Вы находитесь на странице: 1из 18

MARCH 2011

Whats New in Version 3.5

Table of Contents
BitDefender Business Solutions v3.5 at a Glance: .......................................................................................... 3 1. 2. 3. 3.1 3.2 3.3 3.4 3.5 4. 4.1 4.2 4.3 5. 5.1 5.2 5.3 5.4 5.5 5.6 5.7 Why Network Defense, System Audit and Operational Management? ................................................... 4 Integrated Network Security, Audit and System Management ................................................................ 5 Whats New in Centralized Management? ................................................................................................. 6 The Dashboard .......................................................................................................................................... 6 Network Auditing and Reporting ................................................................................................................ 8 Reporting Engine ....................................................................................................................................... 9 Wizard-Driven Management Tasks .......................................................................................................... 11 Wizard-Driven Security Policies .............................................................................................................. 12 Whats New in Endpoint Protection? ....................................................................................................... 12 Optimized Installation and Performance ................................................................................................. 13 3 Layer of Detection: Active Virus Control (AVC) Technology ............................................................... 13 BitDefender Antivirus for Mac with Centralized Reporting ...................................................................... 15 Whats New in Critical Servers and Gateway Services? ........................................................................ 16 Improved Centralized Management for Server Security ......................................................................... 16 Scan before Installation and Seamless Upgrades .................................................................................. 16 Contextual Scan and Quarantine Rescan on File Servers ...................................................................... 17 Improved Spam Detection and Quarantine Controls............................................................................... 17 Faster and More Accurate Mail Server Filtering Rules ............................................................................ 17 Import of Active Directory Groups on Exchange Server .......................................................................... 18 Support for Microsoft Dynamics Server Security ................................................................................... 18
rd

Whats New in Version 3.5

BitDefender Business Solutions v3.5 at a Glance:


The features central to Detection and Performance include: Active Virus Control (AVC) Technology on Business Client BitDefender Antivirus for Mac with Centralized Reporting

Detection and Performance

Optimized Performance & Installation Process of BitDefender Business Client Scan before installation all client and server solutions Contextual scan and quarantine re-scan on File Servers Exchange 2010 Compatibility New Anti-spam engine and quarantine controls on SMTP Mail Servers & Exchange New inbound/outbound rules and optimized analysis on SMTP Mail Servers & Exchange

The features central to Network Visibility include: Centralized Management Dashboard Endpoint Auditing and Reporting Module

Network Visibility

The features central to Operational Management are: Wizard Driven Security Policies Wizard Driven Network Task Tools

Operational Management

Improved imports from Active Directory Groups Compatibility with Microsoft Dynamics RMS/POS

Whats New in Version 3.5

1. Why Network Defense, System Audit and Operational Management? Essential Security for SMB and Corporate Networks
Network security is all about quickly identifying gaps in the defense and closing them before they can be exploited. Those gaps can be significant, such as mis-configured firewall rules, vulnerabilities in applications, rogue programs or system configurations and do not comply with best security practices. Traditional corporate antivirus solutions are typically engineered to solve just one problem, to detect, clean and report on malware affecting clients, servers, and desktops deployed throughout the network. Unfortunately, malware has evolved to the point that it is becoming more virulent, difficult to detect and in the case of stealth malware able to evade many of the major vendors virus detection engines. Therefore it becomes very difficult for a system administrator to determine if their network is infected when most traditional methods of detection can be disabled by malicious and targeted malware. To combat this growing threat of targeted malware, traditional corporate antivirus solutions need to provide additional capabilities beyond the detection engine that can proactively identify potential sources of risk -and also provide a means of remediation. The two key elements missing from most corporate antivirus solutions today is the ability to audit and identify hardware and software assets deployed within the network and the tools to quickly modify system configurations proactively - en masse - to streamline operational management before that threat becomes a problem.

