Eliminating Viruses in the Lotus Notes Environment

burgerraraSoftware and s/w Development

Nov 18, 2013 (3 years and 9 months ago)

221 views




Product Paper







Eliminating Viruses in the

Lotus
®

Notes Environment

................................
................................
................................
................................
................

....



your

Internet VirusWall
®







Trend Micro, Inc

10101 N. De Anza Blvd., Suite 400

Cupertino, CA 95014


Phone: 1
-
800
-
228
-
5651 / 408
-
257
-
1500

Fax: 408
-
257
-
2003

Web:
www.antivirus.com



© Copyright 1999 by Trend Micro, Inc. All rights reserved.

ScanMail® is a registered trademark of Trend Micro, Inc.


2

Abstract


Electronic mail and groupware systems, like the popular Lotus® Notes / Domi
no or Microsoft® Exchange
packages, require specialized antivirus software. It must prevent viruses (or other malicious code through
web content) from spreading or entering through the email attachments, executables and data files routinely
accessed or sha
red through these systems’ internal databases. The proprietary formats of these databases not
only ensure the security of the information they process, send and receive


but also defy traditional
antivirus software scanning.


Email/groupware formats rende
r traditional virus protection ineffective because they lack the standard
format and input/output activity queues of generic file storage that normally triggers scanning

of information when needed. Traditional antivirus software bypasses scanning, or is u
nable to scan, the

email attachments and information shared within these systems. Network administrators without specific

email/groupware virus protection rely on desktop protection to combat viruses in these environments.


Unfortunately, desktop antivi
rus software is not sufficient to protect against infected email attachments
because desktop scanning works only on the local copies of attachments that users save to their hard drives
when they open them. This leaves originally transmitted file attachment
s, along with any viruses they carry,
at the Lotus Domino server where users may forward them


spreading viruses. Since email file
attachments are today the single most common way that viruses spread
1
, effective email/groupware virus
protection must addre
ss this primary threat in addition to preventing viruses spreading through information
-
sharing. Snaring viruses at the server
-
level, before they are centrally duplicated and distributed to desktop
and mobile client computers (where they must be individuall
y removed), is the only efficient way to
effectively control them.


Email/groupware server
-
level virus protection is preferred to desktop
-
only protection for several reasons:




Effectiveness:
Email packages retain original attachments at the email server,

while delivering
copies of attachments to users


where desktop client antivirus software scans and cleans them.
However, without email server virus protection, attachments remain infected on the server and spread
to other client computers when users forw
ard original infected email.



Costs:

Virus infection clean
-
up costs are greatly reduced when detected at the server
-
level before they
proliferate to multiple client machines.



Management
:

It is easier to manage and configure virus protection software cent
rally at the server
rather than at multiple, potentially thousands, of desktops.



Security:

The virus breach point at the email/groupware server is closed


preventing virus
propagation and transferring responsibility for updating antivirus software, removi
ng viruses and
tracking the sources of infections from inexperienced users to the professional network administrator.



Performance:

The LAN administrator is empowered to balance issues of performance

(selecting when and what to scan) with overall network s
ecurity.


Antivirus software for the Notes environment

Trend Micro was the first company to recognize the need for, and with its April 1996 introduction of
ScanMail® for Lotus cc:Mail, became the first to develop and ship, virus protection for proprietary
email
environments. In May 1997, Trend introduced ScanMail® for Lotus Notes


the first program to operate
natively under Notes’ proprietary communications environment to provide complete virus protection.
ScanMail for Lotus Notes detects infected files, e
liminates viruses in real
-
time as they pass through Notes
servers, and scans information archived in Notes servers.


This paper outlines the Lotus Notes / Domino architecture and its vulnerability to viruses and other
malicious code, reviews how Trend Sca
nMail works with Domino servers to prevent malicious code
attacks, and compares traditional file server and desktop/mobile client virus protection with that required
within the Notes environment. The paper describes ScanMail’s support for the latest Releas
e 5 (R5)

3

Domino server and Notes client software as well as ScanMail’s unmatched broad support of Domino
servers running on S390, AS400, NT, Solaris, AIX and OS/2 operating systems.


