Tuesday, March 25, 2008

Kaspersky 2008




System Requirements / Supported OS

1. ********* Windows 2000 Professional (SP4 and higher),
2. ********* Windows XP Home/Professional (SP2 and higher) 32-bit
3. ********* Windows XP Home/Professional (SP2 and higher) 64-bit Edition
4. ********* Windows Vista 32-bit
5. ********* Windows Vista 64-bit Edition

Kaspersky Internet Security 8.0 – is a new line of Kaspersky Labs products, which is designed for the multi-tiered protection of personal computers. This product is based on in-house protection components, which are based on variety of technologies for maximum levels of user protection regardless of technical competencies. This product utilizes several technologies, which were jointly developed by Kaspersky Labs and other companies; part of them is implemented via online-services.

During product preparation several competitor offerings were considered and analyzed - firewalls, security suites systems, which position themselves as proactive in defence and HIPS systems. Combination of in-hosue innovative developments and results from analysis gathered through the industry allowed to jump onto a new level of protection for personal users, whereby offering even more hardened and less annoying computer protection from all types of electronic threats – malicious programs of different types, hacker attacks, spam mailings, program-root kits, phishing emails, advertisement popup windows etc.

Functional Specifications

1. Product components
1) System watch
System watcher (all-in-one system for registering events)
HIPS (host intrusion prevention system - proactive defense, which is based on limiting application actions on a system)
PDM (system of proactive defense, which is based on application behavior analysis for malicious/suspicious activities)
Firewall (personal protection screen)
2) Malware protection
Protection of files and memory (File-Antivirus)
Protection of email and IM (Mail-Antivirus)
Protection of WEB (Web-Antivirus)
3) Online Security
Protection from Phishing (Anti-Phishing)
Protection against network attacks (IDS)
Protection from auto-dialers (Anti-Dialer)
4) Content Filtering
Spam Filtering (Anti-Spam)
Banner Filtering (Anti-Banner)
Parental Control
5) On Demand Scanning (Scan tasks)
6) Updater

2. Graphical Interface
Product's graphical interface was again written "from scratch". With goals of code optimization and simplification, with dialogs some dialogs borrowed from 6.0/7.0. Main window changed considerably: to allow easier comprehension of longer lists the main window became resizable, to decrease the number of separate dialogs, which opened in separate windows before, the main structure became table like - in addition navigator in the left side is combined with upper tabs; by grouping several elements together main navigator is not tree like anymore.

All-in-one settings window of v7.0 is now a much simpler (Options) window, whereby only the main product settings remained, with some new additional options. All settings which are component specific are directly linked and changed through the main window. The support for more contextual menu system, which was previously available, makes it more scalable.

Alerts (dialogs for user actions) are changed to include more information and simplification for correct actions for non-savvy users.

To enhance readability and flexibility of controlling multiple lists a new control method was developed, which replaced all default windows listing controls. It allows to do sorting, grouping (by multiple fields) and data filtering. Scheme of control using external buttons in such controls is replaced with "in-place" editing possibility.

3. Antivirus Protection
This build utilizes a new AV core engine, developed by Kaspersky Labs specialists. It allows to improve protection levels and speedup scanning through optimization of object handling and maximum utilization possibility of the hardware platform.
Technologies for object detection added with suspicious packers and multi-layered packing, which can be another characteristic for malware.
Possibility for granular threat type detection, including such category as "mostly unwanted software applications".

4. Content Filtering
In Anti-Spam new technologies will be integrated, which are now in use in server products, and showed consistent efficiency (some of them will appear as early as KIS 7.0 MP1)

5. Scan Tasks
One of the tasks will be a vulnerability scanner of the user using an external updatable threat database.

Mechanism for earlier scan storage reports is changed to avoid problems, which were encountered with chkdsk utility.

6. System Watch
Main protection component of a new product, based on combination of reactive and proactive technologies. Main task of this component is to control the rights of active system applications, behavioral analysis, and also logging critical events, occurring in the system - for later analysis, for example to handle occurred incidents

Control of application rights is based on a system of rules and application resources which are available on the system and execution environment. Resources can be of different types, including file system objects, system registry, hardware devices, rights (interception of keyboard entry etc.), access operations, which was previously controlled by "Confidential Data"

Firewall is now logically part of System Watch, since its rules are part of application rights, in which the resource is network interactions. By default the product will pass all year end 2007 leaktests.

7. Additional Technologies:
Technologies based on AVZ engine: detailed computer analysis with a possibility of scripted disinfection; troubleshooting masters, browser settings configuration and system cleanup.

System to report detected objects onto a centralized KL database. This database will allow for better protection for most apparent threats and to notify users faster about epidemics. This feature can be switched off, although confidential data is never sent anyways.

Base driver klif।sys on all supported OS is replaced with a new version, which is not vulnerable to current known exploits.

No comments: