Agnitum delivers Outpost 6.7.3 with new auto-update functions

Good news, everyone! :-)

Today we shipped another iteration of Outpost 6.7 solutions - 6.7.3.

With this release Agnitum introduces daily updates of Outpost installation packages. What we mean is regular incorporation of new malware and rule databases into Outpost. During the workday, these bases come embedded into the installation package and downloadable from the web-site.

It is the result of new internal automation processes in Agnitum's R&D implemented since 6.7.2 edition.

This tweak brings great savings for customers who won't have to waste time and Internet traffic to constantly download updated bases. A good advantage over competitors who tend to bloat their installation packages up to 150% of the original volume just for that reason.

To sum up, the improvements ensure:

• increased frequency of malware database updates: updates are now delivered three times a day (minimum) on weekdays
• Anti-Malware engine now gets auto-updated through regular malware database updates, meaning that for receiving new features and fixes no separate product update is needed

You may find Outpost 6.7.3 solutions at http://www.agnitum.com/products/.

11 is not binary 3 :-) - Agnitum's 11th birthday!

Last year we must've been so busy developing security software as to forget to fish for anniversary congrats - this time we'd like to fix that bug :-) February 1 is Agnitum's official establishment date, so we gladly accept best wishes for our 11th birthday.

Also we'd like to thank our devoted customers and supporters! We wouldn't be what we are without your help, understanding and loyalty. So you guys are welcome to celebrate with us!

Eleven years is quite an age for an Internet-catering firm, we've changed a lot since 1999 so have our products. The only thing that went unaltered is our commitment to defend your PC from all sorts of web nasties and exactly as our slogan goes - take care of your security while you may indulge yourself to something more pleasant :-)

Before we get down to shot glasses as this pirate country's tradition implies we remind you to keep your eye on this blog - more product news and descriptions should follow soon.

P.S. Customer Support remains on duty.

Pavel Goryakin, Agnitum

Outpost 6.7.2 available

The New Year brings a new interation of Outpost 6.7 product line, another step to Agnitum's 2010 (7.0) security solutions. You can now download the latest Outpost Security Suite Pro, Outpost Firewall Pro and Outpost Antivirus Pro 6.7.2 from Agnitum's web-site.

The full history of updates is available by the security suite link.

Upgrade and enjoy!

Pavel Goryakin
Agnitum

Anti-Malware Improvements - Part 1. Interface

This time we'd like to share with you some tweaks made within Outpost's Anti-malware module for the new line-up. The dramatic growth of our malware database (more than 2,000,000 added signatures for now) goes without saying.

Generally, all product alerts become more visible and clear, this specifically concerns Anti-Malware. More transparent information is delivered with an emphasis on threat type and source and Outpost module in charge, plus the warnings are designed in a user-friendly fashion to indicate relevancy of this or that event.

Here we'll demonstrate some usability advancements in more detail:

• In compliance with antivirus protection standards, the option to automatically cure infected objects detected by the real-time monitor is now set as default action and applies to all suspicious/infected objects found. This measure caters to average users who rightfully prefer the program to perform an optimal operation rather than rely on their own decision.

• Actionable Quarantine facilitates decision-making regarding neutralized suspicious objects; quarantined files can be easily restored, removed or removed in bulk right from the new menu in a couple of clicks. Detected malware can also be filtered and sorted by certain criteria. For known "beasts" detailed information is available.



• The overall structure of Anti-malware Settings was improved to combine General and Additional Real-Time Protection settings in a single window.

And there are more nice options such as heuristic analyzer settings, to name just one thing of a few. Part of the Antimalware module, the heuristic analyzer turns visible in the interface and more flexible due to adjustable sensitivity levels (normal/high).

This is how it is in Outpost Pro 2009:



And here's the 2010 structure:



This was a sneak peak of Anti-Malware 2010, keep on reading! And if you haven't yet subscribed to Agnitum Blog, it's high time to do so ;-)

Maxim Korobtsev
CTO, Agnitum

Outpost Pro 7.0: Seven Improvements of the Firewall Module

This blog posting is a New Year gift for advanced Outpost users. We heard and read some complaints concerning lack of information about the firewall improvements. Indeed, we may have overlooked the firewall development announcements in the past as they usually refer to something "not visible" and intangible. Now we'd like to correct this mistake and tell you more about Outpost firewall technology 2010.

