Subscribe to the Free Print Edition!
Celebrating 25 Years

GCN Home > 04/04/05 issue

Security appliances keep mail stream clean

By John Breeden II, GCN Staff

The one surefire way to protect your network, at least from insidious outsiders, is to simply unplug your router. But because most federal network protectors need connectivity to the outside world, they have instead relied on a centuries-old method of keeping things safe: They put them behind walls.

In the network world, this means having a sturdy firewall to prevent denial-of-service attacks, network intrusions and general hackers. Firewalls worked fine for years, but now hackers have learned to exploit holes that exist in the firewall to let in valid traffic. And a gateway through any wall is going to be its weakest point.

Software-based antivirus and anti-spam tools can help, but they allow hostile messages to get a certain distance into your network—sometimes all the way to a client system—before challenging and stopping them. Plus, you have to make sure every single client is up to date.

Even using push technology and distributed computing, it’s a chore overworked network administrators can live without. And forgetting to update just once, or even overlooking a single program-capable network device, can spell disaster.

This explains the recent popularity of network appliances designed to manage and protect the mail stream, one of the biggest gateways for malware. Appliances act as sleepless guards, scanning everything that comes into the network across mail and other often-used ports. They either act as the firewall themselves or sit directly behind the firewall. This way, malicious programs are stopped at the very edge of your domain before they can get a foot in the door. Only clean mail gets into your actual mail server for distribution within the network.

Another advantage is that, in addition to buying the hardware, you are also purchasing a service. The device will reach back to its home network and update itself with the latest virus and spam profiles. Once you get the system configured, you no longer need to bother with it. Your network and all your users remain protected without further intervention.

More news on related topics: Hardware, IT Security, New Products / Technology, Product Reviews



GCN Popup