F-SECURETHREAT SHIELD

Technical Brochure

F-Secure ThreatShield is a gateway-level security solution for protecting email and web traffic, with built-in network sandboxing technology. It is designed specifically to protect against spam, ransomware, phishing, and advanced targeted attacks.

Its unique network sandboxing technology automatically detonates suspicious attachments and URLs, triggering a multi-faceted threat detection and behavioral analysis process. With this approach, ThreatShield easily finds targeted, more advanced attacks, such as script-based and handmade malware and 0-day exploits.

ThreatShield provides unique value for IT teams by combining your gateway protection needs into one unified solution. Less hardware means less maintenance load, and it also creates considerable synergy between system administrators, who can jointly manage the gateway-level protection for email, web traffic, and sandboxing.

F-SECURE THREATSHIELD

2

Multi-engine anti-malware

Detects a broader range of malicious features,

patterns, and trends.

Real-time threat intelligence

F-Secure’s Security Cloud identifies, analyzes,

and prevents new and emerging threats.

Web traffic scanning

Scans for malicious content in ingoing and

outgoing web traffic (HTTP & HTTPS).

Web content control

Enables restriction of unproductive and

inappropriate Internet usage.

Browsing protection

Proactively prevents end-users from visiting

malicious and phishing sites.

Spam filtering

Prevents unwanted spam emails with 99.9%

detection rate with zero false positives.

Email scanning

Scans ingoing and outgoing attachments and

links for malicious content.

Advanced threat protection**

Network sandbox that detonates, analyzes,

and detects malicious activity.

F-Secure ThreatShield is a gateway-level security solution for protecting email and web traffic, with built-in network sandboxing technology. It is designed specifically to protect against spam, ransomware, phishing, and advanced targeted attacks.

Supported OS: CentOS, Redhat, Ubuntu, Debian. Check the version numbers online.

KEY FEATURES

**THREATSHIELD PREMIUM

3

Team Synergies ThreatShield creates considerable knowledge

and work synergies between system

administrators, who can jointly manage the

gateway level protection for email, web and

sandboxing from one portal.management tools.

Cost-efficient prevention Preventing commodity attacks and spam, and

detecting the more advanced and targeted

attacks via sandboxing, early at the gateway

level is vastly more cost efficient and safer than

on the endpoint itself.

Less infrastructure maintenance It lowers the maintenance workload by

consolidating email and web gateway

infrastructure, in addition to that of a network

sandbox, to only one set of hardware.

ThreatShield provides unique value for IT teams by combining email, web and sandboxing gateway needs into one unified solution.

KEY BENEFITS

4

HOW DOES IT WORK?

Incoming email and

web traffic is directed to

ThreatShield for analysis

before going any further in

the environment.

Email and web traffic,

including contents like

attachments and URLS,

are intercepted by

HTTP(S), SMTP, and FTP

proxies.

Administrators have rich

reporting and advanced

security analytics on

blocked content at

their disposal, making

investigation and incident

response fast and effective.

Protected endpoints and

servers can safely browse,

download, transfer, and

read or open emails.

Based on the risk profile of the content,

it is delivered to F-Secure Security Cloud

for in-depth analysis, including sandbox

detonation.

Content is subjected to a local threat analysis

and detection process to filter out malware,

spam, and unwanted web content.

High-risk or suspicious content is delivered

to the network sandbox component for

detonation and advanced threat detection.

5

Threat Intelligence Check The object is first analyzed based on various

lightweight identifiers, such as reputation and

prevalence, and is automatically blocked if

any known threats are detected. This check is

made for fast initial decisions, and can already

filter nearly 99% of all common malicious

content.

Static Metadata AnalysisAfter detonation, the object’s metadata

and structure is automatically extracted and

put through a multi-stage static analysis

process, which looks for patterns and features

associated with malicious behavior.

Dynamic Behavior AnalysisFinally, a dynamic runtime analysis is

performed to find strange, suspicious, and

outrights malicious behavior, such as editing

the system registry, launching network

connections, making API calls, influencing

system processes and drivers, and causing

unusual file system activity.

Its unique network sandboxing technology auto-matically detonates suspicious attachments and URLs, triggering a multi-faceted threat detection and behavioral analysis process. With this approach, ThreatShield can easily find targeted, more advanced attacks, such as script-based and handmade malware and 0-day exploits.

ADVANCED THREAT DETECTION

1 2 3

6

CONTACT US TODAY FOR A FREE TRIAL

www.f-secure.com/ThreatShield

7

Nobody knows cyber security like F-Secure. For three decades, F-Secure has driven innovations in cyber security, defending tens of thousands of companies

and millions of people. With unsurpassed experience in endpoint protection as well as detection and response, F-Secure shields enterprises and consumers

against everything from advanced cyber attacks and data breaches to widespread ransomware infections. F-Secure’s sophisticated technology combines the power

of machine learning with the human expertise of its world-renowned security labs for a singular approach called Live Security. F-Secure’s security experts have participated in more European cyber crime scene investigations than any other company in the market, and its products are sold all over the world by over 200

broadband and mobile operators and thousands of resellers.

Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.

www.f-secure.com www.twitter.com/fsecure www.facebook.com/f-secure

ABOUT F-SECURE