4

Table of Contents


A
BSTRACT

................................
................................
................................
...............................

2

A
BOUT
L
OTUS
®

N
OT
ES AND
D
OMINO

................................
................................
...........................

4

Viruses and the Notes server

................................
................................
................................
...................

4

Virus infection backgrounder

................................
................................
................................
............

4

Virus proliferation through shared information and electronic mail
................................
.................

5

Macro viruses

................................
................................
................................
................................
....

5

How viruses spread within Lotus Notes/Domino

................................
................................
..............

5

Viruses and other malicious code protection i
n Lotus Notes/Domino

................................
.....................

6

S
CAN
M
AIL
®

FOR
L
OTUS
®

N
OTES

................................
................................
................................
.

7

ScanMail is native to Notes


for easy central deployment and maintenance

................................
........

7

Email protection:

................................
................................
................................
...............................

8

ScanMail Screen Shots

................................
................................
................................
......................

9

Database Protection:

................................
................................
................................
........................

10

Replication Protection:

................................
................................
................................
....................

10

Domino Server Protection:

................................
................................
................................
..............

10


A
PP
ENDIX
,

I
MPLEMENTING VIRUS PR
OTECTION THROUGHOUT
AND ENTERPRISE

..................

11

Trend Enterprise solution stops viruses at all network entry points

................................
.......................

11


R
EFERENCES
………..


................................
................................
................................
..................

12

S
YSTEM
R
EQUIREMENTS
………..


................................
................................
..............................

12

F
OR
M
ORE
I
NFORMATION
................................
................................
................................
............

13

A
BOUT
T
REND
M
ICRO

................................
................................
................................
..................

13


5

About Lotus
®

Notes a
nd Domino


Today almost 29 million users worldwide in thousands of companies use Lotus® Notes, the world's leading
messaging and groupware product. Notes’ powerful database, a complex object store, combines an email
and information sharing system that enab
les employees, customers, suppliers and business partners access
to the information they need regardless of their location or computer platform.



Lotus Notes’ four components provide:




Email messages with attachments



Database applications

(shared space
s to store all types of files or business process applications)



Replication (i.e., synchronizing database changes)



Information sharing across intranets and the Internet


These powerful Notes information dissemination components break down traditional barri
ers to create
alliances extending across departments and beyond the boundaries of organizations. While these
components make information and document sharing easy and efficient, they are unfortunately equally
effective paths for computer viruses and other
malicious code to spread (see Figure 1).



Figure 1. In a Lotus Notes environment, clients can send or receive email, and retrieve or modify
documents from a public database. Lotus Notes also synchronizes databases at multiple locations.



Viruses and
the Lotus Notes server




Virus

infection backgrounder





All messaging systems, including Lotus Notes, are vulnerable to virus infections. In preparation for
describing how viruses specifically affect Lotus Notes / Domino servers, the backgrounder that f
ollows
offers an explanation on how computer viruses threaten organizations’ data.


Computer viruses are malicious programs that attach themselves to legitimate computer programs and some
kinds of data files, particularly macro
-
enabled files. Viruses spre
ad from computer to computer when
infected legitimate programs or data files are shared via email attachments, server replication, Internet
downloads or any other way files are shared


such as through a floppy disk. Viruses often carry
“payloads”


undesi
rable actions generated by viruses. They can be relatively harmless, like displaying a
irreverent message on a user’s screen, or be so damaging as to wipe out all data on hard drives.




6

Computer viruses spread following the same electronic pathways used to

share information. Through
Domino servers, viruses spread along with the files users share through email attachments, or through the
files shared via common databases whose content is synchronized through the Domino replication process.
Today, email and I
nternet traffic are the greatest virus carriers. Only a few years ago, it took viruses weeks
or months to travel around the world. With the growth and popularity of Internet usage and high email
usage worldwide, it now takes only a few seconds for a virus
to travel across the world.


