Isolating E-Mail Helps To Find MalwareIsolating E-Mail Helps To Find Malware

Viruses and worms, once they gain entry, can spread throughout a business network and infect systems in mere minutes. That's much faster than the arrival of patches and fixes from even the best vendors. As a result, company data is threatened every time a new virus or worm starts making the rounds.

Avinti Inc. takes a different approach to fighting off worms and viruses spread by E-mail. The company's software isolates and analyses all E-mail on a separate server before releasing it onto the regular corporate network. A new version of its iSolation Server software, available next week, sets up a mirror network to process all E-mail messages. The software looks for all of the usual threats -- viruses, worms, Trojans -- and also checks to make sure that the mail contains normal content and is addressed to a real person in the company. It can do all of that in a few seconds, Avinti says.

The enhanced software also offers better reporting capabilities and much higher scalability. The reporting function includes an SMTP traffic monitor that profiles traffic, including overall volume and categories of attachments such as .exe files, .zip files, and .bat files. And the software can handle up to 10,000 mail boxes and multiple servers. The vendor recommends customers run iSolation Server software on a Windows Server 2003 system. The software costs around $12.50 per mail box.

Avinti is taking a new approach by emulating a network and isolating a virus before it gets onto the regular network, says David Ferris, founder of IT-messaging research firm Ferris Research. The time it takes for security companies and other tech vendors to come up with a patch or fix for a new security vulnerability means business networks are at risk every time a new threat hits the Internet. "The four-to-eight hour lag time was OK when viruses spread via diskettes," Ferris says. "But now a virus is replicated and could infect millions of machines within a half hour."