Proofpoint will announce on Tuesday an upgrade to its e-mail security platform that includes a new anti-virus module and enhancements to its anti-spam filtering techniques.
The company’s Zero-Hour Anti-Virus module, slated for release in the fourth quarter, aims to protect organizations from malicious code during that crucial period after a virus has been released but before signatures are available, says Andres Kohn, Proofpoint’s director of products.
“Anti-virus products do a great job once the virus is known and signatures are created, but still there could be a few hours before they are recognized, so that’s the zero-hour window of a virus,” Kohn says. “This solution provides a second level of protection that helps organizations protect against a potential virus.”
On the back end, the module filters incoming e-mail for clues of virus outbreaks, such as a spike of identical e-mails sent with attachments, Kohn says. Suspicious messages are quarantined at the organization’s gateway until anti-virus companies release signatures to identify and block them. Organizations can preset policies to determine what actions should be taken next, such as automatically scanning or deleting the suspect messages.
Leveraging its pattern detection technology, Proofpoint says the new module is at least 95% effective in catching viruses before they enter an organization.
One system administrator who already uses Proofpoint’s anti-spam offering is eager to test the new module. “I would hope that it provides the same level of effectiveness against viruses that [Proofpoint’s software] does against spam,” says Hao Sam, system administrator with Array Networks, makers of VPN security appliances that has about 130 e-mail users. “Any product that keeps me from having to spend time with spam or viruses” would be beneficial, he adds.
Proofpoint isn’t the first company to use a filtering approach to detecting virus-laden messages in an organization’s incoming e-mail stream. E-mail security appliance maker IronPort, for example, launched a similar product last year. Proofpoint maintains its Zero-Hour Anti-Virus approach is effective because it can more accurately pinpoint incoming messages that are part of an emerging virus outbreak, and therefore won’t unnecessarily quarantine uninfected e-mail messages.
The Zero-Hour Anti-Virus module is priced at $30 per user per year, with discounts available for volume purchases. The module works in conjunction with the F-Secure and McAfee anti-virus software that Proofpoint licenses and is an optional component of Proofpoint’s Protection Server gateway software and Messaging Security Gateway appliance.
Proofpoint on Tuesday will also announce enhancements to its anti-spam MLX technology, a machine-learning system that classifies and analyzes content. New features include associating scores with senders’ reputations to identify those that often send unwanted messages. Connections coming from suspect senders can be throttled or blocked, Kahn says.
Another new feature in MLX is the ability to discern word obfuscations, or intentional misspellings, from unintended ones, allowing the software to block spam selling Viagra with the product name spelled V-I-agra, for example. The upgrade can also block messages that contain images with text embedded or attached, which often trick filters that scan only the text of an e-mail, Kohn says.
These updates to MLX are available now to existing customers of Proofpoint’s Spam Detection module -- which runs on Proofpoint’s Protection Server gateway software or Messaging Security Gateway appliance -- that subscribe to the related update service. For new customers, the Spam Detection module costs between $3 and $40 per user per year, depending on the number of users.