Welcome to eScan Wikipedia

 General

• Home
• Marketing
• Events
• Advertisement

• Technical Information
• Beta Testing
• Release Candidate
• User Guides
• Technologies

• eMail
• Online Chat
• Telephone
• Remote Support
• Forums

Overview

Anti-Virus software often come with sophisticated mechanisms for detecting and cleaning malware. In most cases, Anti-Virus software detects the presence of a malware only after the computer on which it installed is infected. MWL is a revolutionary technology from MicroWorld that is poised to change the way Anti-Virus software handle security threats. Unlike other Anti-Virus software that are currently available, it detects malware at the Winsock layer itself and prevents them from affect the applications residing at the Application Layer.

Description

How MWL Works?

eScan primarily uses MWL to scan the incoming and outgoing network traffic. MWL is placed above the Winsock layer of the operating system. (See Figure 1. MWL Filters) All data passing through the Winsock layer has to pass through MWL. Thus, MWL acts as a transparent gatekeeper and monitors data packets for malicious content. It assembles the data packets coming from different TCP/IP ports into files based on their type into e mails, e mail attachments, or Web traffic, such as FTP traffic or ICQ traffic. It then passes the files through numerous filters, such as virus filters, content filters, and attachment filters. These filters check and issue dynamic notifications based on the validity of the content within each file.

Without MicroWorld WinSock Layer (MWL)

All incoming and outgoing mails, pass through the WinSock Layer at the server level and the client level.

With MicroWorld WinSock Layer (MWL)

MWL sits on WinSock. All content passing through WinSock has to mandatorily pass through MWL, where it is checked for any security violating data. If such data occurs, it is removed and the clean data is passed on to the application.

Note: The main difference between eScan and other Anti-Virus software is that other Anti-Virus software detect infections at the Application layer. By this time, the computer is already infected. eScan works at the Transport layer; this is where the exchange of data takes place. Therefore, it detects viruses and other malicious software before they can enter the computer and infect it.

Benefits of MWL

The following are some of the benefits of the MWL technology.

• It acts as a transparent gatekeeper and checks data packets for malicious content.
• It filters and issues dynamic notifications based on the validity of the content.
• It oversees all data flowing to and from the Internet and processes it without interfering with the applications.
• It provides you with dynamic compression and decompression facilities to maximize bandwidth usage while data flows between your computer and the Internet.

MicroWorld’s revolutionary concept to tackle the Content Security threats

The overall business scenario is undergoing a rapid change with Information Technology providing more advanced and rapid means of business communication like Internet and e-mails. However, as far as information that is being made available across the computer systems is concerned, there is a race to restrict its access, guard against information abuse and protect the valuable content.

Virus-pranksters are now using the Internet as a frictionless distribution channel for dangerous viruses and worms. Over the years, contemporary virus threats have transformed into content security threats. These comprise e-mail and web-based virus downloads, MS Word based macro bombs, offensive e-mail and web content, misuse / abuse of e-mail resources, junk mail and Spam infections, harmful Java or ActiveX applets, intrusion of anonymous Internet users and trespassing of unauthorized bodies into the company's internal network.

These threats not only damage files and computers by acting as viral agents, but also impose productivity losses, wasting disk space, time and financial resources. Ironically, even as certain methods to guard Content Security have evolved, threats to security have become more severe, even causing destruction of data. However, the systems employed to detect these threats are still handicapped by several deficiencies. The "cure" that is provided by other products only scans data after it is saved on the hard disk; by which time the damage is already done.

The "MicroWorld-WinSock Layer" (MWL) is a revolutionary concept in scanning Internet traffic on a real-time basis. This new concept has changed the manner in which Content Security threats are tackled in the knowledge world. MWL is revolutionary because unlike the other products and technologies, currently available, MWL tackles a threat before it reaches your applications. Other products deal with the threat after the applications have already processed it.

Technically, MWL is placed above the WinSock layer and acts as a "Transparent Gatekeeper" on the WinSock layer of the operating system. All data packets coming on different TCP/IP ports are assembled. It then decodes e-mail and web traffic, FTP and ICQ traffic along with all the attachments and passes them through numerous filters such as Virus Filters, Content Filters, Attachment Filters, etc. These filters check validity of the file's content and issue dynamic notifications.

MWL technology oversees all data flowing to-and-from the Internet, thereby allowing it to process it without interfering with the applications. Dynamic compression and decompression facilities of data flow, between the Internet and your computer in order to maximize effective bandwidth usage are thus provided by MWL.