Learning from Melissa and Worm.ExploreZip, Trend Micro and Network Associates Inc (NAI) are both producing antivirus applications for use with Microsoft Exchange in order to prevent viruses from entering networks.
"The last couple of particularly nasty virus outbreaks we've seen have been spread through e-mail," said Eric Hemmendinger, an analyst at the Aberdeen Group. "If you really want to head one of these suckers off at the pass, you don't want to be thinking in terms of catching it at the desktop."
Trend Micro's ScanMail for Microsoft Exchange, Version 3.0, now provides not only antivirus capabilities, but also e-mail content filtering and spam blocking through its eManager plug-in. ScanMail also supports clustering and provides a file-blocking feature for emergency virus-alert situations.
"That's one thing we learned from Melissa and her sisters," said Dan Schrader, vice president of technology at Trend Micro, referring to ScanMail's ability to deny all attachments during fast-spreading infestations.
ScanMail Version 3.0 also includes a Microsoft Outlook Administrator Interface to provide single-console management from a Windows NT desktop or Exchange server, online support, and an Active Update system to update and install new scan engines, pattern files, and program files.
NAI will introduce GroupShield for Exchange Version 4.0.3 at this week's Microsoft Fusion 99 conference in San Francisco. The product now has a native Exchange interface, and ViruLogic, a new heuristics engine that scans for likely virus behaviour, as well as for traits that viruses do not have.
"It analyses different types of files [and] . . . what specific things are in that file," said Sal Viveros, group marketing manager at NAI. "We run [that data] against negative heuristics for things we know viruses don't do. This helps reduce false alarms or false positives."
GroupShield also includes VirusLock, which provides the capability to scan outgoing e-mail. Although VirusLock's use will slow networks, it will ensure that viruses are not accidentally forwarded outside a network, Viveros said.
The products are the result of the spate of e-mail-based viruses and their targeting of Microsoft products, Trend Micro's Schrader said.
"Exchange environments are particularly targeted with the virus threat, so we want to protect those environments," he said.
However, the need to protect mail systems against future attacks goes beyond Exchange, according to Hemmendinger, who added that a security threat can affect other mail servers as well.