The trend to combine virus checking and content control is gaining momentum.
Following the announcement last week by Baltimore Technologies of such a link in its latest release (see Antivirus firm tackles web mail security), Auckland-based Marshal Software has introduced McAfee’s VirusScan virus checker into its MailMarshal and WebMarshal products. At the same time, Trend Micro has combined the latest version of its virus-scan and email content-checking products, previously known as Interscan Email Virus Wall and Interscan eManager, respectively.
Marshal’s products have for a long time been interoperable with various antivirus products, says director Martin Oxley. But simple interoperation was not enough to bring in the DLL-based version of VirusScan. McAfee does not make this generally available, only allowing it to be bundled tightly with an existing product, Oxley says. The older, command-line version of McAfee VirusScan is available on its own, but this is not fast enough to operate in real time — a necessity for a product that polices a network gateway. Both are 32-bit Windows, but the command-line interface means it has to be initialised every time a user wants to do a check, and load all its virus specification files in separately every time. With the DLL version, the virus-scanner can be kept in memory and just thrown new items to check without having to reload.
Marshal will provide automatic virus profile updates for Marshal/McAfee users from its own website.
Customers acquiring products from different suppliers that claim to work together are often said to be concerned about finger-pointing between suppliers when the product fails. But that is “more a marketing point of view than a real concern”, Oxley says.
Marshall will continue to support interoperability with a wide range of virus products.
The main merit of deploying Trend Micro’s two products together is that content policies for email can be used as a preliminary check for probable virus-carrying emails, says Paul Leslie, of distributor Soft Solutions.
This means the spread of an emailed virus can be recognised by the title and content of the email message and the name of the attachment before antivirus laboratories have developed a detection and fix routine for it.