Wholl Fill the Gap in the Gateway Security Market?

By Larry Seltzer  |  Posted 2005-08-09 Print this article Print

Opinion: The big three AV companies got a big boost from the ITC decision. It's going to be easiest for competitors simply to license them from now on.

A ruling against Fortinet by the US International Trade Commission has triggered a silent crisis in the network anti-virus market. The number of products that potentially infringe in the same way as Fortinet is very large. The ruling finds that Fortinets products violate a Trend Micro patent and may not be imported to the United States. Just about all network appliances, especially the inexpensive ones, are manufactured abroad, so many companies are at risk.

The Trend Micro patent at issue, which covers the use of network proxy servers to perform anti-virus scanning on FTP and SMTP communications, is not one of the clearly stupid patents for which the USPTO is famous (like this one, which has the bright idea of removing white space before evaluating a macro).

In 1995, when it was filed, it was actually a fairly clever idea, and SMTP had certainly not become the wasteland of abuse that it is today. The fact that McAfee and Symantec settled with Trend Micro back in 1998 indicates that they saw enough merit in it not to resist. Because of these settlements, licensees of McAfee and Symantec, such as Servgate, are also unthreatened by this legal development.

The other antivirus companies will either have to license the patent, which Im sure Trend Micro will be happy to do, or find some noninfringing technique. Ive been told that there are companies that use a packet filter approach as opposed to an actual proxy and that this may be noninfringing, but it seems problematic to me. How do you filter files if you only look at packets? It has to limit the flexibility of the scanner.

It seems odd to me that the patent limits itself to the FTP and SMTP protocols, but perhaps the expectations back then of the patent office were a little higher than they are now, and broader claim of all network proxy scanning was risky. In any event, they hit the jackpot with SMTP, clearly the most important protocol for such scanning. There are dozens of antivirus appliances and network that perform this function.

Next Page: Interesting Issue of ClamAV

Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel