Commtouch technology is built on a unique cloud-based infrastructure designed to provide the most rapid and accurate response to messaging and Web threats. Real-time automated analysis of global threat trends in Commtouch’s Global Data Center provides actionable information for blocking spam and malware and enabling safe browsing.
Three essential principles inform Commtouch’s messaging and Web security and form the foundation for its robust technology infrastructure:
The Commtouch messaging protection strategy is based on the most fundamental characteristic of spam and malware: mass distribution over the Internet.
Rather than evaluating each individual message, Commtouch’s patented Recurrent Pattern Detection™ (RPD™) technology analyzes large volumes of Internet traffic in real-time, over 2 billion messages per day. Through analysis of recurring distribution patterns and structure patterns in the Commtouch Data Center, new spam and malware outbreaks are identified as soon as they emerge.
Commtouch engines, deployed worldwide through the products of its OEM partners, query the Commtouch Data Center and receive message classification in real-time. The result is instant protection from new outbreaks – far ahead of signatures or software updates. Because the technology blocks threats in real-time, it is ideal for closing the vulnerability window in traditional anti-virus solutions, since there is no need to wait for any signature or update. It is also equally effective regardless of language, or email content type.
RPD has been recognized by key industry analysts as a leading technology in email outbreak detection. Osterman Research has indicated that it achieves the industry's best detection/accuracy performance and IDC wrote that it "detects and blocks spam in the first few minutes of an outbreak, unlike other anti-spam approaches."
The Web is an almost infinite collection of diverse data, and Web security solutions are faced with two important challenges: figuring out what to analyze (i.e., solution coverage) and how to analyze it (i.e. accuracy). Commtouch technology uses comprehensive data sources that cover both productivity and security issues, (e.g., user requests & feedback, open traffic collectors, zero hour malware patterns).
Every piece of data that enters the Commtouch Data Center is analyzed through a series of advanced, automated assignment engines such as text analysis, link analysis, image analysis, virus checks and reputation analysis.
In order to provide instant access to the enormous amount of information generated by the Data Center, Commtouch has developed an innovative technology – the Commtouch Data Cloud. Unlike traditional Web security technology where security data is pushed to the local client, limiting the accuracy and performance by the local storage capabilities, Commtouch keeps the data in the Cloud, allowing local clients to benefit from the most accurate and relevant information at any given moment.
By taking full advantage of the depth and breadth of resources available in the Cloud, the Commtouch engines extract patterns and threats from a vast and diversified group of sources in mere seconds. In order to provide comprehensive and diverse data sources, Commtouch formed a Security Alliance, which gathers security expertise from leading web defense vendors across the security spectrum. Once a new web page is classified, this information remains in the Data Cloud for ongoing reference available for all end customers.
With today’s trend of blended threats, Commtouch realizes that a global view of threats is necessary. RPD and Data Cloud technologies automatically analyze billions of transactions each week to identify new messaging and Web threat outbreaks as they are initiated. With Commtouch technology, each product engine provides information for the other engines in a comprehensive, self-learning feedback loop that learns locally as well as globally.
This Data Center feedback loop relies on the fact that each product has its own analysis track, adjusted to its own needs and based on a huge source of traffic. Each product offering is designed to answer a different problem (e.g., anti-spam blocks unwanted email messages and URL filtering identifies a URL classifications); however, the output of each can provide value to other, related products. Sharing the information in the Commtouch data center across product lines allows Commtouch to enrich the sources of information and to offer superior detection and false positive rates for all of the product offerings.
