My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets


All reasons to choose Dr.Web Enterprise Security Suite

About PC protection

Why workstations need comprehensive protection
  • As practice shows, workstations and servers are the most vulnerable points of a LAN. They are often used to propagate viruses and spam. Viruses can penetrate computers in different ways: from user flash-drives, from password-protected archives attached to email messages that go unscanned on the server, and from compromised websites that users access by following links from incoming messages (for more information, see the section Points of intrusion into a corporate network).
  • Not only do computers under Windows OS require protection but also those under the Linux and Unix, as well as macOS OSs. Even if malware cannot compromise these OSs and the applications running on them, once it penetrates unprotected computers, it can use these systems as a source of infection (for example, through shared network resources).
The need to use comprehensive protection on workstations

Employing an anti-virus as the sole means of protecting workstations is a common error. An anti-virus removes harmful files, but it can only eliminate virus threats known to its database or threats that can be detected with a heuristic analyser. The anti-virus won't be able to detect or remove an unknown threat until its database receives the appropriate update.


A present-day anti-virus solution is quite different from yesterday's file anti-virus.

According to existing standards, each workstation should be protected by:

  • An efficient anti-spam - To filter spam, the main source of malware;
  • HTTP-traffic filtering - To protect against malicious code from web pages;
  • A system for restricting access to removable media and local network resources (Office Control) - To prevent infections from flash drives and other removable devices;
  • A personal firewall - To protect against unauthorized access through the network;
  • Control Center - The system should not let employees change the settings under the pretext that "everything is slowing down."
Office and personal devices should be protected

Today a large portion of computers found on company premises do not belong to the company. These are employee laptops and smart phones. People who are dedicated to their jobs work not only in the office but also during their commute and when at home. They often sacrifice hours of rest while staying connected. Such an approach suits many businesses. Many companies use outsourced employees to save money.

But a coin has two sides. In other words, everything comes with a price. In the past, such an approach guaranteed the desired level of security since system administrators controlled every single device at the company's disposal. But now that’s impossible.


  • Almost two-thirds of employees (63.3%) remotely access a corporate network from personal devices, including mobile phones.
  • Up to 70% of infections get into a corporate environment from personal laptops, netbooks and ultrabooks, mobile devices, and removable media (flash drives) that are often brought from home.
  • Around 60% of home computers are unprotected! So outside their offices, people work with devices that are prone to being compromised by hackers. The applications people use may have vulnerabilities, and their computers can be infected with viruses and Trojans. And yet these people regularly access company networks.
  • This greatly increases the risk of data leaks and the unauthorized modification of company data.


Employees may be good at their professions, but they are not experts in anti-virus protection and often operate under certain illusions.

It is in a company’s best interests to ensure the security of all the devices used by its staff, regardless of where they are used and who owns them.

To do this, companies need to ensure:

  • That any information on employee devices is protected;
  • That viruses and Trojans cannot be propagated from employee devices;
  • That all devices, including mobile phones, are protected; just one device left unprotected can serve as a backdoor for criminals.

But employees also use their personal devices for personal reasons!

And they can allow their children to use their laptops, spend an evening in a social network infested with viruses, and download and install a music file from a suspicious site. In such cases, how can one speak of a company’s data being secure?!

When using Dr.Web Desktop Security Suite with the Control Center, you can do the virtually impossible - you can protect any device so that both the company and its employees will come out ahead.

Best practice

  • Encourage customers to purchase Dr.Web Desktop Security Suite licenses for their employees' personal devices; that way all the computers connected to the company's local network will be protected by a single manufacturer’s products.
  • With Dr.Web Control Center, you can enforce a company information security policy on all employee personal devices and make it impossible for employees to disable updates and regular scanning and remove Dr.Web components.
  • An employee's opinion about what anti-virus should be installed on their personal devices must be ignored until this device is incorporated into the corporate network. Otherwise, this device should be declared ’untrusted‘ and should not be granted access to the network.

This is the only way to ensure that personal staff computers in the network will not get infected.

Benefits for the company

  • Employee loyalty. A free anti-virus makes a great gift
  • Establishing protection is made less expensive.
  • It's possible to control any protected computer from one location.
  • Employees can work all over the world and still enjoy equal protection.
  • Data security guarantee.
  • Reduction of downtimes due to infection.

Employees are no longer within the perimeter of the company's protection, and it's impossible to move them back into it. And it's not necessary it’s reasonable to expand an office perimeter and the employee spaces within it.

Employee office and personal mobile devices should be protected


  • The number of threats to mobile OS is growing at a catastrophic rate with the increasing number of devices in use.
  • So-called banking Trojans already exist for mobile devices.
  • Mobile devices can be lost/stolen. Your information (passwords and logins for accessing corporate resources) can be stolen by hackers.


When purchasing Dr.Web Desktop Security Suite, you can use Dr.Web Mobile Security Suite for free to protect your mobile devices running Android. For example, Dr.Web for Android includes the following components:

  • Anti-virus - To deflect malicious files that are designed to monitor your movements, contacts, and communications.
  • Anti-theft - To protect against the loss of the mobile device. If the device is stolen or lost, you can remotely remove all data.
  • Anti-spam - To protect against unwanted messages and calls, and devastating SMS Trojans.


The Dr.Web Control Center allows the anti-virus protection of any number of mobile devices running Android and Windows Mobile to be centrally controlled.

File servers should be protected


Normally, companies only protect employee computers, leaving servers, mobile devices, and employee home computers unprotected. Once it has penetrated workstations, a virus breaks loose and can easily access servers containing critical information.

Why is it important to protect servers?

  • A user can infect a server with an unknown virus (while bringing it to or having run it from storage). An anti-virus will detect it right away using heuristic mechanisms. Or it will at least cure the virus during the next update.
  • A server can be hacked. An anti-virus will prevent this: it will detect and destroy malicious programs. If a server is running under a centralized control system, the administrator will be notified as soon as a workstation’s status has been changed (for example, during an attempt to stop the protection system).
  • Digital technologies are widespread in the modern world. Users can work not only in an office but also at home; they can store data on a company’s file servers and on Internet file servers. Use their flash drives, including those received from their friends and colleagues at work. These removable media devices can carry viruses.
  • Modern cell phones already have the same features and vulnerabilities that PCs have. They run OSs and use applications that may also be compromised. From these devices, viruses can penetrate a corporate network and access the server.

Best practice

If a company has a dedicated file server, it must also be protected.


The Dr.Web Control Center allows an anti-virus protection system containing any quantity of file servers running Windows, macOS, Unix (Samba), Novell NetWare, and Novell Storage Services, to be managed centrally.

The economic case
  1. The Dr.Web Control Center significantly reduces costs and improves the security of company business processes:
    • Due to the stable and secure operation of the corporate network (one that is free of viruses and spam);
    • Restricted personnel access to the software settings ensures full compliance with security policies for all protected computers (for example, employees cannot disable virus database updates or visit websites for personal reasons during business hours);
    • Due to spam-free employee mailboxes which can take a lot of time to clean up. The effectiveness of rejecting spam reaches 97%-99%.
    • Dr.Web Office Control tools, which are intended to control employee access to web pages, will prevent them from spend time on their personal affairs during business hours;
    • Dr.Web Desktop Security Suite Comprehensive Protection includes an effective anti-spam. Unlike anti-spam solutions that require daily training, the intelligent Dr.Web anti-spam starts working without any training or configuration. This will give the system administrator time to handle other pressing problems.
  2. Companies that employ the Dr.Web anti-virus protection reduce their Internet expenditures and control the actions of their employees.


  • One hour of web-surfing per day by every employee can add up to 12.5% of what companies spend on salaries.
  • During certain times of day (e.g., lunch hour), employees can monopolise up to 80% of corporate network bandwidth for their personal needs.

Best practice

  • During business hours, staff should have access only to those Internet resources they require for their work.
  • The Dr.Web Control Center makes it possible to centrally deny employees access to unnecessary Internet resources.
  • Employee opinions about the harmfulness of those or other websites should be ignored.


With Dr.Web centralized control, you can:

  • Create Internet access policies for single users and user groups;
  • Stop attempts to visit unwanted pages such as social networks, online shops, and gaming sites.
Reputational reasons

Reducing the risk of discrediting the company

  • Office Control (available when a license to Dr.Web Desktop Security Suite Comprehensive Protection has been purchased) can be used to prevent personnel from using removable data storage devices (e.g., flash drives, USB devices), network devices, and individual files and directories; this keeps corporate data and important information safe from deletion or theft by intruders.
  • Employee ‘ingenuity’ is often the reason company computers become part of botnets and a source of spam themselves, which harms the company's image among its partners. The anti-spam included in a Dr.Web Desktop Security Suite Comprehensive Protection license significantly reduces the risk of the company being discredited by being placed on blacklists and disconnected from the Internet for sending out spam.
Free training for system administrators

The most common cause of all kinds of computer incidents is a lack of knowledge about computer security. Only a knowledge and understanding of computer security can reduce the number of incidents and guarantee the effectiveness of an anti-virus protection system.

To ensure information security systems built on the basis of Dr.Web products operate most efficiently, programs have been developed to train and certify company computer network security specialists (system administrators and users). Doctor Web developers are involved in creating the training courses. During these independent, distance-learning courses, company employees can learn the fundamentals of computer security and the principles of how Dr.Web anti-virus software functions. The training course, exam, and course certificate (issued after the exam is passed) are free.

About email traffic filtering

Dr.Web Mail Security Suite significantly reduces costs and improves security of enterprise business processes.

Reducing the risk of discrediting the company


  1. A large number of malicious files in e-mail traffic leads to:
    • data losses and leakages as a result of viruses and hacking tools;
    • capture of the local network as a result of a virus attack, and turning it into a botnet node;
    • worsening reputation in the eyes of consumers and partners;
    • view of the company as technologically backward;
    • loss of customers or refusal from company's services.
  2. With a mail server left unprotected malware can infiltrate the local network through the defenceless host and spread freely over the corporates IT environment- including employee mailboxes.
  3. "Ingenuity" of employees is often the reason that computers of the company become part of botnets and a source of spam themselves that harm the company's image among its partners.


  1. Using Dr.Web Mail Security Suite significantly reduces the risk of discrediting the company by including it in black lists and disconnecting it from the Internet for sending out spam.
  2. With quarantine and message backup, Dr.Web Mail Security Suite allows you to recover messages accidentally deleted from employees' mailboxes, and also pursue investigations related to information leakages.
  3. Using Dr.Web SMTP proxy and filtering mail traffic at the gateway (i.e. excluding the possibility of direct access to the mail server from the Internet) will not allow hackers to exploit vulnerabilities (both those previously known and zero-day ones), including through specially compiled letters.
Reducing infrastructure costs


  1. Viruses and spam in mail traffic lead to:
    • reducing the response time of the mail server used for processing spurious traffic;
    • slowing down the mail server performance, or its crash;
    • increasing the load on the internal network and slowing down the performance of network resources and channel bandwidth;
    • server crash as a result of receiving a "mail bomb";
    • equipment downtime.
  2. Viruses and spam in mail traffic increase hardware requirements for servers, and therefore, lead to the need for upgrade or purchase of new machines.


  1. Using Dr.Web Mail Security Suite significantly reduces the amount of unwanted traffic thanks to high efficiency of filtering (spurious spam traffic is reduced down to 98%). As a result, it reduces infrastructure costs through:
    • a substantial reduction in the cost of "spurious" traffic;
    • the lack of need to increase the number of servers or upgrade hardware;
    • reducing mail storage costs, including spam.
  2. reducing the number of virus incidents caused by viruses in email traffic, frees up time for system administrators to deal with other urgent tasks.
Reducing losses in labour costs (increasing productivity of employees and thus increasing the efficiency of business processes).


  1. Viruses and spam in mail traffic lead to unproductive losses of working time:
    • failure in flawless business process continuity;
    • delays or inability to perform their duties by employees (downtime);
    • the probability of missing important information;
    • losses of working time spent to eliminate virus incidents;
    • delays in the fulfilment of the company's obligations towards its customers;
    • increasing the size of user mailboxes and their backups, which in turn leads to problems when finding the information you need.
  2. On an average, an office worker spends from 6 to 11 minutes of daily working time to view and delete spam. Then, a distracted employee needs up to 15 minutes to re-focus on the task at hand. The higher the position of such an employee, the more the company loses on paying for his labour.


Using Dr.Web Mail Security Suite reduces the loss of working time due to:

  • the stable and secure operation of the corporate network (free of viruses and spam in the mail traffic);
  • the lack of spam in employees' mailboxes which may take a lot of time to be cleaned up. The effectiveness of rejecting spam reaches 97-99 per cent.
Reduction of downtimes


  1. According to statistics, downtime, part of which is caused by virus incidents, are an average of two hours monthly per user. The higher the position of such an employee — the higher the cost of the downtime.
  2. Waiting for a problem to be resolved, resolving the issue, spending time searching for a solution on one’s own may have unpredictable consequences including data losses.
  3. The efficiency of the company's business processes depends on how successfully the task to reduce downtime is solved.


Infection of a mail server greatly increases the company's losses — a threat neutralized on a local computer will be re-emerging again and again.


With Dr.Web Mail Security Suite, there is virtually no downtime caused by:

  • Actions of viruses in the incoming e-mail traffic;
  • A huge amount of spam in e-mail traffic that might paralyse the work of the company and cause delays in the delivery of mail.
Saving on the purchase of server OS

Dr.Web Mail Security Suite (for Unix) is an open-source-based software and does not require purchasing expensive Windows Server OS. It can be integrated into solutions of other manufacturers. Moreover, new functionality may be added to it, thanks to the open API. Dr.Web Mail Security Suite allows to add an unlimited number of new features, and any developed plugin works with all supported MTAs.

About the need to protect mail traffic when your company uses external mail services

Scanning mail traffic for malware and spam is required even if you are using an external mail service such as

Vulnerabilities always exist, and because the software updates that close vulnerabilities are often installed too late, cybercriminals can exploit the same "holes" for years. In light of this, it’s impossible to be sure that the channel for transferring mail from your company to a remote service (and back) is absolutely reliable.

By exploiting a vulnerability, cybercriminals can try to intercept mail traffic and modify it.

You also cannot be sure that the anti-virus and anti-spam used on the remote service (if they are indeed installed there!) do a quality job filtering malware programs and spam, including the latest samples of them that haven't yet been analysed by anti-virus laboratories.

Doctor Web’s specialists recommend that you scan your company’s incoming email traffic. This can be done using Dr.Web Mail Security Suite products. For example, using Dr.Web for Unix mail servers, you can configure so-called transit traffic scanning.

The capabilities of Dr.Web for Unix mail servers allow it to be used in both companies that have their own mail servers and companies that do not have their own servers.

About PC protection

The guarantee of high-level information security

Centralized management of the Dr.Web anti-virus protection system makes it possible to:

  • Quickly manage the network security system at any time, from anywhere in the world, just from the browser of a computer regardless of its operating system, and with no need to install additional software;
  • Implement a company-specific security policy without having to configure each workstation’s protection components;
  • Ensure that employees cannot disable the anti-virus or its separate components, which would inevitably reduce the level of protection;
  • Ensure that the anti-virus operates with the settings specified by the network administrator;
  • Assign tasks to workstations;
  • Install updates and configure an anti-virus protection system;
  • Schedule and remotely run regular scans, both on administrator demand and according to a schedule;
  • Monitor the regularity of updates and ensure that they cannot be disabled;
  • Collect and analyse information on anti-virus protection system health, and generate reports for a specific period of time;
  • Notify administrators and users about the health of the protection system;
  • Respond in a timely way to emerging virus problems, which in turn reduces the risk of network infection and company financial losses caused by personnel downtimes, data losses, Internet connection breakdowns, and business partner computers being impacted;


The impossibility for traffic to be captured and substituted ensures that any number of workstations can be safely administered no matter where in the world they are located.

Dr.Web Enterprise Security Suite can be used in networks with a complex topology

Dr.Web Enterprise Security Suite can be used even in networks with a complex topology; for example, if anti-virus agents do not have direct access to the ESS server and there is no packet routing between them (the internal LAN is logically isolated from the Internet).

A proxy server ensures direct access. A proxy server can also be used to significantly reduce network traffic (traffic optimization) and make updates of anti-virus agents faster because the proxy server supports the caching of updates and the components of the anti-virus agents.

Using traffic compression technology (optional on the service server) is not an obstacle to using a proxy server. Information transferred is processed regardless of whether the traffic is compressed.


An anti-virus network can consist of one or more proxy servers.

Up to 99% of the threats distributed via spam are eliminated


Only a Comprehensive Protection license includes these features.


  1. Mail traffic is the main transporter of viruses and spam. If malware infects a computer, it can access an employee's address book which, along with contacts of other employees, may contain addresses of customers and partners; in other words, the infection won't be confined to the corporate network but will spread beyond its borders.
  2. Carelessness, negligence and ignorance of the simple basics of computer security are often the reasons why computers become a part of botnets and a source of spam, a situation that damages a company's image, can get it on black lists, and possibly force the provider to disconnect the company from the Internet for sending out spam.


Using an anti-virus that has no anti-spam:

  • Increases the risk of the corporate network getting infected by viruses that have penetrated through the spam;
  • Reduces the performance of all employees who receive mail and must spend time clearing their mailboxes of spam.
  • Leads to losses in worker productivity, disruptions in staff duty fulfilment, and delays in the company fulfilling its obligations towards its customers and partners;
  • Makes employees less attentive and more tired because of distractions;
  • Evokes irritation on the part of company personnel who are displeased with the system administrator's inability to cope with the problem.

Best practice

  • Email traffic should be scanned before messages are downloaded by a mail client to prevent malicious code from exploiting its vulnerabilities.
  • Only comprehensive solutions for email that combine an anti-virus and an anti-spam can ensure its complete protection and reduce non-production costs (i.e., losses arising from organizational and management shortcomings).


Dr.Web anti-spam, included in the SpIDer Mail monitor that comes with a Comprehensive Protection license, scans messages before they are downloaded by a mail client and prevents malware from exploiting software vulnerabilities. Its operation does not affect overall system performance. The effectiveness of rejecting spam reaches 97%-99%.

Dr.Web Anti-spam has a number of indisputable advantages:

  • The anti-spam doesn’t require training. Unlike anti-spam solutions based on Bayesian filtering, it starts working as soon as it is installed;
  • It detects spam messages regardless of their language;
  • Actions can be customized for different categories of spam;
  • It uses its own white and black lists, which makes it impossible to discredit companies by deliberately adding them to lists of unwanted addresses;
  • Low number of false positives;
  • Requires updating only once a day, thus saving bandwidth. Unique spam detection technologies based on several thousand rules eliminate the need for downloads of frequent and bulky updates.

Read more about Dr.Web anti-spam.

Best practice

The single, most effective tool for preventing users from disabling the anti-spam or editing black- and whitelists is Centralized prohibition of anti-virus setting modifications by employees.


Centralized anti-spam configuration is performed in the Dr.Web Control Center.

Spam should be filtered on workstations (even if the company uses an anti-spam installed on a mail server or a gateway)


These features are only included in the Comprehensive Protection license.

The mail flows passing through a workstation and a server are not the same.

  • Users (or the programs they agreed to install without knowing their functionality) can send and receive messages:
    • Directly to Internet mail servers (via SMTP), if port 25 is open in the network;
    • To mail services like — via POP3/IMAP4 protocols.
  • Users (or the programs they agreed to install without knowing their functionality) can send messages over secure channels, and the server will not be able to check them.
  • A server (or the programs installed on it) can create its own mailing lists and notify senders and recipients of various events independently.

Therefore, it is necessary to filter spam at both the mail server and the workstation level.

Centralized control over regular scans of workstations


The Control Center is provided free of charge.

Best practice

The only way to ensure regular scanning of all local network stations is to centrally prohibit the option for disabling scanning.


The Dr.Web Control Center makes it possible to centrally enforce a security policy for conducting regular scans:

  • Run/stop unattended scans of a workstation;
  • Specify scan paths;
  • Specify any necessary group and individual scan schedules, i.e. scan the system at a time convenient for employees.

Additionally, the Control Center allows the user to start/stop any agent components (except SpIDer Guard).

Reducing the risk of infection via removable media


These features are only included in the Comprehensive Protection license.


  • With a huge number of new viruses appearing daily, there is no way that an anti-virus can recognize all of them — the risk of infection with an unknown virus is always present.
  • Email is no longer the main source of infection even in highly protected environments. It has been superseded by removable media, particularly by flash drives.


    Removable media includes not only flash drives but also any USB device. A virus can be transmitted from one PC to another even using a camera or a portable media player.

  • Trojans are today’s most common threats. Unlike viruses, Trojans cannot replicate themselves without user intervention. People spread Trojan horses from one PC to another via flash drives.
  • The constant threat of viruses penetrating the corporate network diverts system administrators from performing other tasks necessary for the development of the company.

Dr.Web Office Control access restriction system:

  • Defines the files and folders on the local network to which an employee may have access, and prohibits access to those that are off-limits, i.e., this prevents data and sensitive information from being deliberately or intentionally damaged, deleted, or stolen by attackers or insiders (i.e., employees seeking access to confidential information);
  • Restricts or completely prohibits access to Internet resources and removable devices, and therefore, excludes the possibility of a virus invading via those sources.

The above steps are effective but still not sufficient, as an employee can find and disable these settings.

Best practice

Users should only have access to the local resources they require to perform their jobs. It's no use trying to convince staff that flash drives are dangerous. It is much easier to centrally disable access to such devices.


The restriction of access to removable devices is centrally configured in the Dr.Web Control Center.

Protecting a corporate network from infections via Internet resources


These features are only included in the Comprehensive Protection license.


To do their jobs, people need to be able to read news and stay informed. The danger is that most employees:

  • Access the Internet from office computers;
  • Perform their tasks under an administrator account in Windows;
  • Use weak passwords that can be easily cracked
  • Do not install security updates for programs they use.

Uncontrolled Web surfing increases the risk of data leakage and unauthorized modification of sensitive data.

Which websites are more likely to be sources of malware and phishing attacks (in descending order of incidence)?

  • Sites related to technologies and telecommunications
  • Business sites: business outlets, business news portals, accounting-related sites and forums, online courses/lectures, services to improve business efficiency
  • Adult-content sites

Best practice

An anti-virus system should be used to scan all the links that will be used to download network resources, and all traffic up to the point that it enters a computer.


Composite Dr.Web protection is recommended to protect your system against infection when visiting a malicious website.


The features of the Dr.Web anti-virus protection system let you:

  • Partially restrict Internet access;
  • Create and use black and whitelists of addresses, so you won't have to block Internet access completely for employees, if they need it to do their jobs;
  • Block Internet access where essential (for example, on computers running accounting software);
  • Prevent employees from removing restrictions locally.
Reduction of downtime caused by viruses

Viruses and spam are the main threats to a company’s security, regardless of its size. Analysing corporate network security, taking preventive measures and overcoming the consequences of virus attacks are daily responsibilities for IT personnel. Reducing downtimes caused by malware is a key task for system administrators. The efficiency of an entire company’s business routines and its positive image as a reliable partner depend on the successful accomplishment of this task.


  • Downtimes per user average two hours per month.
  • The higher an employee’s position — the more costly the downtime.

Time spent waiting for a problem to be resolved, resolving the issue, and searching on one’s own for a solution may have unpredictable consequences including data losses.


If you use Dr.Web, downtimes caused by viral incidents are reduced to a minimum. This frees the system administrator to address other pressing issues.

About email traffic filtering

Why e-mail needs to be filtered
  1. According to statistics collected by Dr.Web CureIt! 60% of computers have no protection from viruses. Each computer is infected with an average of 10 malicious programs (including those unknown to the installed anti-virus at the time of infection). Viruses from infected computers spread over a network and e-mail becomes a transport medium. Experience shows that compromised mail servers become a source of viruses that can't be neutralized without an anti-virus for file servers. A special product is required to protect an mail server.
  2. Mail traffic is the main transport for viruses and spam. If a company's network is infected then it is e-mail that can become a source of viruses that can invade all the network nodes, since malicious programs on a victim machine have access to the address book of the employee where both your employees' and your customers' addresses can be stored.
  3. "Ingenuity" of employees is often the reason that computers of the company become part of botnets and a source of spam themselves that harm the company's image among its partners. Using Dr.Web Mail Security Suite significantly reduces the risk of discrediting the company by including it in black lists and disconnecting it from the Internet for sending out spam.
Why e-mail needs to be comprehensively filtered

Only comprehensive solutions for e-mail combining anti-virus and anti-spam can ensure its full protection and reduce the company's expenses. Using anti-virus without anti-spam:

  • Allows hackers to carry out attacks on mail servers and email clients used by employees. Sometimes there is no need to open an infected email you have received. The fact of its receipt may be sufficient to infect the machine or disrupt its operation.
  • Leads to increased payments for traffic;
  • Increases unproductive spurious load on mail servers;
  • Reduces performance of all employees who receive mail and have to clean up their mailboxes from spam.
Why all network nodes, not just e-mail traffic, need to be protected

Mail flows passing through the workstation and server are not the same.

  • A user (or programs which he agreed to install without knowing their functionality) can send and receive messages:
    • directly to Internet mail servers (via SMTP) if port 25 is open in the network;
    • to mail services like — via POP3/IMAP4 protocols.
  • A user (or programs which he agreed to install without knowing their functionality) can send messages over secure channels, and the server will not be able to check them.
  • A server (or programs installed on it) can create their own mailing lists and notify senders and recipients of various events independently.


Cyber-crime groups developing malicious software have streamlined release cycles which including testing if malware is detected by all known anti-virus programs. Unknown at the time of entry in the company's local network, malware easily spreads over the network. Infected hosts include mail servers. Mail traffic as well as PCs and the server Should be protected! Mail server protection prevents spread of malicious files, including those unknown to the anti-virus at the time they get into the network.

About significant reduction of the load on the mail server and PCs with Dr.Web Mail Security Suite

Both workstations and the server need to be protected. When using Dr.Web Mail Security Suite:

  1. E-mail will be filtered on the server once, not multiple times at each station this will improve their performance, and employees will be much less likely to complain about their slow PCs and distract you to troubleshoot them.
  2. Internal traffic will be substantially reduced due to encryption and compression algorithms utilized it Dr.Web products this functionality is not available in the products for the protection of workstations for any vendor.
About the advantages of anti-spam filtering at the server rather than at PCs
  1. Anti-spam in Dr.Web Mail Security Suite filters mail from spam once at the server rather than at each workstation this reduces the load on the workstations.
  2. Through the use of Dr.Web Mail Security Suite anti-spam unproductive spurious load on the mail server will drop (the amount of spam in e-mail traffic is up to 98%, and deflecting it will improve the e-mail server operation). You will no longer be blamed for delays in e-mail delivery and for lost letters.
  3. The anti-spam incorporated into Dr.Web Mail Security Suite is much more efficient than the anti-spam for PCs because it utilizes technologies that may be used only with mail servers.
About the advantages of Dr.Web anti-spam
  1. Dr.Web anti-spam is delivered as part of single solution (not as a separate product) and is installed with a virus-filtering product on the same server. This simplifies administration and provides a lower total cost than it would have been in the case of purchasing competitors' solutions.
  2. Dr.Web Anti-spam has a number of undisputable advantages:
    • the anti-spam doesn’t require configuration or training. Unlike anti-spam solutions based on Bayesian filtering, it starts working as soon as the first message arrives;
    • it detects spam messages regardless of their language;
    • customizable actions for different categories of spam;
    • The white and black lists of its own rule out a possibility for a company to be discredited by adding it deliberately to lists of unwanted addresses
    • low number of false positives;
    • stays relevant with one update in 24 hours – unique spam detection technologies based on several thousands of rules allow the anti-spam to stay up to date without frequent downloads of bulky updates.

More on the anti-spam technologies

About the advantages of e-mail filtering at the e-mail gateway


If you install the mail filtering software on the mail server, you won't be able to use certain Dr.Web features. In this case the product will be limited by the API provided by the mail server for integration. Therefore, Dr.Web mail filtering products installed as a mail gateway on a machine other than the host running the mail server, perform with maximum efficiency.

  1. The mail server is not directly accessible from the Internet so this will not allow hackers to exploit the vulnerabilities (both those previously known and zero-day ones) including through specially compiled messages.
  2. Using Dr.Web Mail Security Suite together with SMTP proxy additional component ensures:
    • Better overall network security
    • Improved filtering quality with no limitations caused by a mail server
    • Lower workload of local mail servers and workstations
    • Greater stability of the mail filtering system.
  3. Increasing reliability of the entire corporate network (free of viruses and spam in e-mail traffic) will strengthen your professional reputation in the field of anti-virus security.
About the of threats of using free solutions to filter e-mail

The so-called Open Source Solutions are free solutions developed by a group of independent developers. By relying mail protection upon similar products, a company that installs them expose itself to a variety of risks:

  • the product developer is not responsible for its functioning;
  • slow analysis and adding new viruses to the database;
  • no professional services of the developer's technical support.