Deploying Enterprise-wide Virus Protection - Industry Trend or Event

Introduction

Along with the arrival of virtually universal telecommunications and networking, organizations and end users have developed a tremendous sense of unease about network security issues. The growth of extensive inter-company communications, wide-scale intra-company networking, and universal Internet access have also heightened awareness of the possibilities of unwelcome intrusions and attacks upon internal networks.

Although much has been said about network espionage, hacker attacks, and other high-profile security issues, the most profound cause for concern comes not from high-tech security probes and intrusions, but from the wide-spread promulgation of viruses. According to recent surveys, viral infections represent the great majority of all security incidents, and have created tremendous problems for businesses of all sizes.

Virus protection for large organizations is a complex and difficult problem because of the combined hurdles of heterogeneous systems and practices, wide-spread use of distributed or client/server systems, and the free exchange of data files via network sharing, e-mail, and the Internet. As enterprise networks grow through the addition of file and backup servers, messaging systems, Internet gateways, management systems and wildly proliferating client machines, the need for a comprehensive virus-handling strategy becomes even more critical. Of particular importance is the need to implement a system that allows centralized management of all the client computers on peoples' desks throughout the organization. Increasingly, organizations are becoming aware that the total cost of ownership of these ubiquitous desktop computers has to include a realistic look at the cost to manage and oversee their security component. The high frequency of attacks combined with a potential lack of consistent company-wide practices for updating virus protection software, makes it necessary to include centralized management with integrated solutions to really make a difference.

Until recently, viral infections only threatened data residing on storage media, such as hard drives and floppy disks. However, with the emergence of macro viruses, the threat has spread to applications. As of January 1997, approximately 200 macro viruses have been discovered and documented. The great majority of these attack Microsoft Word documents, the rest attack Mircosoft Excel, Ami Pro and Word Perfect files. However, any application that supports a macro language is susceptible to this type of virus. It is estimated that over 90% of all companies have macro viruses resident somewhere in their computing systems. With this level of penetration, it should be obvious that most organizations are severely lacking in awareness, management, and prevention of virus attacks.

Establishing effective enterprise-level and anti-virus security is now possible through the deployment of a new anti-virus software system designed specifically for that purpose. This new approach combines and unified, enterprise-wide, management and operations strategy with multiple level, integrated anti-virus software. The most effective of the virus protection software utilities prevents initial infection rather than simply cleaning up after an infection has already occurred. This unified implementation will be the primary solution in organizations requiring an effective, enterprise-wide, anti-virus strategy.

Enterprise-wide anti-virus solutions need a uniform, all-encompassing plan, with centralized control, automated virus signature updates and support for multiple platforms, protocols and file types.

Effective deployment of enterprise-wide anti-virus software also requires ongoing vigilance and serious management attention. Although an anti-virus strategy must be supported by technical experts and powerful software, the ultimate responsibility for maintaining a virus-free enterprise ultimately rests on management's shoulders.

This Guide examines various types of security problems that network administrators are likely to encounter, with specific emphasis on viruses and virus protection system and strategies. It provides a top-down approach to deploying and managing enterprise anti-virus protection systems throughout an organization in a way that assures a high degree of confidence and efficiency.

The Security Threat

Findings from recent industry studies and surveys indicate that an alarming number of large organizations have failed to implement satisfactory security policies. Furthermore, of the 1,300 companies interviewed in a survey conducted by the National Computer Security Association (NCSA), 54% of the respondents indicated they had experienced significant loss of data due to security breaches, while 78% of these security breaches were directly attributed to virus infection.

Reported financial losses of over $250,000 were common, with losses over $1 million reported by some enterprises! These statistics clearly indicated that security is an issue that can no longer be ignored, and that viruses are the most common, and unfortunately, the most serious security threats encountered in the workplace.

Computer Viruses

A computer virus is any program created to reproduce itself. A virus reproduces itself by attaching itself to programs, files, or even to the boot sectors of disks and activates when the infected file or disk is opened or accessed. Once resident in memory, a virus can attach itself to the next file or disk accessed, and so on. A virus may be designed to do harm or simply can have unintended consequences by overwriting other important computer information and causing costly inconveniences to users and network managers.

There are four general types of computer virus

* File Viruses (including macro viruses), which are attached to files.

* Boot Sector Viruses in which the boot sectors of floppy or hard disks are infected.

