ESET LiveGuard Advanced – Table of Contents

ESET Mail Security

Copy current article URL Share via email

This article (PDF) Whole documentation (PDF)

Each email detected by ESET LiveGuard Advanced within ESET Mail Security follows the submission process shown below. Policy settings define the following:

•hold time (only for protection of mailboxes)

•specific security levels

•action after detection (only for protection of the host server)

ESET Mail Security is protecting the host server and also mail boxes

ESET Mail Security with ESET LiveGuard Advanced protects the mail boxes as described below. The protection of the host machine is the same as described for ESET Server Security.

ESET LiveGuard Advanced for ESET Mail Security

The email analysis follows a four-step process:

1. Email scanning

The email is downloaded from the internet or another untrusted source. Your ESET security product processes and scans the email.

Email scanning

2. Email analysis and delivery

If your mail security product marks an email message for analysis, the email is held for a pre-set time period. While the email is on hold, ESET LiveGuard Advanced analyzes the email attachment. If the analysis result is clean, the email is immediately delivered. If it is malicious, a standard cleaning action takes place. If the analysis result does not come in the predefined waiting time, the security product releases the email to the recipient. When the result is available later, within 2 minutes, all computers block this attachment immediately.

•Emails on hold are listed in ESET Mail Security. Navigate to ESET Mail Security > Tools > ESET LiveGuard Advanced to see the list of emails on hold.

Email analysis

ESET LiveGuard quarantine

•The maximum wait time for an analysis is set in the ESET Mail Security policy under Computer > Cloud-based protection > ESET LiveGuard > Maximum wait time for the analysis results.

Email analysis workflow

3. Analysis results are shared

ESET LiveGuard Advanced uses four separate detection layers and the analysis results are saved to a database in the ESET cloud. The database is synchronized every single minute with ESET PROTECT On-Prem. All machines with activated ESET LiveGuard Advanced and ESET security product are also synchronized with the ESET cloud every 2 minutes.

Analysis results

4. Evaluation and cleaning

Analysis results are also sent back to your ESET security product and the email is scanned again. If the email is clean, it is delivered (unless the hold period has already passed).

Settings for cleaning actions and detection are set under category Server in the ESET Mail Security policy.

Analysis evaluation

˄˅