Solved

Interjet

Posted on 2001-06-20
8
251 Views
Last Modified: 2010-04-11
Hi All
I hope I'm asking this question in the right section.  My company has an interjet which links to the outside world through a internet service provider (ISP).  E-mails from the outside obviously have to pass through the interjet before they go to the user accounts.  I am wondering how to put a virus checker onto the interjet (or whatever) so no e-mails with any viruses can enter our network.  Also am I right in assuming that the virus checker can be setup on 1 of the companys servers to monitor the whole network centrally.  Any help would be greatly appreciated
regards
Botch
0
Comment
Question by:Botch
8 Comments
 
LVL 5

Accepted Solution

by:
dcgames earned 100 total points
ID: 6210767
There are various ways to do this, and probably none of them have to do wtih interjet.

First, I have to ask if the "user accounts" get their e-mail from an internal e-mail server (like Exchange) or via POP3, pulling the e-mail from an ISP based e-mail account.

In the first case, the virus checking should be performed either in the exchange server or in a mail transfer agent en-route to the exchange server.

In the second case, the options are either to install the virus checker in each client PC so the mail is scanned as it is pulled, or to install a POP3 PROXY application. Your POP3 clients would request their e-mail from the proxy which would then get the e-mail from the ISP, apply virus checking, and forward to the user.

If you want full control I would suggest that you get an e-mail server that includes virus checking. The e-mail server can interact with ISP and your users don't seem much difference.

There are other options, such as virus checking in a firewall, etc., but I haven't used these.

For tiny home networks, I can recommend some e-mail servers that are cheap or free for low number of accounts.

For larger networks or for office lans, I GUESS that the cost of an e-mail server with virus checking is about the same as the cost of a proxy or firewall based virus checker.

Dave
0
 
LVL 11

Expert Comment

by:geoffryn
ID: 6211078
I doubt that you can install anything on the Whistle itself, but you might be able to put an e-mail gateway running virus software outside of the Interjet and have it receive and scan the mail and then pass it to the Interjet for delivery.  Norton AV makes a product for this called Norton AV for Firewalls and Internet E-mail Gateways.
0
 
LVL 17

Expert Comment

by:mikecr
ID: 6211236
I would have to agree with Geoffryn that you need a "stop over" place for the email to be scanned before it is passed to the users and an email gateway would do the trick.
0
 
LVL 5

Expert Comment

by:dcgames
ID: 6216173
If you are concerned about e-mail sent to a specific DOMAIN (like the "company" e-mail), then setting up an internal e-mail server to receive all the e-mails and do the validation is best.

Second best is to install an MTA gateway that the e-mail is routed through.

The way it works, is that on the DNS servers for your domain you will have an MX entry showing the IP address for your SMTP agent (e-mail agent). You can modify this entry (or entries, cause there can be more than one) to point to an SMTP gateway that receives the e-mail, applies virus and spam checking, and either STORES the e-mail (if it is a fully functioning e-mail server) or FORWARDS the e-mail to the real e-mail server (if it is just a gateway).

--

On the other hand, this solution will NOT address people that have an e-mail account somewhere else (like YAHOO.COM, or HOTMAIL.COM or with their home ISP) and RETRIEVE these e-mails at work using a POP3 connection.

The reason is that POP3 goes directly to the ISP server and retrieves the e-mail. So your network really only knows that some TCP/IP traffic is occurring, but doesn't really know WHAT KIND of e-traffic it is, nor what is inside those packets.

To address this kind of problem the easy way is to make sure everyone has Virus software installed on their PCs.

The alternative is some kind of proxy coupled with physically preventing anyone from going to the internet for anything directly. Instead forcing them to go to the proxy. Doubt very much you could find a workable solution with this approach. At least not one you like.

Dave
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 3

Expert Comment

by:mpltech
ID: 6221897
You should consider MDaemon and Winroute. These 2 programs running on an NT system with 2 NIC's together will replace the functionality of the Interjet. Then you can run any anti-virus software on that system. There is a "Mailscan" optional component, and it also has a neat feature that automatically strips attachments and saves them in a specified network drive (can be seperate for each user)

These programs are fairly cheap, but if you have 50 or more users, you can save money by continuing to use the Interjet, and using this system as a mail forwarder/scanner. Then you only need to buy the minimum user MDaemon since you won't be needing the mailboxes.

Winroute Pro is $700 for 50 or more users, but you can get the minimum (3 user Winroute Lite, $79) and use a hardware NAT device such as the SMC Barricade ($99) to extend the number of users to 253. NAT can be cascaded! I will provide details on how to do this if you need.

It is assumed your connection has a single static IP address. If you have more than one legal IP address (such as a "subnet 8"/5 usable) then you can use a hardware NAT device by itself, without Winroute, since one legal IP can be assigned to it, and one to the mail system.

Mike

0
 

Author Comment

by:Botch
ID: 6223730
Thanks for the comments.  I won't be able to give the points for another week or so as I'm still researching the suggestions as well as doing my normal work.  It will definitely be answered in 2 weeks.
regards Botch
0
 

Author Comment

by:Botch
ID: 6269587
Hi all
I am making an attempt at setting up norton anti virus this week so sorry for keeping you all waiting (I know everybody hates questions posted for too long).  As far as I can see from the manuals enclosed you can specify the IP address of your mail server in the configuration of the anti-virus and all e-mails will be passed through the norton anti virus before they go to the mail server to be passed around the company.  It is a complete solution Symatec Antivirus sol so I will give it a go this week.  I'll keep every 1 informed and close this question next week.  By all means send more comments
regards
Botch.
0
 

Author Comment

by:Botch
ID: 6311822
Hi all
Thanks for your patience.  It took me so long between doing other jobs and doing some research.  In the end the norton anti-virus package helped me to set up the system.  I put norton antivirus for servers on the companys servers and made 1 of them the primary server where all administration work is carried out for the whole antivirus setup.  Each destop has a copy of norton on it also and allows the admin to scedule scans & virus updates on the primary server for all network computers.  This as dcgames said looks at the mail going to the individual computers for viruses as in the second option.  I could have rerouted all incoming mail to my primary server (I think) before it went to the interjet to go to individual computers using norton for gateways but the other way was easier. Hope I explained what I did in the end.

Thanks everybody for their help
regards
Botch
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

What’s a web proxy server? A proxy server is a server that goes between clients and web servers, used in corporate to enforce corporate browsing policy and ensure security. Proxy servers are commonly used in three modes. A)    Forward proxy …
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now