ATSE and Virtual Analyzer
|
After ATSE detects a suspected malware threat, ScanMail sends the message to Virtual
Analyzer for further analysis.
Virtual Analyzer assesses the risk level of the message in an isolated virtual
environment and returns the threat rating to the ScanMail server. ScanMail
then performs the action configured for Advanced threats if the security
rating violates the configured security level for suspected threats.
The messages configured with low level of pretection are scanned in a traditional
manner to decrease false positives. The protection scope for such messages depends
on the Virtual Analyzer settings; such as traffic direction, target recipient, and
so on.
|