1	Anchiva Systems: Web Security Appliances
2	Web Security – The Need is Now
3	Company Overview Founded 2004 Over 70 employees Management team from: Trend Micro, Juniper/NetScreen, Fortinet Venture capital funded Lead angel investor funded NetScreen Over $15 million raised to date Worldwide sales and support Headquarters in Santa Clara Offices in Beijing, Taiwan and Hong Kong Pioneer in malware prevention & Secure Content Management (SCM) Fastest malware gateway prevention – 3^rd party validation ICSA AV certification Wildlist contributor Anti Spyware Coalition member
4	In house Threat Research Anchiva RapidRx Labs Top-ranked malware and vulnerability research organization Headed by Samuel Chen, former VP Trend Micro Researchers in California, Spain and China ICSA AV certification Anti-Spyware Coalition Member Wildlist contributor and participant – Since June ’06 Over 5% of Wildlist samples first contributed by Anchiva Over 100 samples accepted in first 6 months “WildList reporters must be qualified to meet the standards of our research community” Peter Chung, Manager WildList Organization Broadest set of signatures Anti-Malware and Anti-virus – 850,000+ signatures Tens of Thousands of new signatures added per week RapidRx Lab signatures updates Multiple updates per day Protection from Zero-day attacks
5	Threat Overview Viruses and Macros are small component of total threats today – 3% 10% growth per month Will grow to over 1 Million by end of year Spyware, Trojan, Worm and Backdoor make up largest categories Virus – old school The real threat is Malware
6	850,000+ Signatures - Why it Matters Shelf life – How long a threat can be active Viruses have a short life Target vulnerabilities that eventually get patched As systems get updated – Threat risk is minimized Malware shelf life is much longer Key logger for XP will be a threat as long as XP systems are deployed Anchiva’s on box capacity is 4 to 5 times greater than others Software based solutions limit # due to performance constraints the greater the database size the slower the performance Software solutions are limiting the number of threats covered But as # of threats grow, chance of letting something pass gets greater if signature database is restricted Need Hardware acceleration for performance
7	Network - Gateway Importance
8	Anchiva Systems’ Vision
9	Web 2.0 Sites and Applications
10	How Malware is distributed via Web Applications
11	Malware via the Web Who controls content Webserver security: Webservers can be hacked Object is not to deface but modify User Contributed content Many sites allow fully functional java scripts to be added to blogs, discussion groups, polls, profile pages Advertising: Webmasters assume that advertisers have checked content Third party Widgets - Java scripts and iframe User supplied and 3^rd party content can be malicious: - Not all users can be trusted Web 2.0 sites – attack multiple users Malware increases with the popularity of sites Mass propagation of malware Biggest bang for the buck Content changes on a hourly/daily basis Web crawlers can not profile fast enough
12	Malware Pain – Enterprise Effects Impacts productivity of IT, employees and business Soaring IT costs related to cleaning infected machines Rootkits and Trojans open up backdoors into corporate networks resulting in theft of sensitive corporate data Spyware puts home users in danger of losing personal information and having their computers used as a “Bot” Infected hosts are eating up network bandwidth Use of Web 2.0 apps can be used to spread malware
13	Anchiva Product Offerings
14	Anchiva Product Matrix
15	Packet Processing Overview
16	Network Deployment Example
17	Installation Example
18	Inline Deployment - Preventative Mode
19	Recon Mode – Offline Deployment
20	Customer Data
21	Research + Acceleration + Network Friendly Tightly integrated solution of all three elements Complete content inspection – Proprietary engine Anti-Malware and Anti-Virus Fastest Web filtering performance Patented algorithms and dedicated ASIC accelerated hardware Network friendly and easy to deploy Transparent mode – no network reconfiguration required Advanced Network configuration support (VLAN, Zone, Asymmetric routing, …) In-line scanning - near gigabit line rates “Recon mode” – listening mode Largest number of signatures loaded One million+ signature capability – no performance degradation 850,000+ signatures to date (Virus and Spyware) Gateway solution to compliment the client protection Anchiva develops its own malware scanning engine and service, which would compliment existing desktop solution
22	Thank You Questions?
23	Competitive Technology Comparisons
24	Signatures Vs. Behavior Based