* Master Boot Record (MBR) Viruses which infect the disk master boot record.

* Multi-partite Viruses that are a combination of a file virus and a boot sector virus.

Virus Disguises

As viruses spread, they need to avoid detection in order to succeed in corrupting target computers. Simple viruses, with easily detected signatures are giving way to more sophisticated virus types:

* Polymorphic Virus--Changes its signature, or profile, each time it is activated so that a fixed signature filter will miss it as it does its virus scan.

* Stealth Virus--Attempts to hide its presence by intercepting interrupt services and by feeding back false information to virus protection products and end users.

* Encrypted Virus--Delivered within an encrypted file, undetectable by a simple virus protection scan.

Alarming Growth Rate

Although a recently as the mid-1980s, computer viruses did not exist, their numbers have risen at an alarming rate since then. By the beginning of 1996, close to 5,000 distinct computer viruses had been discovered or created in computer laboratories, while just one year later, at the beginning of 1997, the number was close to 9,000, almost doubling the virus population in a scant year!

Fortunately, the great majority of these viruses were written for research purposes and have never been released into the computer population at large. Of the contemporary documented viruses, fewer than 300 of them are circulating in the public sphere. These approximately 300 viruses are said to be "in the wild" since they are not under control and are actively spreading to new systems. And, of these, only ten viruses (Word concept, Form, Stealth B/C, Anti-EXE, Monkey, Stoned, Anti-CMOS, NATAS, NYB, and Michaelangelo) or their derivatives, are responsible for nearly 95% of all virus infections and subsequent damage to computers.

These top ten virus types are responsible for hundreds of millions of lost dollars and countless thousands of lost hours of productivity. And, though these "wild" viruses are a small percentage of the overall virus population, it is in this area that explosive growth is anticipated. Most virus experts agree that we are experiencing the beginning of an explosion of "wild" computer viruses. The reason for this pessimistic forecast is the fairly recent development, and fast spreading epidemic of macro viruses. Any anti-virus solution that fails to protect against 100% of these "wild" viruses is simply inadequate no matter how many thousands of other tame viruses it does identify and repel.

First discovered in mid-1995, macro viruses are being introduced onto corporate networks and individual workstations at a rapidly increasing rate. By the year 2000, experts say, we will see a dramatic increase in the number of sophisticated viruses and malicious applications circulating throughout corporate networks and individual user workstations.

Virus Growth Rate

Because of these issues, and as networks grow, the threat of a damaging computer virus infection becomes more likely. According to the NCSA, the threat of contracting a virus is increasing dramatically from its observed 1996 level of 14 infections per thousand computers per month. Ongoing surveys and studies are expected to show infection rates ten times higher in 1997. Studies have also shown that the average cost for diagnosis, cure, and repair of a virus infection has risen to over $8,000 per incident!

Sources of Virus Infection

Every new advancement in network and communications technology introduces new avenues through which viruses can infect your system. Most earlier viruses were boot sector viruses, in which the boot sectors of floppy or hard disks were infected. In fact, as recently as the end of 1995, the only way a machine was likely to be infected by a virus was by using contagious diskettes moved from infected systems to non-infected ones.

The Spread of Macro Viruses

As stated earlier, the creation of macro viruses has changed this environment dramatically. A macro virus is a set of instructions, which is programmed using the powerful macro routines that accompany today's word processing and spreadsheet applications. These macro languages enable a myriad of useful functions to be embedded into a document, which are executed as the document is opened for viewing or use. Primarily targeted at Microsoft Word, which is widely deployed and which contains a rich set of macros, the creators of viruses use these native macros to build their programs. Other word processing and spreadsheet programs, such as Ami Pro and Excel, are also beginning to come under attack.

Surveys conducted by the NCSA indicated that the spread of viruses is accelerating rapidly. Although the figures have not been updated as of this writing, there is convincing evidence that the growth curve representing these numbers has continued to rise.

Complicated by the Internet

On its own, this would be a serious problem. But with the exploding development of the Internet, this has catastrophic possibilities. The Internet introduces two different virus threats. The first is caused by downloading files, which contain viruses while browsing or using FTP routines; public shareware and executable routines of all types, including formatted presentations are a growing source of virus infection. Furthermore, new Internet virus threats are beginning to appear in the form of malicious Java and ActiveX applets. The second major Internet threat comes from e-mail. Most Internet e-mail systems provide a very rich capability to attach formatted documents to e-mail delivered across the network. These e-mail messages can be broadcast to individuals or groups of addresses with the simple stroke of a key! Infected documents or files can be flooded into e-mail addresses of an entire corporation and sent a seemingly innocent broadcast message to the entire list, with a macro infected document attached. Most e-mail systems automatically accept attached files, and when the recipient opens the document, the virus jumps into his or her computer, ready to re-infect other files.

