Dr.Web ATM Shield
Centralised protection for embedded systems (ATMs, terminals and multi-kiosks)
Demo Dr.Web ATM Shield
My Dr.Web Portal login
Low system requirements; updates consume minimal bandwidth.
Reliable protection from zero-day programs including those that haven't yet been analysed by the Doctor Web anti-virus laboratory.
You are mistaken, if you believe that:
Malware cannot penetrate an embedded system that is only accessible to technical specialists;
Once installed on a device, systems based on checksum verification programs offer sufficient protection;
A small amount of RAM and a low performance CPU make it impossible to protect such devices with an anti-virus.
Only an anti-virus provides protection against malicious programs—including those created specifically for ATMs. Designed for embedded systems, Dr.Web ATM Shield incorporates state-of-the-art anti-virus security technologies and fully protects embedded systems of any configuration.
Find out more!
- Per number of protected embedded systems
- The Control Center comes with Dr.Web ATM Shield free of charge.
- Dr.Web—always the first
The first malware species targeting ATMs was detected in Russia in March 2009. It was found that the virus (Trojan.Skimer) could easily steal money from cardholder accounts. This threat was implemented as a Trojan horse that collected credit card information and PIN codes attached to the cards. Infected ATMs were first discovered in Moscow, and later in St. Petersburg.
Doctor Web was the first to respond to this threat: the company alerted the public to Trojan.Skimer’s existence and then developed an anti-virus for embedded computer systems (ATMs, multi-kiosks, and POS networks) that offers real-time protection from viruses — Dr.Web ATM Shield. This product was developed on the basis of Doctor Web’s flagship product Dr.Web Enterprise Suite, whose main advantages (expressly taking into account the specifics of banking networks) apply to Dr.Web ATM Shield.
- Seamless integration
The many advantages of Dr.Web ATM Shield include:
- Deploying the anti-virus network is easy;
- The anti-virus packages deployed on the client side have many configuration options;
- The server rapidly and efficiently distributes virus database and application module updates between protected hosts; no additional configuration or custom update schedules are required;
- Extremely easy administration.
With the hierarchical multi-server Dr.Web ATM Shield protection system, where interconnected servers provide protection for an entire company network, information about the entire network is collected on one server; this solution is the best choice for organisations with multiple branches, e.g., banks. This highly scalable solution can be deployed in networks of different sizes and topologies, ranging from several connected embedded computer systems to complex distributed networks connecting tens of thousands of hosts.
With Dr.Web ATM Shield, organizations guarantee themselves minimal losses in the event of virus attacks, eliminate downtime, and simplify system maintenance.
- Detection of all types of threats
Technologically complex and highly dangerous viruses, especially those designed for commercial gain, are normally tested by virus writers using all known anti-virus software before they are released into the wild; this ensures that the viruses go undetected by anti-viruses for as long as possible. Preventing such infections is a complex task that can only be solved by means of modern technologies and anti-virus products.
- Protection from unknown threats using the unique non-signature detection technology Origins Tracing™ and the intelligent Dr.Web heuristic analyser. The heuristic analyser, whose analyses are based on criteria that is typical of various groups of malicious programs, detects most known threats.
- With the unique FLY-CODE™ technology at its disposal, Dr.Web detects and removes malware disguised with unknown packers. The comprehensive analysis of packed threats significantly improves the detection of supposedly “new” malicious programs that were known to the Dr.Web virus database before they were concealed by new packers. Such an analysis also eliminates the need to add redundant definitions of new threats to the virus database.
- Neutralises viruses, Trojans and other malware.
- Comprehensive databases for detecting spyware, riskware, adware, hack tools, and jokers.
- Cures viruses
A good anti-virus application can detect viruses. Deleting an infected file that may contain important information is one thing, but restoring the file to its original, healthy state is entirely different matter.
Dr.Web detects and cures viruses
- The Dr.Web anti-virus functions on infected computers; its exceptional resistance to viruses makes it a stand-out among other anti-viruses.
- A system does not need to be cured prior to Dr.Web’s installation; this is due to the product’s unique technologies for scanning memory processes and its outstanding ability to neutralise active infections. It can even be run from external media without installing it in the system (for example, from a USB stick) and cure active threats during installation.
