Plug-In Protection
Email
Print
New appliances that offer antivirus and content-filtering functions might give software solutions a run for their money. Here's why they make sense for some but aren't quite right for others.
For Jim Mancini, security threats to his companys network are the stuff bad dreams are made of. As IT director of ICTI, a Yardley, Pennsylvania, firm that manages clinical trials for pharmaceutical companies, Mancini had used antivirus software as his main weapon for years. But he just couldnt get comfortable with the fact that the software sat squarely on the very network it was trying to protect. It had failed to block a virus attack once before, and Mancini was searching for an alternative. He had heard about a new appliance by Aladdin that filtered for viruses, blocked spam, and stopped unauthorized URLs before they reached the network. "It really offered a bunch of tools in one package," Mancini says. "And it seemed easy to use."He installed the Aladdin eSafe appliance, and a week later an e-mail from the appliance alerted him it had caught and neutralized the Klez virus, keeping it safely away from his network, which is used by 220 people at the companys headquarters and 80 others at satellite offices. The appliance has also kept bandwidth hogs in check and curbed inappropriate Web surfing, thanks to its HTTP filtering.
The appliances havent quite caught on yet, perhaps because many IT administrators havent heard of them. And the few who have arent quite ready to make the leap to an unfamiliar solution, particularly when it comes to security, says Jaclynn Bumback, research analyst for In-Stat/MDR. Its too soon to determine how well theyll sell, but the concept seems on target.
"These appliances stop viruses before they get to the desktop, so theyre a step ahead," Bumback says. "From a security standpoint, they make more sense."
They also relieve servers of the burden of scanning traffic for viruses and malicious or offensive content. That content can adhere to any number of protocols, including SMTP, HTTP, POP3, or IMAP4. Antivirus software running active scans can eat up a significant amount of a servers processing capacity. Meanwhile, encryption and scanning algorithms continue to advance and require more processing power.
The six devices in our main roundup belong behind a firewall on the network, and they fit into one of two categories: gateways or relays. The Ositis AVStripper is a gateway; in which all traffic passes through it and is scanned on the way to the e-mail servers or the rest of the network. The rest of the products are relays; they pretend to be the final destination of all e-mail or Web traffic, but they also scan the traffic, and then, only when the items are deemed safe, pass them along to the rest of the network.
A seventh appliance, the Symantec Gateway Security, is included in this story, but weve set it apart from the others because it offers additional features such as a firewall, a VPN, and load balancing. (See "
Davis D. Janowski is Lead Analyst for Web Applications and Software, charged with covering the likes of Google, Microsoft, Yahoo!, and millions of other Internet and Web companies. Prior to this, he served as Section Editor for Consumer Networking, GPS Products, Phones & PDAs (Mobile and VoIP), Associate Editor for Networking Infrastructure, and Associate Editor for Internet Infrastructure. Before joining PC Magazine, Janowski worked as a medical editor, covering epidemiology and infectious diseases, receiving training at the Centers for Disease Control. At one point, he acted as guide for a CDC team, collecting ticks for a study on the origins of human ehrlichiosis in the Florida bush. Before that he made a very modest living as a freelance writer and photographer, covering scuba diving and nautical archaeology.
