Detecting and Eliminating Computer Viruses at the Gateway
Traditional anti-virus software only stops known computer viruses – stopping undefined computer viruses requires a different approach.
In the past, network administrators scrambled to apply new virus signatures whenever new computer viruses were discovered. While these signatures will stop a known threat, it takes time for anti-virus vendors to develop them. Unfortunately, the newest and most damaging viruses are able to spread so quickly that the damage is done before a signature can be developed and distributed.
In fact, the independent testing laboratory AV-test.org found the response times for major anti-virus software publishers to range from just under 7 hours to almost 30 hours , with the four leading vendors (Sophos, McAfee, Symantec and Trend Micro) clocking in at no less than 12 hours.
In January 2004, the computer virus known as “MyDoom” created mass disruption to corporate resources and reputations as it quickly spread through e-mail networks worldwide. At its peak, MyDoom infected one in every five e-mails transmitted over the Internet. The worm broke records set by previous malware, such as Sobig.F, to become the fastest-spreading virus ever. This incredible propagation speed left many networks vulnerable - despite the presence of anti-virus software - because of the lag time between when the virus outbreak began, and when a virus definition became available.
As a result of recent malware threats, corporations and organizations have learned a painful but important lesson: simply deploying a signature-based solution is no longer enough. Detecting and eliminating computer viruses requires a multi-faceted, rapid-response approach that traditional anti-virus protection cannot provide. Even a single unprotected computer on an enterprise network can bring down the entire system in just minutes, rendering even the most expensive and up-to-date software useless.
Why E-Mail is Particularly Susceptible
In many organizations, e-mail has replaced the telephone as the most useful business tool available. Unfortunately, e-mail has also been a victim of its own success and presents a unique threat to the enterprise network as a whole.
Detecting and eliminating threats has traditionally been the combined responsibility of firewalls, virus scanners, and intrusion detection systems (IDS) set up by enterprises to defend against attacks. Firewalls prevent unauthorized programs from accessing the network, virus scanners scan each PC in the network for malicious code, and gateway servers lock down extraneous ports to protect against unauthorized access.
But key Internet-facing applications, including e-mail are unguarded by firewalls. In order to function, e-mail must expose firewall ports, including port 25, the port used by SMTP (Simple Mail Transfer Protocol) and port 110, the port used by POP (Post Office Protocol).
When a firewall receives a connection on port 25, it generally assumes that the transmission is e-mail and allows it to flow through to the e-mail server. The transmission may very well be a valid e-mail; however, it could also be a virus, spam or something much worse. Firewalls are not able to distinguish between “good” mail and “bad” mail and therefore they are unable ot protect the e-mail application.
Stop E-Mail Threats at the Gateway
Therefore, some sort of protection is needed specifically for e-mail and, since the best place to stop a threat is before it gets inside the network, the protection should be at the e-mail gateway. Protecting the e-mail gateway requires a coordinated effort to combat a host of issues, including spam, viruses, corporate policy infringements, directory harvest attacks, denial of service attacks, phishing, spoofing, and snooping. As e-mail threats evolve, the distinction between each of these types of threats becomes blurred.
Furthermore, accuracy in identifying “bad” e-mails is crucial. Extreme care must be taken to avoid filtering out legitimate e-mails (false positives), which could contain important information from customers or partners.
Historically, enterprises have turned to multiple vendors to solve their e-mail security issues. They have relied on anti-virus vendors to protect them from viruses. They use a separate anti-spam vendor to help cut back on the spam. Then, there are the issues of content filtering, policy enforcement, encryption, and network security. Unfortunatley, attackers are now highly adept at exploiting these non-integrated solutions. This “Swiss cheese” defense has not only been costly, but increasingly ineffective at protecting corporate email systems.