The simplicity and openness of the network makes this scenario a growing threat. As networking, telecommunications, remote access, message systems that support attachments of all kinds, and interaction with the Internet become more common, viruses will exploit these new electronic pathways to attack systems that were heretofore unreachable.

Groupware Complications

A third trend in networking also exacerbates the virus threat. This is the trend towards deploying groupware applications such as Lotus Notes, Microsoft Exchange, Novell Groupwise, and Netscape Colabra. Since the active and repeated sharing of documents over the network is at the core of these applications, they represent a fertile ground for the deployment of macro viruses. Groupware software not only acts as a repository for shared documents, but, as an integral part of its collaborative function, simultaneously broadcasts files to associated work groups. This significantly multiples the possibility of accidentally deploying infected mail through macro viruses and makes groupware protection a high priority.

Symptoms of Virus Infection

Symptoms of Virus Infection

* Increase in byte length of files

* Alterations of a file's time stamp

* Delayed program loading or activation

* Reduced system performance

* Lower system resources, available memory, disk space

* Bad sectors on floppies and hard drives

* Strange or non-standard error messages

* Non-standard screen activity, display fluctuations

* Program inoperatibility (failing to execute)

* Incomplete or failed system boots

* Uninitiated drive writes

Anti-Virus Software

Detecting a Virus

When choosing effective anti-virus software, it is essential that it have a varied and multi-faceted array of methodologies for fighting viruses. Contemporary viruses are becoming increasingly sophisticated and, as such, can defeat simpler, single dimension software packages. To be effective, the anti-virus software utility must include special-purpose, distributed applications that can detect viruses using five distinct methods.

Signature Scanning

Compares the content of files against a database of virus signatures. This requires a frequent database update to assure that new and changing signatures are identified.

Integrity Checking

Compares the profile of current files and disk areas against an archived snap shop of these same items. Differences that are detected may indicate the presence of a virus. Check summing is the most common type of integrity checking. Unfortunately, integrity checking is generally not effective against modern stealth viruses, so other approaches are needed as well.

Heuristic Analysis

In which artificial intelligence monitors for virus-like behavior, such as trapping certain interrupt services or attempting unlikely actions such as reformatting the hard disk.

Polymorphic Analysis

Polymorphic viruses are difficult to detect because they constantly change the way they look, particularly when they are also encrypted or use stealth techniques to hide their presence. A polymorphic analyzer will move any suspect file to a separate, protected, location in the computer and execute it there to see if it exhibits any virus-like behavior.

Macro Virus Analysis

A specifically designed anti-virus software that detects macros in files before execution and tests them for viruses.

Archived and Compressed Files

In addition to supporting these five types of analysis, effective anti-virus systems must also be able to scan archived and compressed file types. The most common such types include zip (or Pkzip) and Microsoft Compression. Viruses can hide inside such compressed archives, and remain dormant or unnoticed until infected files are extracted and released into a system. At a minimum, an anti-virus system should be able to scan most archive types to identify viruses stored within any files they contain.

NCSA Certification

The National Computer Security Association (NCSA) provides comprehensive and objective oversight to the anti-virus industry and provides a clearing house of information regarding emerging or changing viruses. It provides a formal certification process in which it evaluates and rates anti-virus software on a regular basis. This certification is conducted on a year-to-year basis and includes bi-monthly rechecking of the software throughout the certification year. For the tested anti-virus software to pass the certification process, it must be able to detect 100% of the viruses on the current "wild" list as well as 90% of the 9,000+ known viruses.

Frequency of Database Signature Update

Ultimately, any anti-virus software's ability to actively prevent virus attacks will be determined by the currency of its database of virus signatures. Any anti-virus software worth deploying must have an associated, easily accessible Web site, or some other online source of information, where regular virus database updates can be retrieved. Those products that automate this update process by using a network's Internet connection to routinely poll for new database information have a clear advantage in this regard.