Securing Network Entry Points with Layers of Protection


When comparing network defense to castle defense - which was developed over hundreds of years of warfare - perimeter firewalls can be considered the main gate through which all traffic must pass. However, once inside the walls of the network there are very few controls and little to stop the breaching of systems housing intellectual-property and customer data. When you include the addition of unauthorized rogue access points within the network, the concept of perimeter security becomes very difficult to maintain. An online information system can be infiltrated by a virus or worm at three different attack levels: the network level, operating system level, and the application level. With few exceptions, the purpose of a computer attack is not to take control of a network, but rather to hijack an application and its data.

Multi-Faceted Problems Require Multi-Faceted Solutions


Unique for both SMB and corporate networks, BitDefender combines antimalware protection with remote audit and system management using WMI (Windows Management Instrumentation) technology, allowing network administrators to gain an additional layer of visibility and protection to help them identify and eliminate gaps within their network. With the addition of enhanced visibility and improved manageability, BitDefenders Business Solutions go beyond traditional corporate antimalware solutions to protect critical services such as email messaging systems, desktop clients and servers from attacks - whether the threats originate from outside or within the organization.

Whats New in Version 3.5

2. Integrated Network Security, Audit and System Management Minimizing Risk While Managing the Network
Simple to deploy and easy to manage, BitDefenders Business Security solutions provide visibility into an organizations network security posture, in addition to streamlining critical IT management related tasks. The Centralized Management consolidates traditional corporate antimalware functionality with wizarddriven Network Tools that simplifies mass remote configuration management and network-wide auditing of Windows-based desktops and servers. Integrated Network Security with Network Audit and System Management allow companies to: Simplify network management and reduce manual reporting burden Automate network audit data collection for inventory and change reporting Ensure compliancy with software licenses and identify unauthorized applications Reduce overhead for managing a separate inventory system and agents on endpoints Identify easily HW/SW that is outdated or out-of-limits by using query functionality

Network Auditing for Compliance and Tracking Changes


Many businesses may not have the resources to invest in a specialized asset management application, but the need to be aware of installed software within their network to meet compliancy for financial, governmental or industry specific mandates. To help address this problem, BitDefender Management Server can be configured to collect information on systems deployed within the network and scheduled for collection at daily intervals to provide IT managers with historical and up-to-date inventory via audit reports for internal as well as external audit requirements. The Network Auditing wizard provides four standard report formats: Snapshot Report Wizard, to view the current software and hardware configurations Comparison Report Wizard, to compare installed software for two different points in time Historical Report Wizard, to view installed software details within a specified time period Custom Report, to define query based on CPU, Disk, OS, Motherboard or Software Both software and hardware details are available on-demand for each Windows desktop or server, while historical change management reports allow for the tracking all installed or uninstalled software within the network - within a specific time period - for full visibility into the changes once a baseline has been defined. Custom reports include all the most common parameters for: CPU type and speed; disk drives, file system and remaining space; Operating System and specific Service Packs; Motherboard manufacturers, serial number and version; Virtual memory page files size and location; Physical memory; Installed Software by name and version (e.g. Microsoft Office or Outlook).

Whats New in Version 3.5

3. Whats New in Centralized Management?


BitDefenders Centralized Management solution enables managing both endpoint protection, gateway and server security from a centralized management console. The following BitDefender Business Solutions version 3.5 can be deployed by using the new Centralized Management platform: BitDefender Client Security, BitDefender Security for File Servers (Windows), BitDefender Security for Mail Servers (Windows), BitDefender Security for Exchange and BitDefender Security for SharePoint. The new Antivirus for Mac version 3.5 and previously released UNIX-based server solutions can be also connected to the Centralized Management platform for reporting purposes.

3.1 The Dashboard


New Centralized Management Dashboard Now Includes: New, improved design, with faster load/refresh Drag-and-drop containers provide more visible events Total of 12 configurable sections (8 sections active as default) Currently running scan tasks with overall status bar

The New Client Security v3.5 solution delivers a totally new Centralized Management experience, with a dashboard that provides a security overview and monitoring of currently running scanning tasks. The dashboard can be even adapted into an organizations or administrators preferences by its drag-anddrop configurable dashboard sections.