Computer Virus Risks
Recent attacks from various types of computer viruses and worms have had profound effects on computer systems around the world. Enterprises have been brought to their knees and forced to spend billions of dollars cleaning up the mess and rebuilding their infrastructures. While the increased IT costs are clear, there are other risks corporations face with regard to e-mail borne viruses.
System Downtime
E-mail has evolved to be the primary communication tool for most organizations and the loss of e-mail due to attack can severely affect enterprise operations. Beyond the immediate expenses involved in restoring the network, an attack on your enterprise e-mail system can also result in lost hours and days for employees who have come to rely on it to accomplish their daily tasks.
Resource Depletion
The costs of cleaning up after an attack are significant. IT teams are forced to spend considerable time and money repairing virus damage. The damage, however, is rarely contained to network servers. Once inside the network, viruses can quickly infect large numbers of relatively exposed client machines - all of which must be individually cleaned, patched and repaired.
Administration
In the past, when a new vulnerability was discovered, network administrators scrambled to apply security patches from the makers of their anti-virus software and manually reviewed quarantine lists for virus-infected messages. Software manufacturers release patches so frequently that network administrators cannot reasonably be expected to keep up with them all. As stated by Gartner Research, “Enterprises will never be able to patch quickly enough. After all, attackers have nothing else to do.” The staggering damage caused by recent computer viruses and malware attacks is clear evidence that manual intervention to institute emergency measures or review quarantined messages is rarely effective against rapidly propagating threats.
Compliance and Liability
Recent Federal regulations such as the Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA) and Sarbanes-Oxley Act (SoX), require enterprises to protect data residing in mail servers and other internal systems. Security breaches violate these regulations, exposing sensitive data and opening the door to serious sanctions and costly litigation.
Credibility
Falling victim to a virus attack can also result in lost trust from business partners and customers. According to Gartner, “Enterprises that spread viruses, worms, spam and denial-of-service attacks will find not only that malicious software can hinder their profitability, but also that other businesses will disconnect from them if they are considered to be risky.” While an attack may not be your fault, it is most certainly your problem.
The Solution
Although signature-based anti-virus systems are inadequate to preventing virus attacks in the first few hours or days of an outbreak, it is possible to identify outbreaks before they infiltrate your organization’s network and become a problem. In fact, doing so successfully requires tight integration of several different technologies designed to analyze mail based on many different characteristics. One of the most innovative and important technologies for meeting these threats is known as Anomaly Detection.
Large-scale virus outbreaks create anomalies in mail flow which are identifiable by the message content, source, volume, attachment or any of a number of other indicators. When a particular message appears to be a part of a sudden surge of anomalous messages moving across the internet, the message can be quarantined until virus definitions can be developed to address the new threat.
Anomaly Detection
CipherTrust’s IronMail utilizes a unique Anomaly Detection Engine (ADE), which dynamically identifies and responds to abnormal behavior in mail flow. By monitoring “normal” e-mail traffic rates across the Internet, the ADE allows IronMail to identify spikes in traffic that are often the first signal of a malicious attack. Once these spikes are recognized, IronMail units take appropriate action to prevent infiltration of the network.
About the Author
CipherTrust is the leader in anti-spam and email security. Learn more by downloading our free whitepaper, “Next Generation Virus Protection: An Overview of IronMail Zero Day Virus Protection” or by visiting http://www.ciphertrust.com>www.ciphertrust.com.