Warning! Watch out! Gobbledygook ;-)

1. Windows 7-related activity

Agnitum's R&D has implemented a new mechanism of network activity and content filtration using Windows Filtering Platform (WFP) technology. This has helped to resolve compatibility issues with Windows 7 and – potentially – with future Microsoft OS's, because WFP is positioned as the major platform for future Windows releases. As a result this new mechanism brings more stability to Outpost solutions (including the aspect of interaction with other network filters).

2. Windows Filtering Platform on Vista

Due to successful and stable operation of WFP-based filter on Windows 7 we decided to use the same technology for Vista (from SP 1) instead of TLI filter built on the principle of intercepting OS's undocumented interfaces. As WFP interfaces on Vista and Windows 7 significantly differ in a number of critical aspects, our team performed the integration of WFP-filter into Vista. This helped resolve critical errors which may have led to a BSOD when using TLI.

3. Using the new filtration mechanism on receipt of packets for Vista/Windows 7. Optimized performance in high-speed channels.

The packet filter underwent deep remodeling in the aspect of processing incoming packets on increased IRQLs. The workaround was to organize delayed processing of such packets with an aid of worker thread pool. This enabled lower burden on CPU during filtration and improved system "responsiveness" within intensive network operation.

4. Channel load between the driver and managing service was dramatically decreased. Increased system stability and lower CPU load as a result.

Special rules for packet sniffer were introduced in order to precisely configure the packet sniffer for receiving only essential information about filtered packets, for example, blocked packets and packets related to installation/connection termination. Minimizing packet notification between the driver and service led to decreased system load.

5. Content filtration improvements (loopback, no binary flow filtration)

The mechanism of rules creation and behavior control for content filtration that helped limit the volume of filtered data at the expense of the data transmitted via loopback channel as well as binary data irrelevant in terms of content control. At that the mechanism of detection and non-filtration of binary streams has been fully realized in the driver, which minimizes the number of messages between the driver and service, facilitates content filtering and ensures less impact on system performance.

Besides, critical errors in TDI/TLI filters applied in Windows 2000/XP/Vista RTM were fixed, which enabled advanced system stability.

6. SPI for UDP implemented (regards to old good Outpost 4.0)

We introduced a mechanism that can be used for blocking attempts of using non-TCP endpoints in server regime. In other words, incoming datagrams for endpoints are allowed only for those remote hosts from which at least one datagram was sent from the current endpoint. The mechanism allows to limit datagram endpoint usage only to the model of client behavior in the client-server scheme. This adds flexibility in terms of network security settings.

7. Filtration of invalid TCP flags

The packet filter checks TCP flags and classifies a packet as unwanted in case of incorrect combination of TCP flags. This mechanism decreases the firewall and network stack load in case of host-focused bombarding by such packets, as the packets are blocked on initial stages.

That's it for now. Hope you'll find enough food for reflection in this article :-) Looking forward to your feedback!

Last but not least we'd like to wish you a Happy New Year! Best luck, happiness and health in 2010!

Maxim Korobtsev, CTO, Agnitum

Outpost 7.0 – moving towards the public beta. Preview

Now that there are a few weeks left before the public beta of Agnitum's new product line we'd like to share a preview of new features and improvements to constitute the final Outpost Pro 7.0 expected in Q1 2010.

This blog posting is the first in a series where you'll find descriptions of the novelties we’re making as we develop the Outpost Pro 7.0 products, which are soon going into beta. We’re encouraging everyone to get to know the new versions gradually as soon as they'll become available, learning all aspects of what’s new and what’s better, so we can get your concurrent feedback. Many of the improvements in our products are suggested by our users, so you might find your idea in a future blog posts in this series.

