GFI releases DownloadSecurity for ISA Server 6 - Includes Trojan and executable analyzer

September 01, 2003 - 12:00

GFI today announced the release of GFI DownloadSecurity for ISA Server 6, a content security product that handles the security risk of file downloads without resorting to blocking them all at firewall level. GFI DownloadSecurity content checks downloaded files for malicious content and viruses, and enables administrators to assert control over what files users download from HTTP and FTP sites. Version 6 includes many key features, the most significant of which is a new Trojan and executable scanner.

Trojan and executable analyzer detects unknown dangers
GFI’s Trojan & Executable Scanner can analyze what an executable does, and quarantines any downloaded executables that perform suspicious activities, such as Trojan files. Trojans are dangerous as they can enter a victim’s computer undetected, granting an attacker unrestricted access to the data stored on that computer. More information about Trojans is available in the GFI white paper at http://www.gfi.com/mailsecurity/wptrojans.htm.

“In the past few weeks, a new spate of Trojans, used to obtain confidential information or damage a network, has appeared - such as the Webber, Migmaf and StartPage Trojans. These are the ones that made it to the headlines and are just the tip of the iceberg. Most Trojans are, by their very nature, unknown and hard to detect; this is because a Trojan is not created to make the news by being as destructive as possible like a virus, but rather to remain unknown for as long as possible and secretly siphon off data. Several are inserted into websites and disguised as seemingly harmless files, which network users then innocently download to the detriment of the organization,” explained Nick Galea, GFI CEO.

“Content security products have to combat this threat, and must detect unknown and dangerous executables at the perimeter of the network. GFI has made this possible by introducing a revolutionary Trojan and executable analyzer in GFI DownloadSecurity for ISA Server 6.”

How GFI DownloadSecurity for ISA Server works
GFI DownloadSecurity for ISA Server enables administrators to assert control over what files users download from HTTP and FTP sites, and content checks all downloads for malicious content and viruses. GFI DownloadSecurity includes multi antivirus engines, to guarantee higher detection rate and faster response to new viruses; the ability to quarantine downloads based on file type and user; network-wide blocking of Java applets and ActiveX controls; seamless integration with Microsoft ISA Server; and more.

Users do not notice GFI DownloadSecurity until they download a file: Then GFI DownloadSecurity displays a download progress dialog box and the download proceeds. Once the download is complete, GFI DownloadSecurity scans the file for viruses. If the file has no viruses and does not trigger a rule set by the security administrator, the user receives it immediately. If the file triggers a rule, it is put into quarantine for administrator approval. Once approved, the file is sent to the user as an email attachment or link. If the file is rejected, the user is notified.

New features in GFI DownloadSecurity 6
Apart from the Trojan & Executable Scanner, GFI DownloadSecurity for ISA Server 6 includes these new features:

  • Support for Windows Server 2003
  • A decompression engine that supports an industry record of over 75 compression formats while offering configurable handling of compressed file archives
  • A web-based moderator that enables administrators to moderate quarantined items via a web browser
  • Downloading of updates via HTTP, avoiding the need for firewall reconfiguration
  • More quarantine options
  • Notifications node, enabling easy customization of GFI DownloadSecurity messages
  • Support for a fourth antivirus engine: Kaspersky Labs Antivirus
  • Improved configuration and speed.

Pricing and specifications
GFI DownloadSecurity pricing starts at US$295 for 25 users; pricing includes a year of free antivirus engine updates. GFI DownloadSecurity was built from the ground up to work with ISA Server. It links in as an ISAPI extension and can leverage features such as alerts, reporting and more that are already found in ISA Server. No changes to the network configuration are required. More product information and a trial version can be found at http://www.gfi.com/dsec/.

About GFI
GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. With award-winning technology, an aggressive pricing strategy and a strong focus on small-to-medium sized businesses, GFI is able to satisfy the need for business continuity and productivity encountered by organizations on a global scale. GFI has offices in the US, Malta, UK, Hong Kong and Australia which support more than 200,000 installations worldwide. GFI is a channel-focused company with over 10,000 partners worldwide. GFI is a Microsoft Gold Certified Partner. More information about GFI can be found at http://www.gfi.com.