Curing a Virus

Most anti-virus software cannot only detect, locate, and identify viruses, but can also remove viruses from an infected system. The removal process may be unique to each virus, but can include the deletion of virus code, the repair of damaged files, and may sometimes even apply patches to damaged applications.

Virus Scanning: Real Time and Scheduled

Most anti-virus software can perform a scan of a computer detecting, and even repairing, all viruses found at that time. This process is called scanning. Scanning a computer for viruses on a scheduled basis can occur at regular intervals as determined by a system's scheduler, or as an on-demand operation that's manually executed, or as an event-activated operation (usually in response to some recognizably "illegal" behavior by a potential virus).

In addition, viruses can be scanned in realtime, i.e., as they received into the computer, data repository, or server. This is an important capability because of viruses can be detected as they attempt to enter a system, then they can be prevented from corrupting any files. Oftentimes, a scheduled scan may occur after a virus has already entered a computer and has had an opportunity to corrupt other files. Obviously, the earlier a virus can be detected, the better.

For anti-virus software to be truly useful, it must have the ability to perform all types of scans.

Management Issues

Because of the complexity of corporate networks and the reality of inconsistent human behavior, managing a network anti-virus system introduces surprisingly difficult problems. One major concern is the currency of the anti-virus software and its uniform deployment throughout the corporate enterprise. A key element in providing consistency in an enterprise-wide anti-virus system is the ability to uniformly and automatically deploy software updates in a timely and controlled way. This managerial capability is essential to a successful deployment. Other important management features of virus protection software include report generation, logging of all virus-related activities, and centralized management of distributed protection systems. Administrators will ultimately need all of these capabilities in the continuing war against computer viruses.

Enterprise-Wide Virus Protection

Virus protection within an enterprise demands a significantly more robust solution than that which is required for standalone computer or small networks.

An enterprise network consists of many levels of functionality. Generally based on LAN architectures, which are interconnected through switches to e-mail and file servers and which are then connected to the world via routers and gateways, these networks have a number of unique issues.

Multi-Level Comprehensive Virus Protection

Of overriding concern is the question of where anti-virus software should be deployed. Within a corporate enterprise, critical data is most stored on networked file servers located centrally and throughout the network fabric. These file servers are the primary target of viruses aimed at corporate users. To protect them, corporate managers must provide comprehensive protection at many levels of the network.

It is important to recognize that the best protection involves a multi-level solution with four key attributes:

Integration: The solution includes a deliberately coordinated approach that integrates all of the layers of protection within a single paradigm.

Single Point Management: As an essential element of an integrated solution there should be a single focal point of security management.

Automation: The solution should include the ability to automatically update virus signatures and other anti-virus elements.

Multi-layered: The solution should be multi-layered in that the right components are distributed at the most effective point to maximize efficiency and reduce overhead. Anti-virus software needs to be installed in servers, workstations, and messaging systems.

Gateways and Firewalls

Some suggest that it makes sense to put all anti-virus software right at the gateway to prevent any viruses from even entering the network. This approach, however, has two major problems. The first is the problem of severe performance degradation. Gateways and routers are designed to read a header on a frame or packet and then pass the frame or packet along to its destination as quickly as possible. In order to check for viruses, the router or gateway would have to receive all of the frames of the file, reconstruct them, and store them temporarily while a scan takes place. This is completely opposite to the desired effect. The performance of the router or gateway would degenerate very quickly causing severe bottlenecks in and out of the network.

Workstations

The essential element is to have the anti-virus software reside on each workstation in the network, since this is the main entry point into the network. This approach makes great sense because the scanning workload is shared among all of the computers in the system, putting only a small workload overhead on each station. Each station would be equipped with up-to-date anti-virus software and could add this task to its ordinary workload with little performance degradation and no need for new equipment. Although a growing number of virus infections today stem from Internet downloads and e-mail attachments, the most common source of infection is from floppy diskettes brought in from employees' homes. Realtime floppy scanning needs to be done on the workstation to minimize virus infections, as the workstations is the most common virus entry point. The caveat, of course, is that the software has to be part of a system that enforces uniform updates and automatic operation so as to avoid user inconsistencies.

E-mail Servers

E-mail servers are a second natural location for anti-virus scanning. Since all of the e-mail messages, which are a primary source of infection, come into the servers and are archived in mailboxes before being sent on their way, it makes great sense of include anti-virus software on them. With a ratio about 100:1 workstations to mail servers, the cost efficiency of this solution makes sense. Unfortunately, this does not cover all of the ways in which viruses can come into individual workstations. With separate modems connected to the Internet and with direct connection to other stations in the network, corporate mail servers can be bypassed; which is why, it is important to cover all other entry points.

