Trend Micro has released the latest version of an antivirus and
security suite for Internet gateways.
The software incorporates a new kind of policy-based screen for
e-mail suspected of harbouring viruses. The upgraded version of the
product is also able to screen incoming and outgoing e-mail in
companies for inappropriate content unrelated to work, and blocking
mass-mailing viruses at the gateway between internal networks and
the Internet.
The InterScan Messaging Security Suite for SMTP Version 5.0 can be
downloaded from Trend Micro's Web site. It costs $6,469 (£4,516)
for a 250-seat licence and will be available through resellers in
December.
The suite is designed to retrieve instructions automatically from
Trend Micro's servers to block e-mail matching the general
characteristics of known virus carriers. Trend Micro's research
division, TrendLabs, compiles the characteristics when their
researchers discover new e-mail viruses. The InterScan suite can
then automatically update these policy-based e-mail restrictions
when the software checks in with Trend Micro's servers.
Antivirus software usually requires specific descriptions of a
virus to block it. But virus writers have begun to build viruses
that mutate, attack through unusual channels or are otherwise hard
to describe for antivirus software. Policy-based defences are a
stopgap measure that tries to buy researchers the extra time until
they build the perfect cure.
Policy-based security software blocks e-mail with certain
characteristics, such as a header with certain words or an
attachment with a particular name, without digging into the code to
specifically identify what it will do. But if the filtering policy
is designed too broadly, legitimate e-mail may also be
unintentionally blocked because it looks similar to virus-infected
e-mail.
Trend Micro plans to work with early adopters of the policy-based
security update service to define what kinds of policy
modifications are appropriate and to structure policy updates to
meet those standards. Customers can evaluate the service on a trial
basis at no cost.
The company sees broader uses in the workplace for policy-based
screening. The policy-based content security feature allows
administrators to set parameters for filtering malicious content -
but leaves the definition of "malicious" up to the administrator.
The filter can screen for any forbidden content in the message
header, subject, body, or e-mail attachments.
Certain kinds of company information can be automatically blocked
at the Internet gateway, as can e-mail with content inappropriate
for the workplace, such as jokes, profanity or sexual material.
Policies can be customised for specific departments, organisations
or individuals.
As a defence against virus-infected e-mail, the security suite can
also delete e-mail with mass-mailing viruses at the Internet
gateway before it enters an internal network of computers, rather
than the e-mail being blocked or deleted by a receiving computer's
antivirus software.