables you to generate reports for a desired period with the custom verbosity and import the information into an external file.

Instant notifications

The message interface allows an administrator to send messages to selected users or to groups of users. If the user's PC is connected to the Internet, the message will be delivered to the user immediately. If the machine is offline when the message is sent, it will be delivered as soon as the machine connects to the Internet. The messaging tool can be used for:

alerting users about epidemics and inform them what to do if a system has been compromised;
sending technical messages;
sending greetings.

Licensing

The Control Center is licensed separately when included in the Dr.Web Enterprise Security Suite as well as when purchasing a license for a separate Dr.Web product group. The Control Center allows agents to be administered for all types of protected objects: workstations, servers, Internet gateways, and mobile devices. For more information about using the Control Center with each Dr.Web product and a full list of its features, please refer to the product descriptions.

Because there is a world of reasons to be better...

PM Consultores Ltd.

Dr.Web Enterprise Security Suite

Dr.Web Desktop Security Suite

Dr.Web Server Security Suite

Dr.Web Mail Security Suite

Dr.Web Gateway Security Suite

Dr.Web Mobile Security Suite

Dr.Web Enterprise Security Suite

Licensing

Versatility

Dr.Web Desktop Security Suite

Licensing of Dr.Web Desktop Security Suite

Types of licenses

License options

Dr.Web Antivirus for Windows

Advantages

Comprehensive protection from existing threats

Increased labour productivity

Upholding reputations

Flexible licensing

Centralized administration

Experience with large projects

Key Features

Unique engine features

Detection of unknown threats

Protection components

Detection of all types of threats (Dr.Web Scanner)

Real-time protection (SpIDer Guard® file monitor)

Anti-rootkit technology (Dr.Web Shield™)

Virus-free e-mail (SpIDer Mail®)*

Spam-free e-mail (Dr.Web Anti-spam)*

Shield from Internet threats (SpIDer Gate™ HTTP monitor)*

Web-surfing control (office (parental) control)*

Protection from network attacks (Dr.Web Firewall)*

Updating

Always up-to-date

Virus monitoring service

Licensing

Types of licenses

License options

System requirements

Dr.Web Server Security Suite

License options

Dr.Web for Windows Servers

Advantages

Technologies

Unique engine features

Detection of unknown threats

Licensing

License types

License options

Key features

Updating

Always up-to-date

Virus monitoring service

System requirements

Dr.Web for Unix Servers

Advantages

Technologies

Unique engine features

Detection of unknown threats

Licensing

License types

License options

Key features

Updating

Always up-to-date

Virus monitoring service

System requirements

Dr.Web for Novell Netware

Advantages

Technologies

Unique engine features

Detection of unknown threats

Licensing

License types

License options

Key features

Updating