[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    Re: Virus Scanner
From:       Jerry Huyghe <jerry () eliashim ! com>
Date:       1997-07-29 9:19:28
[Download RAW message or body]

>Date: Mon, 28 Jul 1997 15:45:55 -0700
>From: Sean Elrington <seane@intergate.bc.ca>
>Subject: Re: Virus Scanner
>
>This thread is drifting ever further away from firewalls but while we
>are talking about gateway anti-virus you should check Trend Micro
>(http://www.antivirus.com) since they patented their scanning engine and
>have started to sue some of their competitors for infringement.

>From what I have read, their patent is for Proxy Servers and email scanning
only. The CVP anti-virus architecture is not a proxy and these lawsuits
have no bearing on most firewall anti-virus solutions. 

>
>I know Raptor made an announcement over a year ago about working with
>Trend to develop gateway based anti-virus but nothing ever seemed to
>come from it.

Trend does not seem to want to cannibalize their Viruswall proxy sales by
partnering with firewall vendors. I am sure you will see Raptor working
with other vendors very soon.

>
>I'm not sure that anti-virus on a firewall makes much sense (as opposed
>to gateway anti-virus generally which is a great idea but not a
>replacement for desktop protection).
>
>The problems are:
>1. latency. the firewall is a busy box to begin with and the cycles have
>to come from somewhere

That is why the anti-virus CVP server is a separate box, to which the
firewall redirects infectable files for a closer look. You are right that
it causes performance hits to put it on the same box.

>2. adminstration. running an application on your firewall may involve
>allowing more people to administer the box

Not in the case of a CVP server

>3. security. call me paranoid, but of all the boxes on the network which
>could be used to corral exotic viruses and hold them for inspection, the
>firewall is not the one I would pick.

Me neither, and that is not how firewall anti-virus servers were designed
to work.


Best Regards,

Jerry Huyghe
Product Manager

eSafe Technologies 			http://www.esafe.com
A division of EliaShim Inc        	http://www.eliashim.com
----------------Intelligent Computer Security-----------------
1 SW 129th Ave, Suite 105  		Phone : 800.477.5177 Ext 18
Pembroke Pines, FL  33027  		Fax   : 954.450.9612	
==============================================================

[prev in list] [next in list] [prev in thread] [next in thread]