Written by: CipherTrust
NAVIGATION
10 Easy Steps to Speed Up Your Computer Without Upgrading
10 Power Tips for Presentations with Computer Projection
10 PROVEN TIPS TO SURVIVE A COMPUTER CRASH
10 Secrets To A Healthy Computer And A Happier You
10 Tips on Computer Clutter Clean Up
14 Household Ways To Protect Your Computer From Viruses
3 Simple Ways To Save A Bunch Of Money When Buying A New Computer
3 Summer Computer Tips
30 Secrets Of A Good Computer Lesson
4 Computer Money saving Tips
5 Critical Steps to Protecting Your Computer on the Internet
5 Simple Ways To Increase Your Computer Speed
5 Stress Reducing Computer Tips
5 Sure Fire Tips for Buying a New Computer
5 Tips For Buying The Right Laptop Computer
5 Tips to Color Code Your Way from Computer Chaos to Coherence
5 Ways To Make Night And Weekend Computer Life Rich
5th generation Computers Corporate infrastructure
6 Essential Steps to Protect Your Computer On the Internet For Free
6 tips for Keeping Aurora Away from your computer and 1 tip to Fix it if Aurora has Gotten You
7 Barebones Computer Buying Tips
A Guide to Computer Desks
A Hacker Inside Your Computer
A Look at Computer Desks for Children
Advancement in Computer Technology
Adware Are Your Business s Computers Secure
All About Computer Viruses
An eBay Computer Purchase
Are cyber criminals phishing your identity from your computer
Are You At The Mercy Of Computer Geeks
Are You Being Mislead By Your Current Computer Dealer
Are You Making Any Money With Your Computer Yet
Are You Saving Money With a Computer Support Plan
Avoiding Spam Scams and Computer Viruses
Back that Thang UP Insure the Data on Your Computer
Basic Computer Thermodynamics
Be Prepared in the Event Computer Disaster Strikes
Beat The Bugs Helpful Links That May Help You Combat Annoying Computer Viruses
Becoming a Computer Trainer
Beeps Your computer is telling you something
Broadcasting Mp3 Audio Via Computer The Looney Tune World Of Podcasting
Build your first computer from hardware scratches
Build Your Own Computer
Build Your Own Computer or Buy
Build Your Own Computer What to Look for in a Case
Buy a home through your home computer
Buying a computer Ask these 3 questions
Buying a Used Laptop Computer
Buying computers at a discount with peace of mind
Buying DDR memory for your computer
Buying Guide for Laptops Personal Computers Notebooks
Buying the Perfect Computer The FIRST Time
Career Track Computer Programmer
Career Track Computer Software Engineers
Choosing a Laptop Computer Based on Hardware and Software Needs
Classification of Computers
Combat Computer Spyware An AntiSpyware Program Isn t Enough
Computer Aided Design Contracting Tax Concerns In The UK
COMPUTER BACKUPS
Computer Business Opportunity Provide Huge Profit Potential
Computer Buying Advice For Novices
Computer Career
Computer Case Modding
Computer Cases The Basics
Computer Certification Anticipation vs Nervousness
Computer Certification Become A Utility Player
Computer Cleaning
Computer Cleaning May Be The Best Home Based Part time or Full time Business
Computer Components for Idiots
Computer Consulting 101 Hiring Tips Part 1 of 2
Computer Consulting Profit Secrets
Computer Controlled LED Signs
COMPUTER COURTESY
Computer Data Backup Data Backup Solution Will Give You A Peace Of Mind
Computer Data Backups Test Now or Cry Later
Computer Data Recovery Options
Computer Disposal Throwing Away Your Computer Money and Idenity
Computer Do s and Don ts
Computer Equipment Disposals and Recycling
Computer Geeks and Garden Gnomes
Computer Graphics They re Not All The Same
Computer Hacks Quacks Looking for Cracks
Computer Hardware Preventive Maintenance Software
Computer Help Desk Stupid Questions brought to you by Computer Service Now CSN
Computer Homeschooling the added advantage in african american children s education Part 1
Computer Hygiene Take Out The Trash
Computer In The Shop What Do You Do Now
Computer Insurance
Computer Loans An opportunity to have a computer of your own
Computer Loans Become Techno Savvy the Easier Way
Computer Maintenance and Improving PC Performance
Computer Monitor Buying Guide
Computer Network Designing
Computer Network Installation
Computer Profits From Home What s Right for You
Computer Rental Worth Your Money
Computer Rentals The Best Classroom Computer Training Solution
Computer Running Slow Here s One Reason
Computer Security What Exactly Is It
Computer software Excellent prices
Computer Software Genres That Help Students Think
Computer SOS Inc Release of Upgraded League Management Software Package
Computer Support London Network Support London Network Installation London
Computer Tips that Help Small Businesses Operate Profitably
Computer Traumas
COMPUTER VIRUS THREATENS MY HOME BUSINESS
Computer Virus Writer s A Few Bats In The Belfry
Computer Viruses are Bad Luck
Computer Viruses Worms and Hoaxes
Computers and Internet Inspiring Us to Create
Computers and Web Cams are Taking Communication to Levels Only Imagined in Sci Fi Novels
Computers Are Not Scary
Computers are Running My Life
Computers Freedom and Privacy
Computers Introverts and the Information Age
Computers You CAN Master Any Program
Coping with a Serious Data Loss from your Computer Hard Drive
Corporate infrastructure for Fifth generation Computers
Corporate Promotional Gifts The Fridge Magnet Is Dead Long Live the Computer Desktop
Countering the Spread of Spyware on your Computer
D BUST Your Computer Part 1 Instructions for Microsoft Users
D BUST Your Computer Part 2 for Microsoft users
D BUST Your Computer Part 3 for Microsoft users
D BUST Your Computer Part 4 a for Microsoft users
D BUST Your Computer Part 4 b
D BUST Your Computer Part 4 c
D BUST Your Computer Part 4 d
D BUST Your Computer Part 5
Definitions for Computer Modding and Form Factor
Dell Computer Corporation Recall of Latitude Inspiron Laptop AC Adapters
Did You Ever Want to Completely Erase Everything on Your Computer
Different Categories of Computer Games
Dirty Little Computer Viruses and How To Protect Yourself
Distance Learning and Elearning for Computer Techs
Do The Media Spread Computer Viruses
Do You Feel Used by Computers
Do You Know How To Remove Spyware From Your Computer
Do you know who is snooping around your computer right now
Do you need computer training
Dual core computer processors luxury or necessity
Dusting Your Computer Keeping it Cool
Expansion Slots Cards and Bays Choosing the right computer case
Extending the Life of Your Business or Personal Computer Printer
Finally An Understandable Introduction To Computers
Five Simple Steps to Speed up Your Computer
Focus On White Collar Crime Accounting Fraud and Computer Crimes Creates Need For Qualified Investigators
Gaming Computers and Computer Modding
Get Ahead When You Build Your Own Computer
Get Started in Computer Game Creation
Get Valuable Computer Based Training Online FREE
Getting Started In Information Technology Computer Consulting
Good News Bad News of Computer Security from a Keen Non Techie
Guide on How to Land Computer Jobs
Hackers Given Access to IRS Computers
Hardware for Computer Desks
Have You Invited A Spy Into Your Computer
Healthy Webmasters Choose Ergonomic Computer Products
Heliodisplay Computer Video With No Screen
Help Keep the Computers on Earth Clean and Healthy
Help Keep The Computers On Earth Clean And Healthy Protect Your Techno Friends From Viruses And Sickness
Help My Computer s Being Invaded
Help There s an Intruder in my Computer
Hidden information is stored on your computer about every url you ever visit
Home Computer Desks A Variety of Options
Home Office Tip 2 Computer Health Hazards
How a Computer Consulting Business Can Help Your Company
How Much Money would it cost you to regain the use of your computer after a serious virus infection
How Protected are You Safeguard Your Small Business from Computer Viruses
How Safe is Your Critical Business Data on Your Computer System
How Spyware Blaster Can Protect Your Computer From Harm
How to backup your computer data
How to Backup Your Computer Files
