GFI DownloadSecurity for ISA Server
Admins can now block malicious & virus-infected HTTP/FTP file downloads at firewall level
30th August 2002 (NISER)
By Gopal Nair

GFI recently launched GFI DownloadSecurity for ISA Server, a content security solution that checks all downloads for viruses and enables administrators to control what type of files enter their network, from where and for whom. Because GFI DownloadSecurity quarantines potentially dangerous downloads for approval, administrators can now tackle the security risk presented by downloads without having to block them all.

"We believe that hackers will increasingly start distributing viruses and Trojans as file downloads on websites, simply because many corporations do not protect against these threats at firewall level. However, blocking all downloads would be far too restrictive for network users and would hinder productivity. GFI DownloadSecurity for ISA Server is a unique solution to this problem as it performs anti-virus and quarantining of all downloads at firewall level and allows administrators to define what must be quarantined on a user or group basis," said Nick Galea, GFI CEO. "This gives companies total flexibility in the way they choose to check incoming files".

GFI DownloadSecurity scans all incoming HTTP/FTP downloads for known viruses using multiple virus engines. It includes two industrial-strength anti-virus engines: Norman Virus Control, 16-time winner of the Virus Bulletin 100% award, and SOFTWIN's BitDefender. The McAfee virus scanning engine can be added at an additional charge. This way, users can run multiple virus engines simultaneously, eliminating dependence on one vendor and ensuring maximum protection against email viruses.

GFI DownloadSecurity enables administrators to define which file types should be quarantined for approval, such as executable files, zip files and other files that could contain harmful content - for example, a virus, worm or Trojan. ISA Server can only block files by extension, meaning users could bypass its system by renaming the extension. GFI DownloadSecurity quarantines files based on user file type and file extension.

ActiveX controls and Java applets pose a security risk as these programs can be Trojans or may contain security holes that can be exploited. Although the browser prompts users as to whether they wish to run an ActiveX control or Java applet, a user who is unaware of the risks could potentially infect the corporate network by downloading a control from a distrusted site. GFI DownloadSecurity allows administrators to specify the sites from which they trust ActiveX controls or Java applets and blocks all Java applets and ActiveX controls from mistrusted/unknown sites. This way, GFI DownloadSecurity secures the network from an unsuspecting user making the wrong decision in downloading a control or applet.

GFI DownloadSecurity was built from the ground up to work with ISA Server, Microsoft's enterprise firewall and web cache server. As a result, installation and administration are easy: No dedicated machine is required, and there is no need to make any changes to the network configuration. GFI DownloadSecurity hooks into ISA Server as a web filter and can leverage features such as alerts, reporting and so on, that are already found in ISA Server.

GFI DownloadSecurity completely integrates with GFI MailSecurity for Exchange/SMTP - GFI's email security product - enabling administrators to configure content security for web, HTTP, FTP and email use in a simple, centralised way.