The Incorruptible External Guard Against Virus
The threat from viruses is growing from year to year. As Internet traffic increases there is faster multiplication of viruses that can cause more damage. ICSA Labs conducted a survey on 300 medium-large organizations and found that 37% of them suffered a recovery cost of over 500,000 pounds after a virus disaster struck them in 2004.
As the virus attacks expand most of them infect through websites and web mail on Internet protocols such as HTTP and e-mails' SMTP. The present days' virus threats comprise of the entire gamut of malware: viruses, worms, Trojan horses, spyware, and other malicious software.
Traditionally, protection against virus was by installing anti-virus software on the host computer, also called 'host-based anti-virus'. As long as new viruses got detected, this measure was adequate because companies could provide updated software that could be manually or automatically installed to combat the new threats.
However, in the past few years, the efficiency of this method began to decline since new and more advanced category of viruses began to attack immune host systems. These new viruses seek to disable installed anti-virus and firewall products or prevent any host-based protection from functioning.
'Host-based anti-virus software' can still prevent attacks that arise from within a private network such as from floppy disks or CDs. But a firewall when scans the web traffic closes the 'vulnerability window' and also blocks threats coming with e-mail traffic, thus maintaining optimum security and letting the required time for internal hosts to update their latest anti-virus application.
More dangerous threats have evolved now. Virus writers are slightly changing the older viruses thus making their variants, which spread a new breed of threats in the form of rootkits. rootkits hide themselves on desktops, databases and other files making stealthy attacks.
In addition to installing a 'host-based anti-virus', another layer of protection may be applied through a 'Gateway Anti-Virus' (GAV) appliance. Although all GAV are not of equal effectiveness but this additional protection is most un-hindering while working against present and emerging viruses. The 'Gateway Antivirus' appliance is an incorruptible external guard and perhaps the best ally in the war against viruses.
Related article: THE SPAM MAFIA
» SPAMfighter News - 01-09-2006