IMLogic Curbs IM Threats in Real Time

As instant messaging usage grows in the enterprise, so does security concern about the messaging stream.

As instant messaging usage grows in the enterprise, so does security concern about the messaging stream.

IMLogic Inc. next week will launch a new tool aimed at detecting, blocking and quarantining IM security threats before they spread, said officials with the Waltham, Mass., company.

IMLogics RTTPS (Real-Time Threat Protection System) is integrated with the companys IM Manager software, enabling management of public and private IM users and networks, and with its Threat Center, allowing detection and analysis of IM and peer-to-peer threats.

/zimages/1/28571.gifIMLogics Threat Center gathers intelligence and provides early virus warnings. Click here to read more.

IMLogic developed and operates the Threat Center along with anti-virus and anti-spam vendors such as McAfee Inc., Symantec Corp. and Postini Inc. and with IM providers such as America Online Inc., IBM and Microsoft Corp.

IMLogic CEO Francis deSouza said the Threat Center recorded an increase of more than 2,700 percent in IM threats, including viruses, worms, SPIM (spam over IM) and phishing attacks, for the second quarter of this year, compared with the same period a year ago. In addition, deSouza said IM presents a particularly dangerous medium for security threats.

"IM protocols were designed to be real-time, and anything malicious on those transports is instant as well," he said. "Plus, when you get a pop-up message, youre often distracted, and youre more likely to click on a URL in IM than in e-mail."

/zimages/1/28571.gifClick here to read about IMLogics free IM and P2P blocker.

The RTTPS tool, offered as a plug-in for IM Manager, uses predictive analytics, network anomaly detection and known-threat profiles to identify and block potential IM attacks.

IM Manager customer Getty Images Inc. plans to test out the new tool, said Margaret McDonald, information security manager at the Seattle company.

"I was pretty excited to hear about their new approach, which is similar to the intrusion prevention model; [that is,] it looks at traffic patterns and what your normal activity is like and also correlates with information at the Threat Center," McDonald said. "Based on current threat levels combined with any unusual activity or traffic patterns, messages may be automatically quarantined or URLs blocked."

"With the dashboard, you can get a visual of when the last update was applied as well as a messages scanned report detailing the number of users, total messages and risky messages that were blocked," McDonald said.

/zimages/1/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.