This flow of data greatly increases the need to protect your company from potential threats that can arrive via external sources, or depart from it's own internal computer systems. These threats usually lurk within email messages or Web data.
Traditionally, firewalls are employed to restrict access to your network, by blocking users and applications types, for example, Telnet, FTP and NFS. However, controlling user access through firewalls does not protect your company from the content based threats that are buried in email or Web data.
MIMEsweeper has been developed with these content based threats in mind.
MIMEsweeper offers a centrally managed content security solution which complements your companies existing security policies. It can be configured in any number of ways, to suit the varying security requirements of each and every company, and delivers content security where and when it is needed most.
MIMEsweeper runs under Windows NT, on a dedicated host machine2 or a firewall. It comprises two modules:
MAILsweeper works by acting as a transparent store placed in the path of incoming and outgoing messages. It is usually positioned in the path of SMTP traffic, between two cc:Mail post offices, between two GroupWise domains or on the same machine as the Notes server or Exchange server.
MAILsweeper checks the underlying mail system at pre-determined intervals, to determine if there are any messages awaiting processing. Each message awaiting processing is extracted from the store by MAILsweeper, which then disassembles, validates and finally disposes of the message, according to configured rules.
MAILsweeper can be configured to suit the mail environment in which it is operating. For example, MAILsweeper for SMTP can sit on either side of a firewall. MAILsweeper for cc:Mail can act as a standard or a hub router. MAILsweeper for GroupWise can operate in a primary to primary or a primary to secondary domain environment.
![]() |
For Lotus Notes and Exchange, MAILsweeper can only be deployed on the server. |
Any Web browser on your network that is capable of receiving Internet traffic is also capable of receiving threats, for example:
Implementing a corporate wide security policy would involve enabling and maintaining security options on every Web browser, as well as virus scanning every single download.
With WEBsweeper deployed, all Web browsers on the network are configured to have all their requests sent via the WEBsweeper host. This means that security is implemented in a single place rather than at every Web browser. The WEBsweeper host can be administered and maintained securely by your system administrator.
Whenever a user requests a resource, the request is first forwarded to WEBsweeper. WEBsweeper searches its cache for the resource and if successful the cached data is downloaded. If not the proxy server sends a request to the origin Web server and the data is returned.
WEBsweeper checks the data and depending on the results, it is either downloaded or a user configurable message is sent to the Web browser as a replacement, to indicate a problem.
If the data is downloaded a copy is also cached for a period of time. Where there is a problem, the data is discarded and the replacement message is cached instead. This means that subsequent requests for the same URL within that time will result in the data or the replacement message being downloaded from the cache. The same URL will not have to be retrieved and checked again.
1 A zoo is a collection of viruses.
2 Such as an INTEL 486, or a Pentium processor for high throughput email environments.
msw.support@mimesweeper.comCopyright © 1998, Content Technologies Limited. All rights reserved.