Protecting data centers from viruses

Viruses can wreak major havoc on data centers by corrupting and destroying critical files, and they can create major headaches for IT staffers whose job it is to ensure a company’s critical information is well protected and maintained.

Data center managers should care about what kind of anti-virus software their company’s messaging team has in place. There are three main points of protection:

1) The desktop. This is where companies have had anti-virus protection the longest, and it’s still an important line of defense for businesses. But desktop protection requires that end users update their software regularly (ideally every day), and we all know how unreliable the end-user population can be. Even automatic update notifications built into popular desktop anti-virus packages are easy enough to ignore or put off – and that puts the enterprise at risk.

Desktop anti-virus software scans a computer’s memory and disk drives for viruses, usually by looking for a known string of code, called the virus signature or definition; if it finds a virus, the application tells the user and may be set to clean, delete or quarantine affected files or directories.

2) The server. Anti-virus software deployed at the e-mail server level will stop most viruses before they hit users’ desktops, but it still allows viruses into a company’s network. Many companies have anti-virus protection on servers, often because this was the second level of defense offered to them by their anti-virus vendors.

3) The gateway. Blocking viruses at the gateway helps protect your network from attack; corrupt messages won’t get inside, so they won’t do any harm. Gateways are relatively new, but not so new that companies shouldn’t be using them. Options include hardened appliances, as well as anti-virus protection integrated with network hardware. For instance, last week Cisco announced it will integrate Trend Micro’s network worm and virus signatures with the Cisco Intrusion Detection System software deployed in Cisco IOS-based routers, Cisco Catalyst switches, and network security appliances.

At the server or gateway level, anti-virus software scans incoming messages for virus definitions, then blocks, quarantines or deletes messages that contain e-mail viruses.

We like news such as that from Cisco and Trend – anti-virus protection will only get easier for companies that use integrated approaches at all levels of their infrastructure. Indeed, we think that within three years many companies will deploy both anti-virus and anti-spam filters at the gateway, and look for integrated products built right into their networks.

For more information, see “Secure Messaging for a Changing World,” a new benchmark research series from Nemertes Research.