Figure 1: The New Dashboard - Management Console User Interface

Whats New in Version 3.5

The Dashboard contains the following features: The Dashboard has a total of 12 user configurable sections with drag-and-drop information containers that allow users to select and configure the order A new design that loads faster and provides improved visibility of events, with improved usability The ability to monitor a number of currently running and finished scanning tasks with an overall status bar An overview to all BitDefenders Client and Server Security Solutions Antivirus Status with Monitoring the Current Scanning Tasks E-mail Filters for Mail Server and Exchange solutions Update Status, License and Password Status Progress of Assigned Policies, Deployment Status and Network Status* (online/offline/reboot) List of Most Active Threats and Most Infected Computers within the network* Individual charts and graphs for Number of Malware Threats*, Spam* and Phishing Attempts* Each dashboard section has a clear notification whenever critical issues require an administrators immediate attention, while less urgent issues are marked as warnings Configurable E-mail Alerts for selected dashboard events can be defined within selected intervals, including latest threats detected, license status and warnings before license expirations, installation errors, signature update failures, product update availability, and outdated agents when updates are available Includes nearly 30 jobs, including many new jobs (e.g. Most Active Threats, Current Scan Tasks, Product Update Available, Computers Not Updated and Active Virus Control (AVC)). In v3.5, signature updates and product updates are managed as separate jobs, and solution-specific job details are accessed via tabs appearing within each BitDefender solution

Whats New in Version 3.5

3.2

Network Auditing and Reporting

New Wizard Driven Network Auditing and Reporting Includes: Automates network audits for inventory and change reporting Provides visibility into the endpoints deployed within the network Identify HW/SW that is out of spec / non-compliant to security policies Ensure compliancy with third party software licensing

The new Network Auditing feature will take full advantage of the BitDefenders unique WMI Scripting capabilities and will bring those features into a totally new level by enabling software and hardware configuration snapshots. Furthermore, database-driven software snapshots will provide historical change management reports to track all installed or uninstalled software within the network for a specific time period.

Figure 2: The Data Collection Preferences for Network Auditing

The remotely collected data will provide IT managers on-demand, and always up-to-date, inventory and audit report--conveniently together with reports on the organizations security posture. This is especially important to Small and Medium Businesses (SMBs) that may not want to invest into installing and managing a specialized asset management application, but would need to be aware of software installed within their network and compliancy with acquired software licenses. On-demand reporting ensures that up-to-date network audit information is available, whenever needed, as data collection for both software and hardware details can be set on a daily basis for each computer.

Whats New in Version 3.5

Create Wizard-Driven Reports Using Predefined Templates or Custom Reports: 1. Snapshot Report Wizard: view the current software and hardware configurations 2. Comparison Report Wizard: compare installed software for two different points in time 3. Historical Report Wizard: view installed software details within a specified time period 4. Custom Report: define query based on CPU, Disk, OS, Motherboard or Software The custom reports include all the most common parameters for each CPU type, speed and single/dual cores; disk drives, file system and remaining space; Operating System and specific Service Packs; Motherboard manufacturers, serial number and version; Virtual memory page files size and location; Physical memory; Installed Software by name and version (e.g. Microsoft Office or Outlook).

Figure 3: Example Report on Network Audit Status for Operating System

3.3

Reporting Engine
New Centralized Reporting Engine Now Includes: More relevant data, easier to use, with faster report generation Drill down information on-screen Approximately 30 predefined reports All the reports have option to Print, Save as HTML or Export to PDF

The new centralized reporting system is more flexible, easier to use, and generates reports faster thanks to a new reporting engine that is no longer based on Crystal Reports. New reporting capabilities include on-screen reports with details available with easy point-and-click generation for approximately 30 predefined reports. The malware reports allow detailed drill-down into more detailed information by clicking on the charts to view more details. All the reports have an option to

Whats New in Version 3.5

Print, Save as HTML, or Export to PDF (or CSV). Automatically e-mailed reports contain summary report as PDF and other details in HTML format.

