Software acts as sandbox for potential malicious code, IT manager says
Montreal-based Reitmans is using a Vital Security NG-5100 Web appliance from Finjan Inc. as a means to protect users from spyware. The appliance is centrally managed and works in conjunction with anti-virus Symantec software the company already uses in-house.
“The product analyzes content on the fly. It really understands execution methods,” said Finjan CTO Yuval Ben-Itzhak. “If (malware) tries to access the local disk, the registry or tries to (establish) a network connection, we block the content at the gateway. This behaviour-based analysis is a major part of our offering.”
Spyware was becoming an issue at Reitmans, said the company’s network manager Martin Lapointe – slowing down the network and restricting employees’ ability to do their jobs. The company has about 1,200 desktops at its head office in Montreal – most of them running XP – and all were potentially vulnerable.
“We lost a lot of time at the desktop level: troubleshooting forever and eventually having to redo the machines. The users definitely lost a lot of time,” he said. “Spyware renders the machine so slow that eventually you cannot even work.”
Reitmans began a beta test of the product in December and installed it throughout its network a month later. The company hasn’t taken stock of the number man-hours the product has saved yet, but “one thing we can say is, we haven’t had any major issues since then,” said Claude Martineau, vice-president of IT.
The appeal of the Finjan product was its ablity to recognize malware and isolate it before it is able to reach a user’s desktop, said Lapointe.
“It is basically acting as a sandbox for potential malicious code and (preventing) it from reaching the user. If there’s any malicious code in there, it prevents the user from accessing it. It complements our anti-virus solution,” he said.
“Because Symantec anti-virus is signature-based, there are some issues where new viruses are introduced and it is not able to detect it. By connecting to the Finjan appliance, we have an extra layer of protection.”
Reitmans does have policies restricting how its employees use their desktops and the Internet, but they aren’t foolproof, said Lapointe. New workers are asked to sign two documents that govern their use of IT at the company, but they may be too lenient. “We’re actually finalizing new policies,” he said.
In a separate announcement, San Jose, Calif.-based Finjan said on Monday that it has filed a patent infringement lawsuit against Secure Computer and its subsidiaries CyberGuard and Webwasher.
Finjan is seeking an injunction preventing the companies from selling their Webwasher Secure Content Management suite and damages for the alleged infringement of Finjan’s intellectual property. The lawsuit was filed in the United States District Court for the District of Delaware.