McAfee VirusScan Enterprise 8.7i Build 03.06.2009 | 122MB
McAfee® VirusScan® Enterprise protects your desktop and file servers from a wide range of threats, including viruses, worms, Trojan horses, and potentially unwanted code and programs. McAfee® VirusScan® 8 takes anti-virus protection to the next level, integrating elements of intrusion prevention and firewall technology into a single solution for PCs and file servers. This powerful combination delivers truly proactive protection from the newest of today’s threats-including buffer - overflow exploits and blended attacks - and features advanced outbreak management responses to reduce the damage and costs of outbreaks. Everything is managed by McAfee ePolicy Orchestrator® or ProtectionPilot™ for scalable security policy compliance and graphical reporting.
Key Benefits :
• Integrated firewall and IPS technology - Addition of firewall and intrusion prevention technology delivers maximum proactive protection in a single, integrated package
• Enhanced coverage for emerging threats - VirusScan provides protection from the newest potentially unwanted program security threats (e.g., spyware), application-specific buffer overflow attacks, and blended attacks
• Lowered TCO during outbreak response – Advanced outbreak functionality closes the window of vulnerability before DAT files are available, limiting damage by blocking the entrance and spread of the outbreak
• McAfee scanning technology – Award-winning McAfee scan engine performs in-memory scanning to block threats such as Netsky and CodeRed, which don’t write their code to disk
• Centralized management and reporting – Integration with McAfee ePolicy Orchestrator and ProtectionPilot provides a complete security management solution, including detailed graphical reporting, from a single console
• Comprehensive McAfee anti-virus protection
• Potentially unwanted program security
• Buffer overflow prevention (IPS feature)
• Complete outbreak response
• Port blocking/lockdown (firewall feature)
• Application monitoring: email engines (firewall feature)
• File blocking, directory lockdown, folder/share blocking (IPS feature)
• Infection trace and block
• Powerful memory scanning
• Centralized management and reporting
• Enhanced email scanning
• Protection from threats that use scripts
• Optimized for mobile users
Beta product testing: The beta version of this product is available for use until the beta product license expires on November 30, 2008.
- Support for Microsoft Windows Server 2008
This release provides support for Windows Server 2008 (Longhorn).
- Architectural changes
VirusScan Enterprise incorporates some significant architectural changes that affect the manner in which the VirusScan Enterprise 8.7i core components work. These changes result in greater security benefits to customers, including:
* Better rootkit detection and cleaning without system restart — Safe memory patching, better IRP repair support at the system core, and the ability to read locked files at the kernal level provide better rootkit detection and the ability to clean detections without restarting the system.
* On-access scan performance improvements during system startup — A new boot cache process improves on-access scan performance during system startup.
* Greater self-protection — The self-protection feature has been enhanced to protect against a wider range of mal-processes that can terminate McAfee processes. This provides greater VirusScan Enterprise self-protection and product stability.
- Real-time malware protection
A new feature, Heuristic network check for suspicious files, provides customers with real-time detections for malware.
* This feature uses sensitivity levels that can be configured, based on your risk tolerance, to look for suspicious files on your endpoints that are running VirusScan Enterprise 8.7i.
* When enabled, this feature detects a suspicious program and sends a DNS request containing a fingerprint of the suspicious file to McAfee Avert Labs, which then communicates the appropriate action back to VirusScan Enterprise 8.7i.
* The real-time defense feature also provides protection for classes of malware for which signatures might not be available.
* This protection is in addition to the world-class DAT-based detection VirusScan Enterprise has always provided. The user experience remains the same and no additional client software is required.
* In this release, this feature is available only for on-demand scans and email scanning and is disabled by default. You must select a sensitivity level to enable the feature.
- Performance improvements
* New scan deferral options improve local control of on-demand scans, including the ability to defer scans when using battery power or during presentations. One option can be configured to allow end users to defer scheduled on-demand scans for the increment of time you specify. You can specify hourly increments up to twenty-four hours, or forever.
* Enhanced system throttling now includes registry and memory scanning in addition to file scanning.
- Improved email scanner
The email scanner now supports double-byte and multi-byte languages. This improves detection reliability.
- Buffer overflow protection exclusions by API
The ability to specify buffer overflow exclusions by API was removed from VirusScan Enterprise 8.5i, but has been reinstated for the VirusScan Enterprise 8.7i release. The API exclusion name is case-sensitive.
- On-access scanner — Scan processes on enable
A new feature, Scan processes on enable, scans processes that are already running when the McShield service becomes enabled. This means that when the McShield service starts, the scanner examines any process that is already running and any process as it is launched.
- On-demand scan usability improvements
When initiating an on-demand right-click scan, you can now choose an action to take on items detected by the scan. These options are available:
* Clean — Report and clean the detection.
* Continue — Report the detection and continue scanning.
all the above information is taken from;