Management of Anti-virus Components

info

Detailed description of anti-virus components settings which are configured via the Control Center, is given in the Administrator Manual on managing stations for corresponding operating system.

Components

Depending on the operating system of the station, the following anti-virus components are provided:

Stations under Windows OS

Dr.Web Scanner, Dr.Web Agent Scanner

Scans a computer on user demand and according to the schedule. Also the remote launch of anti-virus scan of stations from the Control Center including rootkits check is supported.

SpIDer Guard

The constant file system protection in the real-time mode. Checks all launched processes and also created files on hard drives and opened files on removable media.

SpIDer Mail

Checks all incoming and outgoing mail messages when using the mail clients.

The spam filter is also available (if the license permits this function).

SpIDer Gate

Checks all calls to websites via the HTTP protocol. Neutralizes malicious software in HTTP traffic (for example, in uploaded and downloaded files) and blocks the access to suspicious or incorrect resources.

Office Control

Controls access to network and local resources, in particular, limits access to websites. Allows to control the integrity of important files from the accidental change or virus infecting and limit the access to unwanted information for employees.

Firewall

Protects computers from external unauthorized access and prevents leak of vital data via internet. Monitors connection attempts and data transfer via the internet and blocks suspicious connections both on network and application levels.

Quarantine

Isolates malware and suspicious objects in the specific folder.

Self-protection

Protects files and folders of Dr.Web Enterprise Security Suite from unauthorized or accidental removal and modification by user or malicious software. If self-protection is enabled, access to files and folders of Dr.Web Enterprise Security Suite is granted to Dr.Web processes only.

Preventive protection

Includes Behavior Analysis, Exploit Prevention and Ransomware Protection.

Prevents of potential security threats. Controls the access to the operating system critical objects, controls drivers loading, programs autorun and system services operation and also monitors running processes and blocks them in case of detection of viral activity.

Application control

Monitors activity of all processes on stations. Allows the anti-virus network administrator to adjust which applications to allow and which ones to prohibit for launching on protected stations.

Stations under Unix-like OS

Dr.Web Scanning Engine

Scanning engine. Provides the anti-virus scanning service (contents of files and disk boot records and other data received from other components of Dr.Web for UNIX). It queues files that are waiting to be scanned. Cures the files that can be cured.

Dr.Web File Checker

The component which scans file system objects and manages quarantined files. It receives scanning tasks from other Dr.Web for UNIX components. Checks file system directories according to a received task, transmits files for scanning to the scanning engine. It also removes infected files, moves them to quarantine, restores them from quarantine, and manages quarantine directories. The component creates and updates cache that stores information on scanned files to lessen the frequency of repeated file scanning.

Used by components that scan file system objects, such as SpIDer Guard (for Linux, SMB, NSS).

Dr.Web ICAPD

ICAP server analyzing requests and traffic which goes via HTTP proxy servers. It also prevents transmitting infected files and access to the network hosts belonging to the internet resources categories and to black lists, created by the system administrator.

SpIDer Guard for Linux (only within distribution kits for GNU/Linux-based OS)

The Linux file system monitor. It operates in a resident mode and monitors file operations (creation, opening, closing, and running of a file) in the GNU/Linux file systems. It sends to the files check component tasks to scan new and modified files or executable files upon a program startup.

SpIDer Guard for SMB

Monitor of Samba shared file system directories. It operates as a resident mode and monitors file operations (creation, opening, closing, and read or write operations) in directories used by SMB file server Samba. It sends to the files check component contents of new and modified files for the check.

SpIDer Guard for NSS (only within distribution kits for GNU/Linux-based OS)

NSS volumes monitor (Novell Storage Services). It operates as a resident mode and monitors file operations (creation, opening, closing and write operations) on NSS volumes mounted in the specified file system point. It sends to the files check component contents of new and modified files for the check.

SpIDer Gate (only within distribution kits for GNU/Linux-based OS)

The component for monitoring network traffic and URLs. It is designed to check data downloaded from the network to the local host and transmitted from it to the external network for threats. The components also prevents connections with the network hosts, included not only to the unwanted categories of web resources, but also to black lists created by the system administrator.

Dr.Web MailD

The component for scanning of emails. Analyzes the messages of email protocols, sorts out emails and prepares them for scanning for threats. It can operate in two modes:

1.A filter for mail servers(Sendmail, Postfix, etc.) connected via the interface Milter, Spamd or Rspamd.

2.A transparent proxy of mail protocols (SMTP, POP3, IMAP). In this mode, it uses SpIDer Gate.

info

Other components for stations under Unix-like OS, are additional and serve for internal configuration of anti-virus software operation.

Stations under macOS

Dr.Web Scanner, Dr.Web Agent Scanner

Scans a computer on user demand and according to the schedule. Also the remote launch of anti-virus scan of stations from the Control Center is supported.

SpIDer Guard

The constant file system protection in the real-time mode. Checks all launched processes and also created files on hard drives and opened files on removable media.

SpIDer Gate

Checks all calls to websites via the HTTP protocol. Neutralizes malicious software in HTTP traffic (for example, in uploaded and downloaded files) and blocks the access to suspicious or incorrect resources.

Quarantine

Isolates malware and suspicious objects in the specific folder.

Mobile devices under Android OS

Dr.Web Scanner, Dr.Web Agent Scanner

Scans a mobile device on user demand and according to the schedule. Also the remote launch of anti-virus scan of stations from the Control Center is supported.

SpIDer Guard

The constant file system protection in the real-time mode. The check of all files as they are saved in the memory of the device.

Calls and SMS filter

Filtering the incoming phone calls and SMS allows to block the undesired messages and calls, such as advertisements or messages and calls from unknown numbers.

Anti-theft

Detect the device location or lock its functions in case it has been lost or stolen.

Cloud Checker

URL filter allows to protect user of the mobile device from unsolicited internet sites.

Firewall (settings are available on a mobile device only)

Protects the mobile device from external unauthorized access and prevents leak of vital data via internet. Monitors connection attempts and data transfer via the internet and blocks suspicious connections both on network and application levels.

Security Auditor (settings are available on a mobile device only)

Diagnostic and analysis of the security of mobile device and resolving the detected problems and vulnerabilities.

Application filter

Blocks the launch on mobile device those applications that are not included into the list of allowed by administrator.