A Commonly Overlooked Security Hole
The GroupWise message store is encrypted so it's safe, right? All of your office computers run anti-virus software so you're covered there, right?
What if I told you there was a way you could inject a virus into your GroupWise post office in spite of all your virus protection and firewalls?
Would you be concerned?
If your users use WebAccess, they have a direct, encrypted and secure path straight to your post office. Your perimeter security can't see what you're passing through this connection.
Ever worked on a document at home and send it as an attachment using WebAccess? What if your home computer has a virus.
No, that never happens, does it? All of our home computers are fully protected and not compromised by the latest Internet download?
Yeah, I thought so. You, me and the barefoot shoemaker. You can guarantee the security of your office computers because you spend most of your time on them. But you can't control one of your users logging in to WebAccess from that convenient workstation at the airport.
Do you see the security hole? If you send that message to someone outside of your organization, the only time the virus would be caught would be after it hits your post office, gets sent to the MTA, passed to GWIA and only after GWIA starts sending it.
Unless, of course, you use GWAVA, where it will be caught at the MTA. More about GWAVA later.
The only product that can protect your GroupWise system from WebAccess attachments is WASP. It examines attachments as they are passed through WebAccess and if they're infected or if they fail your other criteria (size, fingerprinting)... they're either deleted, overwritten or quarantined ... as you configure.
But what about viruses we don't know about that make their way into the system? See my article about post office scanning.
If you use WebAccess, you need WASP.
Here is how it works:
Wasp is an NLM that runs on the same NetWare server as your WebAccess. When you configure it, you will see scanning tasks that are familiar to GWAVA users.
WASP works in conjunction with your server based anti virus package in a manner similar to the way GWAVA does it. When a user uploads an attachment using WebAccess, it becomes accessible momentarily to WASP.
WASP then looks at the attachment and presents it to the anti virus scanner to see whether it's good or bad. If it's bad, you have the option of deleting it or overwriting the file contents with harmless data.
While WASP has the attachment for review, you can also test it for other things such as attachment size or fingerprinting it to see whether it's a prohibited type.
Generally, WASP is a set-it-and-forget-it type of system.
A short video on how to configure WASP will be available in another post.
Search
Syndicate
User login
Navigation
Who's online
Highest Users
| User | Points |
|---|
Poll
Active forum topics
Popular content
Recent blog posts
- Charles Taite thread on Stubbing in GroupWise - Content from the NGWList
- GWAVACon Success with GroupWise means it costs this year to attend
- Microsoft and GWAVA agree - Stubbing to be approached with caution
- Novell Client SP1 for Windows Vista
- Novell Client 4.91 SP5 for Windows
- What You Don't Have Can Hurt You.
- "iPhone: More Fun Than Phone"
- The Greatest Meeting Place for GroupWise Experts
- Too Wipe or not to Wipe? You don't want to get caught with your pants down!
- When Panic Sets in the Guilty Do Stupid Things
Recent comments
29 weeks 4 days ago
40 weeks 1 day ago
1 year 6 weeks ago
1 year 11 weeks ago
1 year 13 weeks ago
1 year 19 weeks ago
1 year 19 weeks ago
1 year 19 weeks ago
1 year 19 weeks ago
1 year 19 weeks ago