Figure 4: The New Reporting Platform The reports are grouped by specific solutions (including a global report for all solutions), and other groups by type (e.g. malware, deployment, update). Security Policy Reports: Policy Status, Computers with firewall disabled, and Blocked applications. Scanning and Threat Reports: Malware Activity, Most active threats in the network, Most infected computers, Detected threats from real-time scanning, Malware Report for Password Protected files, Detected threats for on demand scan or AVC + IDS, Infections that have not been cleaned, On demand scan report, Detected threats, E-mail malware report, SharePoint Malware report. Installations and Update Reports: Signatures Update Status, Computers with Signatures Outdated, Inactive/offline computers, Product Update Status, Outdated Computers, BitDefender Products Installed, Installation/Deployment Errors, Auto-deployment History, and Auto-deployment Errors. Antispam and Filtering Reports: Spam progress and top spam report, Content filtering progress and top content filtering report, Attachment filtering progress and top attachment filtering report, and Detected phishing. Reports for Linux solutions: Samba Signatures Update, Samba Malware, Samba Traffic, Mail Antispam, Mailserver Malware, Mailserver Traffic, and Mailserver Signatures Update Reports for Mac solution: Malware Activity, and Updates

10

Whats New in Version 3.5

3.4

Wizard-Driven Management Tasks


New Wizard-driven Network Tasks (previously WMI Scripts): Wizard-Driven task creation with new filter feature Network Tasks with ~30 templates - no need programming skills Critical Network Tasks are predefined simplifying the management process

The BitDefender Centralized Management platform enables IT staff to do more in less time by utilizing simple remote Network Tasks that provide over 30 ready-to-use Windows Management Instrumentation (WMI) scripting templates. A wizard-driven interface provides step-by-step configuration of all the necessary parameters, with immediate or scheduled execution on selected computers or on computer groups within the network. Remote Management Tasks In v3.5, these Tasks are now easier to find with the task type filtering option, and execution of the tasks has been simplified.

Figure 5: The New Wizard-Driven Security Policies

11

Whats New in Version 3.5

3.5

Wizard-Driven Security Policies


New Intuitive Wizard-Driven Security Policy Creation: Simplifies the overall process of policy implementation Step by Step, process driven creation Zero ramp up time for IT staff with little or no formal training

All security policies are now created using the wizard-driven UI to provide a simple, step-by-step process, making it easier to create new policies by simply selecting a policy template, defining its settings, selecting the systems the policy needs to be applied to, and finally scheduling it for execution. Selecting a policy template has also been simplified by including a policy filtering option that lists policy templates for all products, or for a single product based on the deployment.

Figure 6: The New Wizard Driven Security Policies

4. Whats New in Endpoint Protection?


Organizations using multiple operating systems can now protect their endpoints even better, as BitDefender has included both Windows and Mac operating systems as a supported platform. BitDefender Antivirus for Windows and Mac clients report to the Centralized Management platform, allowing for network wide reports on malware activity and update statuses for all major deployment scenarios.

12

Whats New in Version 3.5

4.1 Optimized Installation and Performance


New Optimized Performance on BitDefender Business Clients: Reduced resource consumption by utilizing the latest BitDefender Antispam engine - requires much less memory and processor resources Deactivating any Business Client module frees up memory Scan before install performs signature update before starting to scan Improved package distribution within the organizations network with unattended installation supporting configurable update path

Smaller Footprint for Optimized Performance The BitDefender Business Client has been optimized to consume less processing power and has smaller memory footprint than ever before. Resource consumption has been reduced by utilizing the latest BitDefender Antispam engine. Furthermore, deactivating any one of the Business Client modules will free up memory. Deactivating the Antispam module will also stop the local Antispam updates, leading to more optimized local resource utilization.