Lotus’ new R5 version opens the Notes / Domino architecture up considerably so it works seamlessly with
web technology and third party applications. For example, R5 interfaces better with Internet email and
better serves the co
nnectivity needs of Internet and intranet
-
based business collaboration applications.
Unfortunately, R5’s improved connectivity to a broader range of information exchange sources also
exposes the Lotus email/groupware system to additional potential virus in
fection and other malicious
code sources.



Virus proliferation through shared information and electronic mail

Since plain text data cannot carry the executable program code viruses need to copy and spread themselves,
the text messages of electronic mail
are, by themselves, unable to spread viruses. The virus danger from
email stems from attachments containing active executable program files with extensions such as: CLASS,
OCX, EXE, COM and DLL


and from macro
-
enabled data files. Microsoft Word and Exce
l data files
have been spreading macro viruses through this capability since 1995 and are today responsible for the
majority of all virus infections.



Macro viruses

The 1995 advent of macro programming for applications, like Microsoft Word and Excel, auto
mated
repetitive keystroke functions, but also created an effective new way for viruses to spread. Word and Excel
data files had previously been data
-
only files, like text
-
only email messages


unable to harbor viruses
because they did not include executab
le code.


Virus writers soon discovered that these applications’ macros could also be used to create viruses. At this
same time, the sharing of document and spreadsheet files via email became increasingly commonplace
between users both within and between
companies


creating the most effective virus carrier ever. Among
the factors contributing to the dominance of macro viruses is the VBA (Visual BASIC for Applications)
programming language that makes it as easy for users to create legitimate time
-
saving ma
cro commands as
it does for virus writers to create time
-
robbing macro viruses.


Today, macro viruses like Concept are the most prevalent computer viruses in the wild


accounting for
the vast majority of virus encounters in corporations
2
. Today’s widespr
ead sharing of macro

enabled files,
primarily through email attachments, is rapidly increasing along with the associated macro virus threat.


(Note: More information on macro viruses is available in Trend Micro’s white paper, “Trapping the
World’s Most P
revalent Viruses
2
.”)


How viruses spread within Lotus Notes / Domino

Computer viruses, programs or code that replicates themselves, are insidious. Without virus detection or
protection, users typically will not know that their systems are infected until t
hey see results of a virus
payload. This can range from an annoying, irreverent message being displayed on
-
screen to a catastrophic
reformatting of users’ hard drives that destroys all their data. Viruses spread through Lotus Notes’ four
information dissem
ination components


email, shared databases, replication and Internet/Intranet
information sharing.


7


The following outlines how malicious code spreads in the Notes environment:




Email:

Today's office worker receives receives an average of more than 40
email messages each day.
Many of these messages have Microsoft Word or Microsoft Excel data files attached, which often carry
macro viruses.




Shared databases:

The second mode of Lotus Notes virus transmission involves shared databases.
These databases
are capable of storing millions of data file archives that are accessible throughout the
Lotus Notes / Domino network. The widespread virus problem makes it likely that such broad access to
Notes databases will infect users machines which access infected f
iles within these databases.




Notes replication:

Replication, which updates changes to local databases to all other databases, is
the third way that viruses can propagate throughout a Lotus Notes / Domino network. By synchronizing
databases at different lo
cations, replication can simultaneously spread to all Domino servers any virus
residing in data file in any database.




Internet and intranet transfers:

A fourth mode of virus infection and propagation now faces Lotus
Notes users. The Lotus Notes' Domino s
erver makes information sharing across Intranets and the
Internet easy, opening up entire new worlds of data to the Notes user. For example, browsing the
World Wide Web or their company's Intranet, a user can save information found in open databases that
anyone can access. This powerful way of storing and later retrieving valuable information can lead to
the infection of user’s machines. For example, macro viruses can spread through files downloaded from
the web via FTP or direct web page access. Since Dom
ino servers are increasingly being used to access
the Internet and intranets, web
-
based virus threats are a larger threat in the Notes environment.





Looking ahead to protect against malicious mobile code
:

As mobile code becomes more
prevalent on the Internet, users accessing this code through the Notes environment can become
susceptible to attack from malicious mobile code. Mobile code, such as ActiveX controls and Java
applets, are small executable programs on web pages downloaded to

users’ machines that add
interactivity and functionality to those web pages. Mobile code, for example, enables interactive
business applications such as web commerce or inventory management applications from pages.



Unfortunately, mobile code technology

can also be used for malicious purposes. For instance,
malicious mobile code can, through simple web
-
page browsing, potentially command a re
-
format of a
user’s hard disk or surreptitiously copy and transmit users’ computer information out over the Interne
t
to competitors or corporate spies.



Virus and other malicious code protection in Lotus Notes/Domino

The corporate
-
wide approach of monitoring all possible virus infection paths in the network
(See Appendix ) should be extended to th
e Lotus Notes and Domino email/groupware infrastructure. The
challenge is to pinpoint and protect all possible entry points for virus
-
infected files or other malicious code
within each of the network’s Lotus Notes databases.



An effective antivirus produ
ct for the Lotus Notes/Domino environment must be able to monitor all Notes
functions in real
-
time. It must scan all new entries into the databases, and clean or delete any infected files
or inbound malicious code


and do so with a minimal performance imp
act on the Domino server.


Traditional antivirus products view the Notes database as a single large file, making them unable to locate
viruses within the database. Effectively eradicating viruses in the Notes environment requires development
of antivirus
software specifically tailored to Lotus Notes and Domino. The virus scanner must understand
the Notes database format, scan individual files and documents within the database, and clean or remove
infected files without impacting the Notes database structu
re.


8

ScanMail
®

for Lotus
®

Notes

ScanMail
®

for Lotus Notes from Trend Micro is designed specifically for and is native to the Lotus
Notes/Domino architecture. ScanMail overcomes traditional antivirus software weakness by detecting and
eliminating viruses ins
ide Notes databases. It simultaneously monitors, in real
-
time, the perimeter of the
Domino server to prevent malicious code from infiltrating or spreading through email transactions, common
databases, the replication process or web access.


ScanMail’s enha
nced multi
-
threading virus engine uses both rules
-
based and pattern recognition
technologies to maximize protection against viruses, both known or unknown. Its fast scanning performance
and superb scalability across the enterprise is unmatched in the indus
try. ScanMail incorporates Trend
Micro's MacroTrap™ technology to detect the wide range of macro viruses still proliferating. The ScanMail
engine also prevents the infiltration of other malicious code types by detecting and eliminating known
malicious mobi
le HTML, VB Script, JavaScript, ActiveX and Java applet code from entering the Notes
environment.


Other excellent ScanMail feature benefits:




Smart and Incremental Scanning



Smart Scan scans only once any email that is copied out to
multiple servers wit
hin administrator’s set Notes “trusted domain(s).” Incremental scanning means that
only documents or other files that have been changed since they were originally scanned will be
scanned again. ScanMail has also been enhanced to handle today’s common SMTP

Internet email
exchanges more efficiently. SMTP email scanning now only happens after the email has arrived at the
local Domino server (after non
-
scanned hops through other Domino servers) where a copy will be
distributed to the end user. All these featur
es help minimize ScanMail’s low scanning overhead.




New Notes Client Scanning


A real
-
time scanner for Notes clients that runs continouosly in
memory to enable ScanMail to scan encrypted Notes email. The Notes client scanner is deployed,
configured and ma
naged from the server. It also remains functional when the client user is disconnected
from the network, to provide mobile users protection on the road.




Notes Email Health Check Report



Provides administrators a report on the number of in
-

and
outbound e
mail, so they can see the impact on different ScanMail policy settings, which can be
specified for separate user groups. While also providing a tool for the overall Notes/Domino email
throughput, this feature allows administrators to monitor bandwidth usag
e by individual or user group


allowing appropriate resources, policies and scan policies to be put in place.




