McAfee Gateway Anti-Malware Engine is integrated into McAfee’s Web Gateway product and delivers industry-leading, proactive malware and web exploit detection. Using exclusive, patent-pending technology, it analyzes the behavior of websites, website code, and downloaded Web 2.0 content in real time to preemptively detect and block malicious web attacks. It protects businesses from modern blended attacks, including viruses, worms, adware, spyware, riskware, and other crimeware threats, without relying on virus signatures.
How Gateway Anti-Malware Engine Works
McAfee Gateway Anti-Malware Engine protects your systems automatically, around the clock. Powered by McAfee’s Global Threat Intelligence, Gateway Anti-Malware Engine uses advanced next-generation intent analysis to look for malicious Web 2.0 sites, applications, and content by tracking and emulating their behavior. This file-agnostic content inspection is able to unveil and strip out various web attacks, including embedded code, buffer overflows, and other exploits. It classifies potentially harmful activities that Web 2.0 sites and files perform when allowed to run, protecting the desktop before damage is done. To maintain its zero-day detection accuracy, McAfee Gateway Anti-Malware Engine is continually updated through McAfee’s Global Threat Intelligence network.
Millions of globally distributed sensors collect intelligence from suspicious web pages, web content, and crimeware files in real time. Using an automated process similar to DNA mapping, this intelligence data is correlated and analyzed around the clock to extract new malware behavioral genetics. This analysis is combined with legitimate behavioral genetics to ensure extremely low rates of false positives. The advanced intent analysis engine is updated to include any new genetic instructions through McAfee’s Global Threat Intelligence network.
In addition, Gateway Anti-Malware Engine can adapt its intent analysis depending on the types of websites users visit. For example, you can find user-generated content (a hallmark of Web 2.0) on sites ranging from Amazon and eBay to Facebook, file-sharing sites, and individual blogs. To assess these sites, Gateway Anti-Malware Engine considers traffic, brand reputation, intended purpose, and site referrals, and applies more rigorous analysis where warranted. It can also detect malicious websites by looking at how the user interacts with a site and the website’s behavior with users. For example, does the website try to hide script code? Does it try to steal personal data through cross-site scripting behavior? Does it automatically redirect users to an executable in the background? Is the file packed in order to obfuscate it? If a number of these conditions are true, then the website is most likely malicious.
This groundbreaking and patent-pending technique of looking for malicious websites, content, and files at the enterprise gateway is unique to McAfee and complementary to traditional anti-virus technology. Gateway Anti-Malware Engine delivers a true “defense-in-depth” strategy because it adds multiple layers of security technology to reduce threat exposure. It is designed specifically to protect all web users, allowing them to make the most of the Web 2.0 world without risk.
With McAfee Gateway Anti-Malware Engine, you can be sure you have protection against the latest web attacks before they have a chance to compromise your security and critical data. It protects your network while saving time, resources, and money.