Trend Micro unveils virus cure and e-mail filter

Trend Micro has released the latest version of an antivirus and security suite for Internet gateways.

Trend Micro has released the latest version of an antivirus and security suite for Internet gateways.

The software incorporates a new kind of policy-based screen for e-mail suspected of harbouring viruses. The upgraded version of the product is also able to screen incoming and outgoing e-mail in companies for inappropriate content unrelated to work, and blocking mass-mailing viruses at the gateway between internal networks and the Internet.

The InterScan Messaging Security Suite for SMTP Version 5.0 can be downloaded from Trend Micro's Web site. It costs $6,469 (£4,516) for a 250-seat licence and will be available through resellers in December.

The suite is designed to retrieve instructions automatically from Trend Micro's servers to block e-mail matching the general characteristics of known virus carriers. Trend Micro's research division, TrendLabs, compiles the characteristics when their researchers discover new e-mail viruses. The InterScan suite can then automatically update these policy-based e-mail restrictions when the software checks in with Trend Micro's servers.

Antivirus software usually requires specific descriptions of a virus to block it. But virus writers have begun to build viruses that mutate, attack through unusual channels or are otherwise hard to describe for antivirus software. Policy-based defences are a stopgap measure that tries to buy researchers the extra time until they build the perfect cure.

Policy-based security software blocks e-mail with certain characteristics, such as a header with certain words or an attachment with a particular name, without digging into the code to specifically identify what it will do. But if the filtering policy is designed too broadly, legitimate e-mail may also be unintentionally blocked because it looks similar to virus-infected e-mail.

Trend Micro plans to work with early adopters of the policy-based security update service to define what kinds of policy modifications are appropriate and to structure policy updates to meet those standards. Customers can evaluate the service on a trial basis at no cost.

The company sees broader uses in the workplace for policy-based screening. The policy-based content security feature allows administrators to set parameters for filtering malicious content - but leaves the definition of "malicious" up to the administrator. The filter can screen for any forbidden content in the message header, subject, body, or e-mail attachments.

Certain kinds of company information can be automatically blocked at the Internet gateway, as can e-mail with content inappropriate for the workplace, such as jokes, profanity or sexual material. Policies can be customised for specific departments, organisations or individuals.

As a defence against virus-infected e-mail, the security suite can also delete e-mail with mass-mailing viruses at the Internet gateway before it enters an internal network of computers, rather than the e-mail being blocked or deleted by a receiving computer's antivirus software.

Read more on Antivirus, firewall and IDS products