Here's a very brief overview of how Outpost products evolved:

New! Outpost Protected Objects

Outpost Protected Objects (working name) module enables protection of locally-stored assets (Protected Objects) from corruption or access by malware. With just a few clicks, you can simply highlight a folder or file using Outpost’s Advanced menu and set a password. This simple action ensures private, secret or otherwise sensitive content is kept safe from children, colleagues or other users of the computer, as well as from external threats, such as spyware and other nefarious programs.

New! System and Application Guard

Outpost 7.0 users will benefit from System and Application Guard (working name), sibling of Outpost's Critical objects controller, which adds another layer of defense to Agnitum's paradigm. This new feature protects sensitive personal data (cached login details and passwords, electronic wallet IDs, etc.) stored by instant messengers, browsers and electronic payment processors from being accessed and hijacked by unauthorized non-related applications – a wide-spread technique employed by modern malware-makers. Outpost will be equipped with predefined access limitations so that only ICQ would be able to retrieve personal ICQ credentials, only Internet Explorer would be granted access to its cookies and so forth.

Improved! Anti-Malware engine

The Anti-malware engine has been enhanced with new detection and remediation capabilities and also underwent the following improvements:

• In compliance with antivirus protection standards, the option to automatically cure infected objects detected by the real-time monitor is now set as default action
• An updated heuristic analyzer, part of the Antimalware module, turns visible in the interface and more flexible due to adjustable sensitivity levels (normal/high)
• Actionable Quarantine facilitates decision-making regarding neutralized suspicious objects; quarantined files can be easily restored right from the new menu or exterminated in a couple of clicks

New! Monitor of file and registry activity

An invaluable assistant to advanced users, this tool provides a big picture of current file and registry activity. The user may opt to take a snapshot of the monitor's records for deeper analysis or, if necessary, terminate a suspicious process right from the list.

Improved! Updated anti-leak capabilities

Like the previous versions Outpost 7.0 has furthermore enhanced its anti-leak arsenal addressing the latest zero-day threats and data leakage techniques employed by sophisticated malware.

New! Revamped user interface

The solutions were redesigned to reflect the modern Windows 7 look and provide better visibility of product notifications.

Improved! Optimized performance

Outpost 2010 solutions deliver improved performance and use fewer system resources thanks to a number of measures:

• New! Tolerant filtration of P2P currents, such as video and audio streams
• Improved! More efficient anti-malware update process due to new local servers and decreased update volume - without prejudice to consistency and content
• Improved! Friendly interoperability with applications and web-sites using Middle and Far East language characters due to ImproveNet advancements

New! Extended compatibility

Outpost 2010 is fully compatible with Windows 7, Vista (up to SP2), Windows XP (up to SP3), Windows Server 2003 and 2008, and , as well as all previous 32-bit versions from Windows 2000 onwards and all 64-bit Windows. All Outpost solutions are fully compatible with the Microsoft Action Center in both Windows 7 and Windows Vista.

That's it for now. We'll elaborate the descriptions and give you more information on every feature and improvement in further blog postings. Keep your eyes open for the updates and expect the notification of publicly available versions!

Stay tuned!

Pavel Goryakin, Agnitum

100 days of Windows 7 support

We are pleased to announce 100 days of Windows 7 support, which was first introduced more than 3 months before the OS was officially released to the public on October 22, 2009.

Agnitum's R&D has been professionally exploring Windows 7 since 2008, lots of technological tweaks, preliminary and hands-on testing have been performed to ensure hassle-free co-operation with the new system.

As you may remember, Agnitum's first Windows 7 RC-compatible effort was version 6.7 (released on July 22). The current version 6.7.1 (released late September) further improved its compatibility with Windows 7 and Vista SP2. The product was properly integrated with Windows Action Center support and optimized system performance on x64 systems.

Windows 7 Official Release users may now take advantage of Outpost Pro 6.7.1 software proven by 3 months of successful interoperability. Full-functional 30-day trials of Outpost Firewall Pro, Outpost Antivirus Pro and Outpost Security Suite Pro are available for download at http://www.agnitum.com/products/

Pavel Goryakin
Agnitum Ltd.