GFI releases DownloadSecurity for ISA Server 6 – Includes Trojan and Executable Analyzer
GFI’s Trojan & Executable Scanner can detect malicious executables such as Trojans automatically
London, UK, 1 September 2003 – GFI today announced the release of GFI DownloadSecurity for ISA Server 6, a content security product that handles the security risk of file downloads without resorting to blocking them all at firewall level. GFI DownloadSecurity content checks downloaded files for malicious content and viruses, and enables administrators to assert control over what files users download from HTTP and FTP sites. Version 6 includes many key features, the most significant of which is a new Trojan and executable scanner.
Trojan and executable analyzer detects unknown dangers
GFI’s Trojan & Executable Scanner can analyze what an executable does, and quarantines any downloaded executables that perform suspicious activities, such as Trojan files. Trojans are dangerous as they can enter a victim’s computer undetected, granting an attacker unrestricted access to the data stored on that computer. More information about Trojans is available in the GFI white paper at http://www.gfi.com/mailsecurity/wptrojans.htm.
“In the past few weeks, a new spate of Trojans, used to obtain confidential information or damage a network, has appeared – such as the Webber, Migmaf and StartPage Trojans. These are the ones that made it to the headlines and are just the tip of the iceberg. Most Trojans are, by their very nature, unknown and hard to detect; this is because a Trojan is not created to make the news by being as destructive as possible like a virus, but rather to remain unknown for as long as possible and secretly siphon off data. Several are inserted into websites and disguised as seemingly harmless files, which network users then innocently download to the detriment of the organization,” explained Nick Galea, GFI CEO.
“Content security products have to combat this threat, and must detect unknown and dangerous executables at the perimeter of the network. GFI has made this possible by introducing a revolutionary Trojan and executable analyzer in GFI DownloadSecurity for ISA Server 6.”
How GFI DownloadSecurity for ISA Server works
GFI DownloadSecurity for ISA Server enables administrators to assert control over what files users download from HTTP and FTP sites, and content checks all downloads for malicious content and viruses. GFI DownloadSecurity includes multi anti- virus engines, to guarantee higher detection rate and faster response to new viruses; the ability to quarantine downloads based on file type and user; network-wide blocking of Java applets and ActiveX controls; seamless integration with Microsoft ISA Server; and more.
Users do not notice GFI DownloadSecurity until they download a file: Then GFI DownloadSecurity displays a download progress dialog box and the download proceeds. Once the download is complete, GFI DownloadSecurity scans the file for viruses. If the file has no viruses and does not trigger a rule set by the security administrator, the user receives it immediately. If the file triggers a rule, it is put into quarantine for administrator approval. Once approved, the file is sent to the user as an email attachment or link. If the file is rejected, the user is notified.
New features in GFI DownloadSecurity 6
Apart from the Trojan & Executable Scanner, GFI DownloadSecurity for ISA Server 6 includes these new features:
* Support for Windows Server 2003
* A decompression engine that supports an industry record of over 75 compression formats while offering configurable handling of compressed file archives
* A web-based moderator that enables administrators to moderate quarantined items via a web browser
* Downloading of updates via HTTP, avoiding the need for firewall reconfiguration
* More quarantine options
* Notifications node, enabling easy customization of GFI DownloadSecurity messages
* Support for a fourth anti-virus engine: Kaspersky Labs Anti-Virus
* Improved configuration and speed.
Pricing and specifications
GFI DownloadSecurity pricing starts at US$295 for 25 users; pricing includes a year of free anti-virus engine updates. GFI DownloadSecurity was built from the ground up to work with ISA Server. It links in as an ISAPI extension and can leverage features such as alerts, reporting and more that are already found in ISA Server. No changes to the network configuration are required. More product information and a trial version can be found at http://www.gfi.com/dsec/.
GFI is a leading provider of Windows-based network security, content security and messaging software. Key products include the GFI FAXmaker fax connector for Exchange and fax server for networks; GFI MailSecurity email content/exploit checking and anti-virus software; GFI MailEssentials server-based anti-spam software; GFI LANguard Network Security Scanner (N.S.S.), security scanning and patch management software; and GFI LANguard Security Event Log Monitor (S.E.L.M.) that performs event log based intrusion detection and network-wide event log management. Clients include Microsoft, Telstra, Time Warner Cable, Shell Oil Lubricants, NASA, DHL, Caterpillar, BMW, the US IRS, and the USAF. GFI has six offices in the US, UK, Germany, France, Australia and Malta, and has a worldwide network of distributors. GFI is a Microsoft Gold Certified Partner and has won the Microsoft Fusion (GEM) Packaged Application Partner of the Year award.