Product of the Day: BitDefender Mail Protection for Small Business
Spam is a nuisance; so are viruses that shut down your network. Fraud artists have used the Internet to further their scams they have perfected on the telephone, in direct mail and newspaper ads. Successful protecting of your computer systems from these threats has concentrated in providing an initial defense at the SMTP gateway on mail servers. Secondary entry points are also monitored at the desktop through a quarantine system for users. New entry points for threats have now emerged through browsers and PDF files.
Here is a security package that offers a Linux solution for the Small Business owner you may want to look at. Softwin SRL of Bucharest Romania manufactures the BitDefender Mail Protection for Small Business security product that can protect your network for $772 for a one year license with support for 25 users. They also offer a freeware version branded as BitDefender Linux Edition that is available for free.
The product is available for all Linux platforms with glibc version 2.2.3 or newer. The packages are self-extractive shell archives for rpm- based distributions (RedHat Enterprise Linux, SuSe Linux Enterprise Server, Fedora Core, Mandrake), Debian and Debian-based distribution and and binary tars for other Linux distributions (Slackware, Gentoo, etc). BitDefender for Small Business is compiled and built with gcc 2.9x and gcc 3.x compilers.
Installation of the software seems quite simple. The BitDefender Advanced Linux Installer Script Engine (ALISE) autodetects the system configuration, pulls any necessary packages from the network, detects installed mail servers and recommends the appropriate agent(s) to be used. The agent(s) chosen are then installed automatically. This automated install process ensures an average 60 seconds deployment time with 0 mail server downtime. Also, no delving through config files is required. Remote Administration is available via your favourite ssh client (console based), a windows console or the remote web-based administration interface.
As with any new software you want to add to your system, compatibility issues must be considered. The software has been tested for compatibility with the following email servers, Sendmail, Exim , Postfix , Netscape Messenger , Lotus Domino , ICE WebMail , Imail , NTMAIL, CommuniGate PRO , AVIRT mail , InFusion Mail Server , Apache James ,602 PRO, LAN SUITE , WorkgroupMail Mail Server, DesktopServer2000 and TrueNorth Software.
SMTP Gateway Protection: BitDefender will scan all incoming and outgoing email traffic for spam, viruses and malware. All users will have embedded automatic updates of their servers for the latest detected viruses. The solution uses a technology named "Update Pushing" that actually pushes any immediate remedies into your mailserver whenever it becomes available thus reducing the vulnerability window to a minimum whenever a new virus outbreak occurs.
E-Mail Filtering Techniques:
Heuristic analysis technology: The heuristic filter performs set of tests on all the message components, (i.e. not only the header but also the message body in either HTML or text format), looking for words, phrases, links or other characteristics of spam. For better detection, BitDefender designed HiVE ( Heuristics in Virtual Environments ), a technology that observes a potential virus in a virtual environment and examines its behaviour to decide if the file is actually a virus or not.
WBL (White List / Blacklist) support: This quite simply means that the admin can set a list of trusted and untrusted addresses from which to respectively always accept or always reject mail.
URL Filter: Most of the spam messages contain links to various web locations (which contain more advertising and the possibility to buy things, usually). BitDefender has a database which contains links to these kinds of sites. Every time you perform an update new links will be added to the URL filter; this will help increase the effectiveness of your AntiSpam engine.
Quarantine Module: Infected or suspected files are isolated in a safe quarantine zone, preventing the infection from spreading. The quarantine zone can be analyzed at any time by the IT manager or it can be sent for analysis to the BitDefender Antivirus Lab. Administrators can view/download quarantined files, re-scan quarantined files or send them for analysis to BitDefender Labs.
Smart Scanning: E -mail messages with multiple recipients are filtered only once, before delivery, and not for every single recipient.
Protecting your networks also requires that you educate your users in how to prevent a virus from spreading. Here are some tips on how to do some preventative maintenance on your networks to reduce the security threats.
Don't assume anything. Make some time to learn about securing your system.
Acquire and use a reliable antivirus program. Select an antivirus that has a consistent track record. Checkmark, AV-Test.org and TuV are among the most respected independent testers of antivirus software.
Acquire and use a reliable firewall solution. Again, independent reviewers are your best bet for reasonable choices. Some operating systems come with a firewall which only filters incoming traffic. Use a firewall that can control both incoming and outgoing Internet traffic.
Do not open e-mails coming from unknown or distrusted sources. Many viruses spread via e-mail messages so please ask for a confirmation from the sender if you are in any doubt.
Do not open the attachments of messages with a suspicious or unexpected subject. If you want to open them, first save them to your hard disk and scan them with an updated antivirus program.
Delete any chain e-mails or unwanted messages. Do not forward them or reply to their senders. This kind of messages is considered spam, because it is undesired and unsolicited and it overloads the Internet traffic.
Avoid installing services and applications which are not needed in day-by-day operations in a desktop role, such as file transfer and file sharing servers, remote desktop servers and the like. Such programs are potential hazards, and should not be installed if not absolutely necessary.
Update your system and applications as often as possible. Some operating systems and applications can be set to update automatically. Make full use of this facility. Failure to patch your system often enough may leave it vulnerable to threats for which fixes already exist.
Do not copy any file if you don't know or don't trust its source. Check the source (provenance) of files you download and make sure that an antivirus program has already verified the files at their source.
Make backups of important personal files (correspondence, documents, pictures and such) on a regular basis. Store these copies on removable media such as CD or DVD. Keep your archive in a different location than the one your computer is in.