Optimized Installation with Scan before Install Initial deployment of the BitDefender Business Clients now has a scan before install option, which performs an automatic signature update prior to scan initiation, which includes file, memory and Windows registry scans to detect threats on a previously infected system. Unattended installation deployments now support configurable update paths to allow multiple distribution methods within the organizations network.

4.2 3rd Layer of Detection: Active Virus Control (AVC) Technology

New Higher Detection Rate of New and Unknown Viruses 63.5% of malware samples not detected by BitDefender scanning engine or by B-HAVE were detected by AVC Overcomes New Detection Avoidance Techniques Monitors Processes Continually, Not Only When First Accessed or Started Includes System Level Event Monitoring

13

Whats New in Version 3.5

BitDefender Active Virus Control (AVC) is an innovative, proactive detection technology which uses advanced heuristic methods to detect new potential threats in real-time. It monitors each process running on the system and notes malware-like actions execution. during If and after program are

suspicious

actions

detected, the program that originated the activity is declared harmful. Unlike any other heuristic technology, which only checks files when they are accessed or first started, Active Virus Control monitors everything applications do as long as they are active on the system and monitors them constantly. Monitoring is achieved through DLL

injection at process startup - that is, each process is assigned a "watcher" which stays with it throughout the entire time the process is active. This watcher reports certain activities to a server, which in turn, decides which processes should be classified as malicious, based upon the number of potentially harmful activities and type of processes performed. Active Virus Control (v2) is now included in BitDefender Client Security v3.5, both as a new technology feature and an additional layer of defense. The Active Virus Control on BitDefender Business Client can be configured to only detect and report potentially harmful processes, or to also block potentially harmful processes with or without asking user. Configuration options help ensure that previously unknown but legitimate business applications will not cause interruptions to business continuity after being classified as a potentially harmful application or process (false positive). As an additional layer of protection, BitDefender Client Security 3.5 includes also a System Level Event Monitoring that identifies and logs any suspicious activity initiated by malware deemed to be a system level intrusion.

14

Whats New in Version 3.5

4.3 BitDefender Antivirus for Mac with Centralized Reporting


New BitDefender Antivirus for Mac with Centralized Reporting Capabilities: Macs increasing market share in SMB and Enterprise networks Organizations can protect their Macs against viruses and phishing attempts Centralized reporting for malware alerts and update status Requires stand alone installation and individual license keys

BitDefender Antivirus for Mac Business Edition allows organizations to use BitDefender technology to protect their Macs against viruses and phishing attempts. In addition to Mac based threats, BitDefender also detects and cleans Windows viruses that may have infected a Mac but are benign, which prevents the propagation of malicious code within an organization or the unsuspected transmission of viruses to business partners or clients. BitDefender Antivirus for Mac Business Edition has a familiar Mac interface. The dock icon allows users to quickly gain

access to the most common tasks, or to drag-&-drop specific files onto the dock icon for quick scanning. Security features allow for: centralized reporting on

BitDefender Management Server, the blocking phishing attacks, the scheduling scans around your schedule, and maintaining local quarantine for suspicious files. Unlike other antivirus software for Mac, BitDefenders low memory usage keeps system impact to a minimum. Supported versions of Intel-based Mac OS X are 10.6 (32/64bit Snow Leopard), 10.5 (Leopard), 10.4.6 or later (Tiger).

15

Whats New in Version 3.5

5.

Whats New in Critical Servers and Gateway Services?

New BitDefender Security for Windows Servers 3.5: Improved Centralized Management for all BitDefender Server Security solutions Scan before installation all server solutions Contextual scan and quarantine re-scan on File Servers New Anti-spam engines and quarantine controls on Mail Servers & Exchange New inbound/outbound rules and optimized analysis on Mail Servers & Exchange Improved imports from Active Directory Groups Compatibility with Microsoft Dynamics RMS/POS

5.1 Improved Centralized Management for Server Security


The new dashboard greatly improves Centralized Management capabilities for the server security solutions, adds visibility to the organizations security posture and provides new reports that are available based on a deployed BitDefender solution or as a global report common for all client and server solutions. New policies were added and many existing policies were updated to offer administrators more choice and flexibility when creating policies from the Centralized Management server for all BitDefender Server Security solutions.