How to Become a Computer Consultant
How To Buy The Right Computer
How to choose a new hard drive for your computer
How to choose your computer
How To Deal With Computer Problems
How to Get a FREE Computer Scale Printer from DHL
HOW TO GET THE COMPUTER YOU WANT WITHOUT SPENDING A FORTUNE
How to Have Your Computer Cake and Keep Your Family Too
How To Keep Your Computer Virus Free
How To Optimize Your Online Time Through Efficient Computer Use
How to Prevent Computer Security Risk and How to Keep Your Small Business Safe
How To Prevent Spyware Attacking Your Computer
How To Recognize If Your Computer Has A Virus Or Trojan On It
How to reduce Computer problems
How to safeguard your computer
How To Save Big Bucks On A Laptop Computer
How To Stop The 1 Cause Of Computer Slow Downs And Crashes
How To Take Care Of Your Laptop Computer
How To Take Good Care Of Your Computer Even If You Are A Clueless Newbie
How To Work At Home Using Your Computer Even If You Can t Type
How Viruses and Spyware Get In to your computer
HR MANAGERS USE COMPUTER FORENSICS TO INVESTIGATE EMPLOYEE ALLEGATIONS
Hurricanes Wilma Katrina And Rita Force Businesses To Rethink Computer
I Spy Something Terribly Wrong In Your Computer
If You Had Problems in the Past with a Computer Virus Then You ll Want to Know How Easy it is to Setup Firewall Protection
Image conversion In Computers
Important Steps to Protect your Computer from Hurricanes
In Computer Memory what is CAS Latency
Is DVD Storage An Attractive Alternative For Your Computer Backup
Is Spyware Slowing Your Computer Down To A Crawl
Is your Computer a friend or a Dirty Name
Is your Computer Infected with Spyware
Is Your Computer Sick
Is Your Computer Slow and Sluggish Take These Steps To Speed It Up
Is Your Computer Strong Enough For A work From Home Internet Business
Jobs Online How To Get Your Computer to Work For YOU
Keep A Diary Of Your Computer
Keep Computer Training Simple Please
Keeping your Computer Spyware Free for Free
Laptop Computer Extras for the Mobile Traveler
Laptop Computers and the PVP Effect
LCD Touch Screen Computer Monitor
Learn How To Hide Files and Folders On Your Computer
Learning Math and Dosage Calculations Using a Computer Program
Local Company gains Four Nominations in Computer Trade Oscars
Make a place for computers in children s world
make alot of mney using ur computer
Make your computer read selected text from any application with a single keystroke
Make Your Fortune in Computer Services
Make your own Computer Software without Programming
MCSE CCNA How To Choose A Computer Certification
More Computer Consulting 101 Hiring Tips Part 2 of 2
My Computer is Making a Strange Noise
My dad listens to music all day on his computer
Newbie Of course you can make money working from home on your computer
No Computer Sound
Notebook or Desktop Computer Which Should You Choose
One Way to Solve Memory Problems with your Computer
Optimize Your Computer For Peak Performance
Organization Tips How to Organise Your Computer Files
Organizing Your Desktop Computer Desktop That Is
Paranoia or Are Public Internet Computers Dangerous
Performance Computer Chips For Cars And Trucks
physical topology of a network refers to the configuration of cables computers
Preventing Malicious Spyware or Adware from Hijacking Your Computer
Protect and Secure Your Computer Life
Protect Your Computer
Protect your Computer and Internet Privacy
Protect Your Computer and Your Business
Protect Your Computer And Your Personal Information From Spyware
Protect Your Computer System With A Comprehensive Security Policy
Protecting Your Computer from Adware and Spyware
Quick Guide to Computer Training
Rackmount Computer Keyboards
Rackmount Computer Monitors Provide Dependability
Read Chinese Online How To Configure Your Computer To Display Chinese Characters
Real Estate Records In The Computer Age
Refurbished Computers on the Internet
Reinstall Windows XP On Your Computer
Removing Bargain Buddy Adware from your Computer
Reviving Old Computer Games
Secrets to SpyProofing Your Computer In Four Easy Steps
Secure Your Data Windows Data Backup Computer Software
Securing your Computer to Keep Up with Internet Threats
Security necessities to prevent your computer from Spyware
See How To Revive A Dead Computer
Setting up Your New Computer How To Move Your Old Files to Your New Computer
Should You Buy A Cheap Computer Desk
Some Computer Forensics Basics
Speed Up Your Computer Inner cleansing tips for your pc
Spyware Protection A Must for Any Home Computer
Starting A Home Computer Business Is Still Smart
Success at Work Techniques Computer Literacy
Survival Without Computers
Ten Great Careers For Computer Geeks
The ABCs Of Computer Memory
The Benifits of Assembling Your Own Computer
The Charm of an Oak Computer Desk
The Complete Guide To Spotting Computer Spies Recording Devices
The Computer Friendly Resume
The computer virus that could take advantage of you
The Cost of Spyware on your Computer
The Evolution of Technology The History of Computers
The Flexibility of Roll Top Computer Desks
The Future Of Computer Certification Exams
The Great Underutilized Computer
The Hidden Benefit Of Computer Certifications
The History Of Laptop Computers
The Need for Rackmount Computer Cases
The Newbie s Guide to Personal Computer Maintenance
The Secret Computer Virus That is Virtually Undetectable
The Single Least Expensive Yet Most Valuable Way to Upgrade Your Computer s Performance
The Top Twelve Threats No Computer User Should Ignore by Kai Chandler
The Trials and Tribulations of A Confused Computer
The Trials and Tribulations Of Learning A New Computer Skill
Thinking about earning your computer degree online
Three Things You Can Do to Keep Your Computer Running at Maximum Performance
Tips for Buying a First Computer
Tips For Finding Great Deals On Computer Accessories Supplies
Tips For the Late Blooming Computer User
Top 10 things everyone must know about computer viruses
Top 10 Ways to Protect Yourself from Computer Viruses
Transfer The Digital Camera Images To Your Computer
Twelve Things You Should Know to Save on Computer Software
Twelve Threats No Computer User Should Ignore
Types of computer infections
Ultimate Checklist On How To Revive A Dead Computer
Understanding Computer Memory
Understanding the Software Layers of a Computer
Unleash The Dragon Inside Your Computer
Update your computer system with bad credit computer financing
Use Internet Resources To Get Rid Of Computer Viruses
Use Your Computer For Your Entertainment Needs
User Friendliness Do Computers Have to be Clinical and Boring
WARNING Do not buy a computer until you read this
Watch Out For eBay Automobile And Computer Scams
Watch out for spyware programs that slow down your computer system
Watch Out For Spyware Programs That Slows Down Your Computer System
What are Rackmount Computers
What is a Protocol the communications between computers on a network
What Is Computer Programming Anyway
WHAT IS SPYWARE AND HOW DO I REMOVE IT FROM MY COMPUTER
What Paper or Computer Files Should You Keep
What s in a Computer Name
What to look for in a Computer Classroom Rental
When to rent a laptop computer
Which Notebook Computer Has Your Name On It
Who s Peering Into Your Computer
Why Build Your Own Gaming Computer
WHY CONSULTANTS DON T TELL ABOUT COMPUTER SECURITY
Why Do I Need Anti Virus Software For My Computer
Why More Women Should Consider a Career in Computer Programming
Wireless The new trend in Computer Rentals and Projector Rentals
Work A Home Computer Jobs Are Plentiful
Work At Home Computer Jobs Can Give You Freedom
Work From Home Using Computer
You Can Stop Computer Viruses
You Voice On Your Own Computer
Your Affiliate Business Peripherals Software Computers
Your Computer Can t Keep Time
Your Computer May Be Infected Here s how to check
Your Computer May Be Infected Here s How To Check NOT about virus
YOUR PRIVACY EXPOSED Computer Forensics International uncovers secrets about recycled hard drives
Zen and the Art of Buying Computer Parts
|