[resolved]Scheduled scans detect what real-time email

Container for RESOLVED incidents, queries SOLVED by the experts, EXPIRED topics or those that have been CLOSED by the users
Locked
User avatar
sinergest
Registered user
Registered user
Posts: 14
Joined: Wed, 23 May 2012, 19:17

[resolved]Scheduled scans detect what real-time email

Post by sinergest »

Good evening,

I'm experiencing the the issue described in the subject. I often find in the detection list malware that are located in emails. My obvious question is: why does not real-time email scanner detect them? Is this bound to a size limit in the objects it scans? Is there any way to make the real-time email scanner detect those malware too?

Thanks for your help,

Matteo
Top
User avatar
Pandamonium
Official moderator
Official moderator
Posts: 107
Joined: Tue, 10 Apr 2012, 12:30
Location: Darkest place on the interwebz

Re: Scheduled scans detect what real-time email scanner does

Post by Pandamonium »

I believe its because you are accessing our cloud based database.

What product are you referring to here?
Top
User avatar
sinergest
Registered user
Registered user
Posts: 14
Joined: Wed, 23 May 2012, 19:17

Re: Scheduled scans detect what real-time email scanner does

Post by sinergest »

The product is PCOP. We install it as default antivirus protection for all our clients. We do not use Panda Cloud Email Protection, but the PCOP integrated email scanner.
Top
User avatar
Pandamonium
Official moderator
Official moderator
Posts: 107
Joined: Tue, 10 Apr 2012, 12:30
Location: Darkest place on the interwebz

Re: Scheduled scans detect what real-time email scanner does

Post by Pandamonium »

No No, you misunderstood.

In your AV settings.

Image

Uploaded with ImageShack.us

When you run an on-demand scan it uses this technology. This reason you should schedule a scan once a week.

edit:

I found these two posts which will explain is much better than myself :D

http://www.pandasecurity.com/technologies
http://www.pandasecurity.com/enterprise ... tem-24.htm
Top
User avatar
sinergest
Registered user
Registered user
Posts: 14
Joined: Wed, 23 May 2012, 19:17

Re: Scheduled scans detect what real-time email scanner does

Post by sinergest »

OK, yes, I am using the cloud based database, and scans are scheduled daily in some profile.

Why is it that scheduled scans have a better detection ratio than email scanner?
Is the email scanner not using the cloud database?
Is there anything I should set to get the same detection ratio for email scanner?
Top
User avatar
Pandamonium
Official moderator
Official moderator
Posts: 107
Joined: Tue, 10 Apr 2012, 12:30
Location: Darkest place on the interwebz

Re: Scheduled scans detect what real-time email scanner does

Post by Pandamonium »

As far as im aware the "email" scanner will use the local pav.sig where as an on-demand scan uses multiple technologies so to put it simply the on-demand scan will have a better backend.

At the moment there is nothing you can change in the web console, the only things I would change is actually under the file protection. Please set it to scan all extensions; some malware uses arb extensions.

To be honest with you, malware should not even be reaching the inbox in the first place.

Have you looked at other solutions for email filtering?
Top
User avatar
sinergest
Registered user
Registered user
Posts: 14
Joined: Wed, 23 May 2012, 19:17

Re: Scheduled scans detect what real-time email scanner does

Post by sinergest »

Thank you, I have a clearer idea of the situation, now. I have set the file protection to scan all extensions as you suggest.

Regarding the malware not reaching the inbox, unfortunately lots of our clients does not have an internal mail server, and so they can only rely on local email protection.

As far as looking at other solutions is concerned, I am not the one who makes the decisions, so I try and do my best with what I have.

Thank you for your help again.
Top
Locked

Return to “Adaptive Defense and Endpoint Protection - Archive Issues”