White Paper Abstract:
A s virus writers create increasingly sophisticated malicious code and find ever more effective methods to propagate, enterprises find themselves scrambling to keep their networks, servers, and end-user computers safe from new threats. Traditional anti-virus applications work by searching the contents of files and looking for a recognized pattern of data (a "signature") that is the virus program itself. However, virus writers have come up with various methods to escape detection by changing their programs, making it harder for virus scanners to recognize them as viruses. Today's viruses are either polymorphic or metamorphic and can actually change themselves as they propagate. The increasing sophistication of malicious code is therefore making pattern recognition technologies less and less effective. This decline in effective virus defense is taking a toll on businesses. The often long delay between the time when a virus attack is launched and when a signature is available can result in hundreds of thousands of infected messages being delivered to enterprise networks and communities of ISP users. Even when the end effects of the virus are minimal, such widespread infection results in major costs. Productivity is lost as employees try to understand what's wrong with their computers and seek help. Clearing computers of viral infections requires both manpower and other resources to aid in the clean-up. That translates into tens or even hundreds of thousands of dollars in desktop clean-up costs for each virus outbreak at each corporation. If there has been actual data destruction, the costs can be immense, possibly immeasurable.