회사소개

제품

안내

고객지원

Company

Product

Information

Support

Thông tin về công ty

Sản phẩm

Thông tin

Hỗ trợ chung

ZombieZERO Email Inspector

npcore

Integrated Mail Security Solution

ZombieZERO Email Inspector

ZombieZERO Email Inspector Introduction

ZombieZERO Email Inspector is an integrated mail security solution that combines three functions: spam/virus mail blocking + outgoing mail security + APT/Ransomware defense to build a secure environment for enterprises and efficiently solve various security issues.
One solution can solve various mail security issues, so makes it cheaper and easier to manage.
The most common attacking mean of new emerging malware, such as phishing and Ransomware, is email (more than 70%), so the need and interest in email security are increasing rapidly.

Main Features

>   Blocks spam in 4 steps

  • Provides 4-step blocking and 5 automatic security filter rules to block infiltrating malicious mail such as spam in real time.

1) Connection step : Provides 5 kinds of blocking method when connected.

① Blocks RBL (Real-time BlackListed IP-sent mail)

② Blocks specific IP

③ Limits the number of connections hourly

④ Blocks the probability of an IP without a history

⑤ Limits number of malicious emails’ outbound

2) SMTP step : Provides 6 ways to block mail protocol.

① DNS(Domain Name System) check

② SPF(Sender Policy Framework) check

③ Blocks sender and receiver.

④ Limits sender and receiver hourly.

⑤ Limits the maximum number of receivers.

⑥ Limits number of sender authentication.

3) Contents step

  • Provides blocking method of mail contents (5 types of automatic security filter rules).
  • Administrator can register various filter conditions directly.

① Pattern filter

② Artificial intelligence filter

③ Spam fingerprint filter

④ Real-time pattern filter

⑤ Virus filter

4) APT step : Blocks through SandBox’s behavior-based technology and history learning.

>  Outgoing Mail Security in 3 steps

  • 3-step sending process prevents email missending and applies security system to all sent emails to prevent exfiltration of the organization’s important information.
  • Presence of attachments, extension, and keyword setting prevent missending due to user mistakes.

1) Sending Hold : Filter setting with various conditions, missending filter setting by department/group

2) Sending Approval : Various approval filter conditions

① Attachment file existence

② Limitation of specific attachment file’s extension

③ Setting according to the number of personal information

④ Proxy approval

⑤ Automatic processing policy of approval

⑥ Policy setting

⑦ Notification mail

3) Sending Security : Provides security measures for the final outgoing mail.

① In case of bulk mail delivery, provides mandatory individual receiving (not shared among referrers).

② If internal and external domains are included in destination, forcibly delivered individually.

③ Encryption settings for various conditions, such as attachments and personal information.

   (Optional : Sending after encrypting only attachments / Sending after inserting link of only attachment / Sending after inserting link of secure mail)

>  Ransomware / APT proactive defense in 3 steps

  • Prevent various Rangemeware / APT attacks in advance. By analyzing / blocking / notifying patterns of receiving mail, users can be alerted to prevent malware caused by unintentional attachments’ execution or URLs in the mail.

1) Monitoring Filter : Sets the monitoring target for sending / receiving mail.

① Setting monitoring items

② Monitoring notification

③ Provides a storage system.

④ Provides a compression method for saving storage.

2) Ransomware / APT blocking (history learning) : Provides learning and history checking methods.

① Email client check

② Final mail sending and Forwarding server check

③ Sender’s connection information check

④ Checks the countries stopped by.

3) Attachment Extension Check : Checks suspicious extension / double extension / file RLO(Right to Left Override) / if the attachment extension is tampered.

>  Unknown malware analysis in 3 steps with behavior-based technology of virtual system

  • Real-time detection and block of malware(such as unknown new Ransomware and APT)’s attacks
  • The SandBox-based virtual system detects the malware hidden in the mail in advance, so you can check the mail safely.

1) Signature-based analysis : Releases the attached compressed file and collects and classifies them by type, and pre-detects using the Anti-virus engine(Bitdefender).

▼ Behavior-based analysis (static and dynamic analysis) in SandBox-based virtual systems. Automatic pattern creation and distribution when malignancy is detected

2) Static analysis : Analysis of vulnerabilities in source code and scripts using Yara Rule

3) Dynamic analysis : Executes in virtual machine and provides detection result.

>   User-friendly management and UI

1) Integrated Management Center

① Provides secure mailboxes such as spam, virus, and APT mailboxes.

② Provides request and approval mailboxes with different permissions when using approvals.

2) Various user-oriented setting

① When blocking spam mail, spam block setting by origin country setting

② Image hiding in body

③ Script execution prevention

3) When using approval, provides mobile UI to check the approval info anytime anywhere and permit mail approval.

ZombieZERO Email Inspector system diagram

npcore