ISPs look to kill viruses before they strike
Firms say the best way to control virus attacks is to place anti-virus software into a network so an email can be disinfected before it reaches its destination.
New generations of viruses like Melissa or Bubbleboy multiply too quickly for individual users to keep track, companies say. The best way to control infections is to place anti-virus software into a network, companies claim, so an email can be disinfected before it reaches its destination.
But then along came the Internet, as well as a host of security holes in programs like Microsoft Outlook that virus-writers found ways to exploit. The most common viruses are now spread through email, and fast-spreading variants like Melissa can sweep across the online world in the space of a few days.
By contrast, ISPs generally have technical staff on board around the clock, and are in a much better position to keep up with the latest anti-virus updates and react quickly to new outbreaks. Many ISPs are already acting as the first line of defense to filter out material that is slightly less threatening: junk email.
The strategy is still fairly new, and only a handful of ISPs have jumped on board. The Net business of local phone firm US West provides its customers with anti-virus services, as does Sprint's small-business Net division. Schrader said that Trend Micro is also working with British Telecommunications, while a few large U.S.-based ISPs are still in the preliminary stages of considering network-based anti-virus services.
To offer the service, an ISP or telephone firm will install software inside a mail server to scan incoming email for known virus codes. The model is similar to what happens at many big corporations, which maintain antivirus protections at the gateway between their own network and the Internet.
"Desktop applications, unless you update them on an extremely regular basis, don't protect you from all the viruses that are coming through the Internet," said Audrey Thompson, director of Internet product management at US West. "We can do that at the ISP level more effectively."
Many ISPs aren't convinced of the benefits of the network strategy. The enormous amount of technical work required to scan incoming email traffic and to connect to billing and directory systems just doesn't make the service worthwhile, they say.
"At the server level it would be an incredibly big job, and some people might consider it an invasion of privacy," MindSpring spokesman Ed Hansen said. "As far as I know, we're not considering that right now."
For the most part, security analysts approve of the technology, agreeing that it's easier and faster for a few thousand ISPs to protect themselves against a virus attack than it is for a few million individual users. But they warn that ISPs can't provide perfect protection, any more than desktop software can.
The fastest viruses can spread a long way in the time it takes anti-virus software firms to create antidotes, noted Elias Levy, chief technology officer of Security Focus, a company that monitors computer security problems. Anti-virus software, wherever it is installed, can still miss some malicious code or block emails that aren't actually infected, he added.
"It's a good service," Levy said. "But it might provide people with a false sense of security."