Internet Security Systems' forthcoming email appliance blends traditional mail security with IPS and behavioral analysis

Internet Security Systems (ISS) next week will roll out its first email security appliance, Dark Reading has learned. The new Proventia Network Mail Security System appliance contains not only the traditional antivirus, anti-spam and content-filtering features, but intrusion prevention system (IPS) technology as well as ISS' proprietary behavioral-based virus protection.

"Customers are demanding a greater level of protection across the board," says Dave Ostrowski, senior manager of product marketing for ISS, which is in the process of being acquired by IBM. (See IBM Merger Gets Mixed Responses and IBM Up-Ends Security Services Market.) "And this is part of the trend of consolidating technologies into a single appliance with IPS, mail protection, and virus protection."

ISS' new email appliance is an example of how IPS technology is being folded into other security platforms. (See IPS Technology: Ready for Overhaul.) The appliance, which is based on the same engine as the Proventia IPS platform, can be run in conjunction with it, Ostrowski says. "You can use it in addition to the traditional Proventia IPS at the gateway," he says. "It gives an additional layer of defense for email."

The IPS performs deep-packet inspection for any network traffic that hits the Proventia appliance, which sits in front of the email server. "It looks for any breaches in protocol behavior and scrubs it" at Port 80 or in Sendmail, for instance, says Matthew Ward, senior product manager at ISS. "So what then reaches your email server MTA is clean Port 25 traffic," he says.

The antivirus feature catches known malware at the file level, and ISS' Virus Prevention System (VPS) looks for unknown threats by executing code in virtual "sandbox" to analyze its behavior. "If the behavior is indicative of a virus, it's flagged as a virus," Ostrowksi says. "The main benefit of this is it doesn't require a specific signature" to discover malware in email, he says.

The Linux-based appliance comes with four ports and is aimed at enterprises with 2,500 users and above, and will be available on September 18. Pricing starts at $20,000.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

About the Author(s)

Kelly Jackson Higgins, Editor-in-Chief, Dark Reading

Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties. Jackson Higgins was recently selected as one of the Top 10 Cybersecurity Journalists in the US, and named as one of Folio's 2019 Top Women in Media. She began her career as a sports writer in the Washington, DC metropolitan area, and earned her BA at William & Mary. Follow her on Twitter @kjhiggins.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights