With network security currently knotting everyone’s knickers, Finjan Software Inc. has recently augmented its products with McAfee’s scanning engine technology.
McAfee’s agreement with Finjan, a San Jose, Calif.-based antivirus vendor specializing in proactive content security, has resulted in SurfinGate 6.0, which monitors Web content, and SurfinGate for E-mail, a comprehensive appliance and software plug-in. This adds McAfee’s virus detection and removal capabilities to Finjan’s behaviour inspection approach.
By actively monitoring downloaded active content, including executables, ActiveX and Java scripts, Finjan’s products let companies enforce security policies by automatically blocking malicious activity before it causes damage to PCs.
Michael Shear, Finjan’s Toronto-based Canadian manager, said that although traditional antivirus products catch many potential threats, the reactive model has had trouble the last few years in catching the newer fast-paced attacks that are travelling around the world.
“Finjan’s proactive approach will spot these threats – like Goner, for example – and [our customers] won’t have to rely on a Finjan update to be protected when these new attacks come out. . . . So by integrating our proactive defence mechanism with McAfee’s virus scanning product, we have a security solution to protect companies from first-strike attacks by malicious code,” Shear said.
By setting up a security model that prevents attacking code from performing a mass mailing, or formatting a PC’s hard drive, SurfinGate – and five or similar products such as eSafe and Sandbox Security’s Secure4U – work quite well, and avoid the logistical nightmare presented by rolling out constant updates over enterprise-level systems, said Robert Vibert, moderator of the Ottawa-based Anti-Virus Information Exchange Network (located online at www.avien.org). The biggest problem these relative newcomers face, he explained, is that buyers are very conservative in this marketplace.
“Finjan, and other companies that sell what we can call ‘generic virus-prevention techniques’ basically have a credibility problem because scanners are seen still as the solution for viruses and related malware (malicious software). Although their products might be used in small pockets by a number of companies there aren’t that many major companies that have publicly said ‘Yes, we’re throwing away the scanner approach and we’re using this approach that ‘s based on policies and integrity check and blocking of certain things from coming in,'” Vibert added.
Oliver Day, an Austin, Tex.-based analyst and the author of the upcoming book Foundations of Secure SANs, agreed that despite the success of the traditional antivirus approach, there is definitely room for improvement.
“Scanning engines work to a certain extent, but unfortunately once you get to an enterprise level you can only scan so fast before you start dropping packets. Then [threats] start slipping through because people will sacrifice a little security for better performance,” Day said.
Day also noted that Finjan’s e-mail solution included an optional plug-an-play hardware appliance. This, he said, is an increasing trend in the security marketplace which promises better performance for large enterprises, as well as a nice marketing spin for the vendors.
The bottom line, said Vibert, is that Finjan’s deal with McAfee is more marketing driven than technology driven – which may not be such a bad thing.
SurfinGate 6.0 starts at US$30 per user. SurfinGate for E-mail starts at US$49 per user, with optional appliance hardware at US$5,000.