Backup Servers

Backup servers are responsible for maintaining copies of critical data. If backup files are corrupted, then the system is fundamentally flawed. Corrupted files may be unusable for restoral purposes or may re-infect entire systems. A little-known issue with anti-virus software is that it generally conflicts with backup software. Backup software, as part of its ordinary operation, opens up files multiple times as part of its process. This requires the anti-virus software to scan these same files multiple times. A major backup system which could support, for example, 50,000 files. During an overnight backup process, virus checks are conducted as many as 150,000 times! This creates tremendous slowdowns and inefficiencies. This is complicated by the fact that when a virus is detected, the system stops until the viral infection is cured. This means that a backup would have to be conducted the next day, rather than as an overnight process. Therefore, it is critical that an effective software product be installed is designed to overcome this inconsistency. Protecting backups from virus infestation is integral to maintaining a safe and secure network. Good anti-virus software must collaborate with backup software to provide realtime backup and restoration virus protection.

Internet Servers and File Servers

Anyplace in the network where a file or database resides is a potential source of problem. It is essential that these locations be well protected. A file server houses a company's most critical data. And, having your Internet server equipped with anti-virus software is of paramount importance. Keeping files uploaded and downloaded virus free is important to your network and your customer's network.

Features of an Enterprise System

Domain Management

For an enterprise anti-virus system to be truly effective, it must be able to manage an entire domain of hundreds or thousands of nodes (servers and workstations) as a single entity. The product's management facilities must be aware of all potential virus activity on each computer, and at each entry point to the network. The key to maintaining control over an entire domain is centralized administration and management. One (or a few) computer(s) should host an anti-virus system's control application, where system-wide or single node changes can be applied to anti-virus information, configuration and behavior at will.

Quarantine and Source Tracking

A second aspect of complete domain management is an anti-virus solution's ability to isolate infected clients. When a node's protection scheme identifies a potential infection, the central control facility should be able to terminate its network access. This prevents a virus from spreading through the network. Once all infected computer(s) are quarantined, the anti-virus system's management facility notifies its administrator(s) of the need for immediate action.

Intelligent anti-virus software should also be able to identify the infected computer and the user logged into the computer. This permits specific clients or roaming users to be identified as repeat offenders. A trail of evidence can be supplied by the virus tracking system automatically and, if necessary, this data can be used to support a case for legal action against the responsible individual(s), as well as providing a useful method to identify and diagnose sources of infection.

Alarms and Alerts

Enterprise administrators must be notified when a virus outbreaks occurs. The anti-virus system's alarms and notifications should have a wide range of customizable options, such as setting virus activity notification levels, identifying selected administrators or managers when problems occur, and creating variable levels of text messages for event logs. The process of notification should include e-mail, on-screen alerts to designated recipients, alphanumeric or digital pages (with codes to identify alarm urgency), simple event log entries, automatic printouts of virus trouble tickets and interfacing with SNMP-based network management systems. These alarms and alerts must be integrated with the overall system management architecture.

State of the Art Virus Identification

Anti-virus software must be able to identify a wide range of virus types. Each type possesses unique difficulties relating to its identification, inoculation, and repair, and each will be detected or identified through different means. Whatever anti-virus product you deploy in, your enterprise must support methods to detect each of these types, and be able to discern new virus types and accommodate new detection methods as they introduced.

Deploying and Managing Virus Protection

The actual deployment of a virus protection tool commonly requires completing the following steps:

1. Planning. Determine what types of information or data feeds are present on your network.

2. Research. Identify a software solution that fits all your assessed needs, plus as many of the features listed in the preceding baseline checklist.

3. Testing. With a limited group, install and test the operation of the software, to make sure it works properly, and is compatible with existing networking and applications software.

4. Maintain. Manage and update the software to ensure that it functions as expected, and that it's possible to manage using your current network and staff; be sure to download updates and signature files, and apply them to your test network, to fully understand this crucial aspect of any anti-virus system.

