|
By Nancy Cox
E-mail is the preferred way to move files between many users, yet we aren't adequately protecting against viruses. You can't just train users not to run executables. New threats like Macro viruses can make simply opening a document a risk. You need to protect yourself both centrally and at the client level.
Dr Solomon's Anti-Virus for Microsoft Exchange (DSAVE) 1.0 provides so much more than just a dead bolt for your Exchange messaging system. DSAVE offers logging, alerting and reporting for infected files. The product detects more than 15,000 known viruses using Advanced Heuristic Analysis (AHA) and Advanced Macro Heuristic Analysis (AMHA), generating fewer false alarms and de
tecting new viruses in files and executables. By positioning itself on both the server and the client sides, DSAVE automatically scans messages and attachments as they are received or sent.
I tested a beta version of DSAVE 1.0 in Network Computing's central Florida lab and installed it on a Microsoft Windows NT 4.0 Service Pack 3 server running Exchange Server 5.0. I used the Microsoft Outlook client to send and receive infected messages.
The server-side component is installed as an administrator DLL (Dynamic Link Library) in the Exchange Server Add-ins directory, and it is configured and centrally managed from the Exchange Administrator's Console. You can run the Mail Scanner client against Microsoft Mail Client 5.0, Exchange 4.0 or Outlook (all releases).
Locking Out the Vermin
DSAVE caught all the viruses I attached to messages, but only quarantined them in the infected folder. The system never deleted or disinfected any virus files, delivering them to the recipients with the viruses inta
ct. I was also disappointed to find that DSAVE did not catch several virus files that I had compressed into a .ZIP file, delivering the file as a normal message. In the lab, I determined that the installation and configuration process needed to be more thoroughly integrated with both NT and Exchange.
Dr Solomon's software provides a single configuration point and offers several options, including on access, on demand, and on-the-fly mail scanning, logging and notification.
On-access scanning lets DSAVE inspect either all public folders or selected ones as files are added, modified, copied or replicated. On-demand scanning lets you examine all messages and folders or select particular ones with similar treatment options. When I selected specific mailboxes for scanning, DSAVE accessed the Exchange Address Book from which I could easily select mailboxes. On-demand scanning can take place either at will or on a scheduled basis. Mail scanning applies only to all mailboxes and offers the same treatment option
s.
On the client side, Dr Solomon's Mail Box Scanner lets the e-mail user scan messages in a variety of ways, such as upon start-up, once a day, every two weeks or monthly.
If you don't want to install the client, you can just install the server-side components to check all messages going through the system. You can rely on a traditional desktop antivirus package to watch for local machine activity, such as executables or Macro viruses.
Nancy Cox can be reached at ncox@nwc.com.
|
REPORTS
ANALYTICS
Follow 
