IronPort updates e-mail security appliance

IDG News Service - E-mail security systems vendor IronPort Systems Inc. is releasing new versions of its C-Series line of e-mail security appliances, with features that make it easier for administrators to predict new virus outbreaks and manage e-mail security across corporate networks, the company said today.
IronPort's C-Series appliances now feature virus outbreak filters, which use data from IronPort's SenderBase global e-mail monitoring network to predict and defend against virus outbreaks. IronPort has also added Email Security Manager, a new administrative graphical user interface that centralizes management of antispam and antivirus services on an e-mail infrastructure, and Enterprise Management Tools that make it easier to monitor and configure multiple IronPort devices on a network, the company said.
Developed by IronPort, the virus outbreak filters use information submitted to the SenderBase network to detect and respond to new virus outbreaks. The filters, which have been used by IronPort customers in beta tests, can provide hours of warning about developing virus outbreaks by studying patterns in SenderBase, said Craig Taylor, vice president of technology at IronPort.
For example, the filters might notice a steep increase in e-mail messages with .zip file attachments that contain executable files, or e-mail file attachments with two or more file extensions. While not proof in itself of a new virus, such an increase could be the first evidence of the emergence of a new e-mail virus, Taylor said.
IronPort claims that the filters provided four hours of advance notice of the appearance of Mydoom.O, a recent version of the Mydoom e-mail worm.
With that much notice, e-mail administrators can use the C-Series appliances to identify and quarantine suspect messages until a signature is developed for the new virus. After the release of a signature, quarantined messages can be scanned to determine if they are virus-infected and then be deleted or sent on to their intended recipients, he said.
IronPort's appliances use technology from Sophos PLC for virus detection and Brightmail Inc., now part of Symantec Corp., to spot spam.
The Email Security Manager feature simplifies management of antispam, antivirus and e-mail reputations filters on the IronPort appliances by allowing network administrators to tailor e-mail policies for groups of users or even individual e-mail senders, IronPort said.
The manager tool integrates with Microsoft Corp.'s Active Directory or other LDAP directory services, allowing administrators to easily assign and distribute mail policies to users on their networks. Reporting features in Email Security Manager let administrators view e-mail traffic reports in real time or for a set period in the past.
Coupled with newmanagement features that enable IronPort appliances to communicate using a peer-to-peer-style architecture, the new features will make it easier to manage deployments of multiple IronPort appliances and ensure that no appliance is a single point of failure, the company said.