- Print
- PDF
File Safer concept
- Print
- PDF
Available in Classic and VPC
Before learning the full scenario for using File Safer, some important concepts about File Safer will be explained. The following are the main concepts to be explained.
See Glossary for a better understanding of the File Safer concept.
Malware detection scenario
A scenario is required to effectively detect malware while maintaining service performance. Scanning malware at the time a file is uploaded/downloaded by a user can slow down service use and cause inconvenience. However, scanning after file upload is complete does not affect the user's service use speed. So you can spend time scanning or analyzing your files. Like this, the malware detection/blocking scenario should be different depending on the situation.
Since the hash filter checks for maliciousness with the hash value extracted from the file or URL, the transaction is short and concise and does not burden the system interface. However, in the case of new/variant malware that cannot be identified with Hash Filter, it is necessary to detect maliciousness by analyzing the file using File Filter. Since the transaction of File Filter is slower than Hash Filter, it may affect the speed of service use. Therefore, Hash Filter and File Filter can be applied in combination according to service characteristics. For example, if Hash Filter is applied to the part where service speed is important because it is related to the user interface, and malware is filtered by applying File Filter to the part where the file enters the system and does not cause inconvenience to the user, it will be possible to efficiently detect and block malware while maintaining service performance.
A malware detection scenario is established according to the user's business logic. Users nay choose whether to block detected malware or not.
Hash Filter application scenario
The scenario for using Hash Filter to detect and block malware when a post is written by an attacker is as follows:
The scenario for using Hash Filter to detect and block malware when the user downloads malware attached to a post is as follows:
File Filter application scenario
The scenario for using File Filter to detect and block malware when a post is written by an attacker is as follows: This scenario is applied when the speed of service use is not affected or when re-scan is required.
Advantages of using File Safer
The advantages of using File Safer are as follows:
- Flexible application using REST API: since the File Safer function is provided as REST API, it can be applied according to the customer's business logic.
- Manage detection history: it provides the malware detection history view function. In addition, if malware is detected or malware search fails, you can receive notification by email, and it provides an advanced setting function to receive notification mail if it is detected more than a certain number of times within a user created time.