Dr.Web Enterprise Security Suite - Short Review

Overview of Dr.Web Enterprise Security Suite

The Dr.Web Enterprise Security Suite is a comprehensive security solution designed to provide integrated and robust anti-virus protection for organizations of all sizes, from small and medium companies to large corporations. Here’s a detailed look at what the product does and its key features.

Purpose and Architecture

Dr.Web Enterprise Security Suite is engineered to manage and implement complex anti-virus protection across an organization’s entire network, including PCs, servers, gateways, virtual machines, and mobile devices. The suite operates on a client-server architecture, where components are installed on user devices and servers, communicating via TCP/IP network protocols.

Key Features

Anti-Virus Protection

• Anti-Virus Check: Scans computers and mobile devices on demand or according to a scheduled routine. Scans can also be initiated remotely from the Control Center, including scans for rootkits.
• File Monitor: Provides real-time file system protection, checking all launched processes and files created or opened on hard drives and removable media.

Network and Internet Protection

• Web Monitor: Monitors HTTP traffic, neutralizing malicious software and restricting access to suspicious or incorrect resources.
• Mail Monitor: Checks incoming and outgoing mail messages, with an available spam filter (subject to licensing).
• Firewall: Protects computers from unauthorized external access, monitors connection attempts, and blocks suspicious connections at both network and application levels.

Device and Data Protection

• Office Control: Controls access to local and global network resources, limits access to websites, and ensures the integrity of important files to prevent accidental changes or viral infections.
• Quarantine: Isolates malware and suspicious objects in a specific folder.
• Self-Protection: Safeguards Dr.Web files and folders from unauthorized or accidental removal and modification by users or malicious software.

Mobile Device Security

• Anti-Virus Check for Android: Scans mobile devices on demand or according to a schedule, with remote scanning capabilities from the Control Center.
• Calls and SMS Filter: Filters incoming phone calls and SMS messages, allowing the blocking of undesired messages and calls.
• Anti-Theft: Detects device location or locks device functions if it has been lost or stolen.

Management and Control

• Dr.Web Security Control Center: Allows administrators to manage the anti-virus network effectively, allocate system resources, introduce changes to security policies, and view real-time logs and statistics. The Control Center also supports the export of data to SIEM systems.
• Remote Installation and Updates: Enables the deployment and updating of Dr.Web agents via the Control Center or special utilities, with automatic updates available for Android agents.

Advanced Features

• Light Agent Mode: Optimizes anti-virus routines for virtual environments by delegating tasks to a special VM service, reducing the host server’s workload.
• Network Port Monitor: Allows system administrators to control access to devices using settings for selected ports, preventing cybercriminals from bypassing protection using non-standard ports.
• Traffic Compression and Encryption: Reduces network traffic using special compression algorithms and encrypts data transferred between anti-virus network components for added security.

Policy Management and Integration

• Custom Security Policies: Enables the creation and management of flexible security policies, including access rules for different user groups and devices.
• Integration with Existing Systems: Can be integrated with pre-existing security solutions and supports Microsoft Network Access Protection (NAP) technology.

Additional Capabilities

• Broadcast Update Mode: Allows network stations to receive updates without using separate bandwidth, reducing network load.
• Proxy Server: Can be installed on network machines to save traffic and update caches manually in networks without internet access.
• User-Friendly Control Center: Features an HTML5-based implementation, redesigned tables and graphs, and real-time log viewing, making it easier for administrators to manage the anti-virus network.

In summary, the Dr.Web Enterprise Security Suite offers a robust, scalable, and highly customizable solution for protecting an organization’s entire IT infrastructure from various security threats, ensuring comprehensive and efficient anti-virus protection.