5.2 Scan before Installation and Seamless Upgrades


All Windows Server solutions now have a scan before install feature to ensure the initial setup will not be compromised by any existing malicious code resident on the server. The scan also detects advanced Rootkits that are designed to subvert common detection tools and remain undetected. Upgrading from any previous solution is now easier than before with policy preservation ensuring consistency with policies previous deployed within the network on BitDefender protected Windows Server platforms.

16

Whats New in Version 3.5

5.3 Contextual Scan and Quarantine Rescan on File Servers


BitDefender Security for File Servers simplifies protection of any server, regardless if it is sharing files or not, by providing administrators on-demand scanning option directly from Windows Explorers contextual menu (mouse right-click). Also, quarantine controls are improved by introducing a Quarantine Rescan feature to disinfect quarantined items and repeat quarantine scanning periodically.

5.4 Improved Spam Detection and Quarantine Controls


The latest BitDefender anti-spam engine (2.9.x) provides BitDefender Security for Mail Servers and BitDefender Security for Exchange solutions higher accuracy to detect Spam and minimize the chance of any legitimate e-mails being flagged as spam (i.e. false positives). The quarantine controls are improved on BitDefender Security for Mail Servers and BitDefender Security for Exchange solutions by allowing better access to view e-mail information or its full headers and body (Quarantine Viewer).

5.5 Faster and More Accurate Mail Server Filtering Rules


Improvements on the e-mail scanning rules for BitDefender Security for Mail Servers and BitDefender Security for Exchange has boosted performance by up to 25% compared with previous versions. The performance improvement converts into higher e-mail throughput and less system resources used to process mail.

Filtering rules can be now applied for only incoming, only outgoing or bi-directional emails and support includes; Multiple, cascading policies on inbound / outbound emails Multiple SPAM thresholds Policies for e-mail header or mail server connection parameters can be defined for both e-mail sender and receiver

17

Whats New in Version 3.5

5.6 Import of Active Directory Groups on Exchange Server


Using Active Directory with BitDefender Security for Exchange is improved by adding new a feature to import e-mail addresses from selected Active Directory Groups. This import feature is available on the local console to first create SMTP Groups and then assign group based policies. The import of Active Directory Groups will eliminate manual work on defining SMTP Groups when configuring BitDefender Security for Exchange solution.

5.7 Support for Microsoft Dynamics Server Security


Retailers have received special attention in version 3.5 for Security for Windows Servers. Retail businesses are victims of approximately 35% of all reported data breaches, and

cybercriminals commonly target retail business for their credit card information. Microsoft Dynamics Servers store information critical to the running of their retail business and downtime or the compromise of customer data can cause irrevocable damage to their bottom line. Therefore, it is important to take a proactive approach when protecting Retail Management Systems and Point of Sale systems (RMS/POS) deployed at remote store locations or within data centers to avoid malicious code infection and propagation within the network. Merchants and Service Providers are required to comply with certain security standards, such as the Payment Card Industrys Data Security Standard (PCI DSS), which requires measures to be taken to protect all information systems and the customer data they contain. BitDefender has made the protection of these critical systems easier by preparing a secure configuration for using BitDefender Security for File Servers together with Microsoft Dynamics RMS (Retail Management System) version 2006/2007 and Microsoft Dynamics POS (Point-of-Sale) version 2009. The optimized configuration will ensure the production servers operational performance, while also ensuring it remains free of malicious code-reducing risks related to Internet based threats. The Wholesale and Retail vertical includes Grocery, Apparel, Gas Stations, Drug stores, and Restaurants.

Download Version 3.5 from www.bitdefender.com/business Evaluation Downloads Available Starting from March 15, 2011

18