5. System Deployment. Once satisfied with a product, deploy it system-wide.

Developing an Anti-Virus Policy

Many organizations have learned that simply installing an anti-virus product on their system fails to effectively safeguard their network from infection. Generally, the oversight involved is twofold if the software installed is inadequate, and its administrators have not learned how to properly apply its protection schemes. One solution is a well-crafted company policy that clearly defines how virus protection should be established and maintained. The following items are essential to establishing a real-world virus policy:

1. Focus On Software. Virus protection ultimately rests on the quality of the software that's deployed. Attempting to alter or control user behavior, no matter how motivated and dedicated, is futile.

2. Response Team. A team of two or more people trained in proper handling of virus infections is an essential element of a complete protection policy.

3. Automated Prevention. Every user must run an intelligent anti-virus protection tool at all times.

4. Upgrades And Patches. The best protection is the latest version of your anti-virus system. Every upgrade, patch, or update to your anti-virus software should be download, tested, and rapidly deployed. It is essential that the anti-virus system has the facility to automate this process to eliminate the vagaries and whims of individual human behavior.

5. Always Have A Backup. Protect your data and your system by maintaining a reliable, current virus-free backup. In the event of virus disaster, you will be able to restore your system quickly.

6. Virus-Free Servers. The central focus of a network is its file servers, where data and services are stored and accessed. These valuable resources must be reliably protected. Once a server is compromised, your entire network is at risk. Your policy should be protect servers from virus at all costs.

7. Identify Risk-Takers. Users who repeatedly expose your network to viruses, perform a lot of data transfers from outside sources, or attempt to bypass anti-virus barriers should be reprimanded and possibly relieved of their network privileges. Be aware that other high-risk users, such as repair technicians, contractors, consultants, and salesmen, who may be unaware of your virus policies or rigid protection barriers, are also prime potential sources of infection.

8. No Unapproved Software. Eliminate uncontrolled sources of software.

Conclusion

Why InocuLAN?

Enterprise-wide virus protection is a necessary and critical part of today's network environment, demanding comprehensive centralized control and automated operations.

Because of the increasing complexity of communications within and between organizations, effective deployment of enterprise anti-virus software requires a comprehensive software solution that will take the burden off of the network administrator and end users. Large, heterogenenous environments require a solution capable of meeting a multitude of needs like those addressed in this paper.

The Solution? InocuLAN!

InocuLAN[R] offers a total, comprehensive, and integrated protection for the entire enterprise. A wide range of unique capabilities help network managers manage anti-virus efforts across the enterprise, making InocuLAN the perfect solution for enterprise systems.

For automated systems designed to manage multiple servers and clients, InocuLAN provides automated installation of all networked clients, and automated signature file download and update to all clients and servers across the network. Many environments also include both NetWare and Windows NT servers, and many PC operating systems. With new Java-based manager, InocuLAN can manage all servers and clients from a single console from anywhere on the network, giving managers more flexibility and greater control over virus incidents. Remote management and centralized administrate the powerful management capabilities InocuLAN offers.

InocuLAN also offers the multi-level protection necessary for keeping viruses from penetrating the network -- InocuLAN clients provide realtime protection from Internet downloads, e-mail, floppy diskettes, and file and program viruses, and are the first line of defense against viruses. The second line of defense is server protection, and InocuLAN protects both Windows NT and NetWare servers in realtime, keeping your critical information virus-free.

Finally, messaging servers act as a major contributor of virus infections - protecting these critical information stores is essential to the health of your network. InocuLAN protects messaging systems, including Lotus Notes and Microsoft Exchange Server, keeping e-mail messages and document databases virus-free.

Offering unmatched management capabilities and advanced virus protection, InocuLAN is the premiere virus protection solution for the enterprise!

InocuLAN offers:

* Enterprise Management

* Advanced Virus Protection

* Complete Automation

* Hands-Free Updates

* Universal Java-Based Manager

* Virus Source Tracking

* Remote Management And Scanning

* Realtime Scanning And Cure

* Server Protection For Windows NT And NetWare Servers

* Desktop Protection For Windows 3.1, Windows 95, Windows NT, DOS And Macintosh Workstations

* Internet Protection - AntiVirus Plug-ins and Firewall Integration

* Messaging System Protection For Microsoft Exchange Server, Lotus Notes, And Novell Group Wise

To learn more about InocuLAN visit www.cheyenne.com/security, or call 1-800-CHEYINC and ask for a free 60-day live trial.

COPYRIGHT 1997 101 Communications, Inc.
COPYRIGHT 2004 Gale Group