My interview with PC Week

(No Ratings Yet)

Loading ...

Posted by Jim on Oct 9, 2008 28 views

Below is the full story of my PCWeek interview. I always liked the quotes that came out of this interview and the professional way they did the story. I was also making appearances at IT conventions such as Network Interop. At that time we started a users group here in the US, and started doing meetings. The tech support and development staff - at that time the same people - were great. Shame I didn’t blog a kudos to the guy working in Australia doing support and development at that time. He was of great help while we worked through this products early days.

Anti-virus gateways close the door to viruses
By Jim Rapoza, PC Week Online
01.21.98

For administrators worried about viruses getting into their company through E-mail or the Internet, traditional desktop scanners cut it too close for comfort. Fortunately, a new breed of anti-virus gateway products lets companies stop trouble before it gets in.

Anti-virus gateways come in many different forms, from highly specialized products designed for specific messaging systems (such as Microsoft Corp.’s Exchange) to broad virus firewalls that look for viruses coming in through any Internet connection.

Just two years ago, this was a small category of products, represented by applications such as Integralis Technology Ltd.’s MimeSweeper and Trend Micro Inc.’s InterScan VirusWall. However, in the last year, nearly every anti-virus vendor has introduced a gateway product, making it possible for most companies to purchase their gateway from the same company that provides their virus scanners.

The methods used by gateway products are fairly simple: E-mail traffic is routed through the gateway, where files are quickly scanned for viruses. If a virus is detected, the scanner attempts to clean the file. If the file cannot be cleaned, it is quarantined in a safe directory or deleted. Administrators can choose to have recipients receive the body of the message, minus attachments, or block transmission of the entire message.

Depending on the system, notifications of detected viruses are sent to an administrator and, often, to the sender and the intended recipient. For Web and FTP traffic, most gateways work as simple proxy servers, with users connecting to the gateway, which then connects them to the Internet.

Most products also have logging capabilities, allowing businesses to track how often viruses enter their systems and pinpoint which users are most at risk.

One of the biggest reasons Jim Skamarakas began using Integralis’ MimeSweeper is its ability to scan for viruses before they enter his network. “If you want to catch a virus, you want to catch it on the outside,” Skamarakas said.

Skamarakas is a senior network engineer at Sherikon Inc., which is under contract to provide technical services to the U.S. Army Simulation, Training and Instrumentation Command, in Orlando, Fla. Skamarakas began using the product a year ago, after a three-month evaluation period. Before MimeSweeper, Sherikon’s virus protection strategy was based mainly on desktop scanners.

While desktop scanners are the most effective way to protect individual users’ systems from viruses, administrators are not comforted by the thought that a virus got that far before it was stopped.

Company policies that discourage employees from bringing software and floppy disks from home limit some risk, but administrators can’t eliminate E-mail. Gateway products such as MimeSweeper, one of the first in this category, are designed to stop viruses before they reach the mail server.

Skamarakas, whose responsibilities include network design, beta testing and security management, also uses the content scanning feature of MimeSweeper, which lets administrators block most junk mail by scanning the content of E-mail messages.

Unlike gateway products that are tightly wedded to a specific scanner, such as Symantec Corp.’s Norton AntiVirus for Internet E-mail Gateways, MimeSweeper can be used with any scanner. However, Skamarakas, who is using Network Associates Inc.’s VirusScan as MimeSweeper’s scanner, said that while the flexibility is nice, it was not a major selling point, since he finds little difference in the scanning capabilities of anti-virus products.

Internet E-mail: A prime risk

When their mail system was limited to internal communications, scanning E-mail for viruses wasn’t a major concern for Mark Bellegia, a network specialist at Taco Bell Corp., in Irvine, Calif. But that changed a few months ago, when the company opened its Exchange 5.0 messaging system to the Internet.

Bellegia evaluated Trend’s InterScan E-Mail VirusWall and was impressed with its ease of administration and setup. In November, he implemented the product, running it on Windows NT Server 4.0. Bellegia chose not to run the entire InterScan VirusWall package, which scans all IP protocols, because of the protection already provided by Taco Bell’s firewall and Internet service provider, and because “E-mail is very widely used in our company, making it the primary area of risk.”

Bellegia configured the product to scan all messages coming into or out of the Exchange SMTP gateway. If the product is able to clean an infected file, the message and file are sent to the recipient, who also receives a message saying that a virus was found and removed. If a file cannot be cleaned, Bellegia has configured the product to delete it, rather than quarantine it. “I’d rather not keep those things around,” he said.

Kurt Schlegel, an analyst at Meta Group Inc., in Stamford, Conn., said that although the primary area of defense for most companies is still the desktop, many companies are implementing gateways for added protection.

He also noted that mail gateways are especially important due to the rise of macro viruses, which can easily enter companies via documents attached to messages. Unlike traditional viruses, which require a user to execute a program before they become active, users can be attacked by a macro virus simply by opening a document.

According to Schlegel, decisions about anti-virus products are moving closer to the CIO and away from the departmental managers who traditionally handled them. This is in part due to the integration of gateway products with third-party firewall and network management tools. For example, MimeSweeper is currently integrated with Check Point Software Technologies Ltd.’s Check Point FireWall-1.

Schlegel expects this trend to continue. “Administrators want to be able to manage anti-virus along with other security issues such as firewalls and authentication management,” he said.