- Dr.Web is capable of detecting and neutralising viruses that only reside in the RAM and never exist as separate files. Even today, few anti-viruses can neutralise such threats.
- Dr.Web can reliably detect packed malicious objects regardless of whether it recognises the compression format, and can disassemble and analyse them in detail to expose hidden threats.
- Only Dr.Web can fully check archives at any nesting level. This means that the Dr.Web anti-virus will detect and neutralise a threat even if it has been compressed many times with various supported archiving programs.
- Maximum security with Dr.Web
Dr.Web ATM Shield includes the Dr.Web scanner, file and system monitors, and traffic filtering and device control modules. The Dr.Web scanner is designed to sweep systems for viruses, both on demand and according to a predetermined schedule. Dr.Web SpIDer Guard is a file monitor that remains in the system memory and scans on-the-fly all files as they are being opened and applications as they are being started. In addition, it constantly monitors the actions of running processes typical of viruses and, if any are detected, it blocks the processes and displays a corresponding notification.
- Constant control of all objects at risk of infection—removable media; e-mail formats; and files and directories, including those that are packaged and archived. The highest quality of curing, powered by constant new technology upgrades and a high level of self-defence, leaves viruses and other malicious objects no chance of penetrating a protected network.
- Full scan of all traffic: all traffic transmitted via protocols supported by Dr.Web is scanned, on all ports.
- Anti-virus scan modes include express, full and custom—the latter can be launched manually.
- Different actions can be performed with different types of objects, e.g., cure, move to the quarantine, delete; action sequences allow you to define which action will be applied to an object if the first action can't be performed.
- User-defined file and path exclusions.
- The Quarantine isolates infected files; quarantine storage time and its maximum size can be specified.
- Curing, restoring and removing quarantined objects.
- The anti-virus log contains the time of each event, the name of the scanned object and the type of action applied to the object.
- Disrupts attempts to render the anti-virus non-operational
The SelfPROtect module protects Dr.Web ATM Shield files and directories against unauthorised or inadvertent deletion or modification. With the self-protection module running, only Dr.Web processes can access these resources.
- The file monitor is highly resistant to attempts by malicious programs to disrupt its operation. Dr.Web SelfPROtect is implemented as a driver that operates at the lowest system level. It cannot be stopped or unloaded until a system is rebooted.
- Protection against attempts to change settings in violation of corporate security policies. Dr.Web SelfPROtect restricts access to the network, files and folders, certain branches of the Windows Registry and removable data-storage devices on the system driver level, and protects the software from anti-antiviruses aiming to disrupt Dr.Web’s operation.
- Some anti-viruses modify the Windows kernel by intercepting interruptions, changing vector tables, using other undocumented features, etc. This may have a negative impact on system stability and pave new ways for malicious programs to get into a system. At the same time, Dr.Web SelfPROtect maintains the security of the anti-virus and does not interfere with Windows kernel routines.
- Always up-to-date
- Virus database update reminders
- Automatic (scheduled) and on-demand updating
- Centralised administration
The Control Center is equally reliable in networks of any scale and structural complexity, ranging from small workgroup networks to distributed intranets with tens of thousands of hosts.
Dr.Web ATM Shield allows administrators working within a network or remotely over the Internet to centrally manage all anti-virus security components, monitor the status of all protected hosts, receive notifications about virus incidents and set up automatic responses to those incidents. You only need a TCP/IP connection between the administrator's computer and the anti-virus server.
The Control Center is provided free of charge.
|Removal of all types of threats
||A shield against Internet threats
|Isolation of moved files
Block access to Internet sites and removable data-storage devices
- Operating system: Windows XP Professional / XP Embedded / Server 2003/Vista/Server 2008/7/7 Embedded/8/8 Embedded (32 - and 64-bit editions);
- CPU: Intel Pentium IV 1.6 GHz or faster;
- RAM: 512 MB;
- Free hard disk space: at least 235 MB for executable files; additional space is required for logs and temporary files.
Additional requirements: Internet connection for registration and receiving updates.