Notes Script Scanning



ScanMail also protects against Notes button bombs and hot spots, a long
-
looming threat within the Lotus Notes environmen
t.



ScanMail is native to Notes


for easy central deployment and maintenance

The ScanMail for Lotus Notes network administrator interface is fully integrated with Lotus Notes/Domino.
Similarly, all ScanMail program files, configuration data and virus pa
ttern files are stored within the Notes
database. This close integration provides several advantages. Since under ScanMail, real
-
time scans are a
Domino server task, they are loaded automatically when the Domino server starts up.


Another benefit of suc
h tight Notes integration is that ScanMail deployment and maintenance can be
centrally administered through the ScanMail interface and the Notes replication process. All ScanMail
program files, configuration data and pattern files can be initially replicat
ed from Domino server to Domino
server to deploy the product. All automatic virus pattern file updates can then be downloaded from the
Internet and likewise distributed to all Domino servers with no administrator intervention required (fully
distributed ma
nual updates are also an option).


9

Email Protection:

In Notes Mail, each piece of mail is first placed in a Notes Mail router, which stores the mail in a virtual
mail queue. The Notes Mail scheduler reads the mail from the queue, resolves the address and
generates a
copy of the mail for each recipient. This scheduler then either deposits a copy of the mail into the
recipient's individual mailbox on the same server, or sends it to a router program on another server.


ScanMail for Lotus Notes ties into the
mail router, detects new mail as it arrives, instructs the virus scanner
to scan the mail queue, and prepares the mail for pickup by the mail scheduler. This approach has several
advantages over alternative methods. First, since the mail is received by t
he router and then scanned, mail
sending is not delayed. Alternative approaches retrieve each piece of mail before it reaches the router,
introducing a delay prior to routing.


A second advantage also involves the timing of the virus scan. Since this sca
nning takes place before the
mail is accessed by the scheduler, only one copy of the mail is scanned. This method conserves scanning
resources and prevents infected mail from being routed to other servers before scanning. An alternative
approach employin
g an agent to monitor each mailbox often requires scanning of multiple copies of the
mail and allows infected mail to be routed to other servers. While Trend Micro's approach is two
-
way,
scanning both in
-
bound and out
-
bound message attachments, the altern
ative approach is solely a one
-
way
scan.


The third benefit of Trend Micro's approach is that the mail routing path remains unchanged. No special
mail path or mailbox is used, increasing performance and eliminating false deliveries that are possible in
al
ternative approaches.


Effective real
-
time mail scanning must also include logging, notification, and alerting functions to enable
administrators to trace the source of infected files and isolate infection sites. In ScanMail for Lotus Notes,
these functio
ns include




Notification of the mail sender, recipient, and administrator via a warning Notes Mail that includes the
following information (see Figure 2, next page):




Infected file name



Date of sent message



Mail sender



Mail recipients



Virus name (if known)



ScanMail action taken




Insertion of a warning on the subject line and message to the recipient that a virus was detected in an
attachment and that the attachment was removed from the message




Automatic actions taken on the infected file (e.g., clean file
and send to original recipient, delete file,
move file into quarantine area, or pass file with a warning), according to the administrator's
configuration instructions.




An efficient mail
-
scanning system for Lotus Notes and Domino must also accommodate a va
riety of
attachment encoding and compression methods. ScanMail decodes attachments encoded using MIME
and UUencode formats and locates viruses hidden in files compressed using PKZIP, ZIP2EXE,
LZEXE, ARJ, LZH, PKLITE, and Microsoft Compress. ScanMail can
even check files using multiple
levels of compression (e.g., a ZIP2EXE file that has also been LZEXE and ARJ compressed). These
features are important as various forms of file compression are increasingly used.



10

Figure 2. ScanMail for Lotus Notes
provides a simple, effective graphic
interface for network administrators
to set s
canning policy by user, or by
user groups. Instruct ScanMail what
to do upon finding viruses along
with how and who to inform when
viruses are dealt with.



This central administration also
applies to malicious code protection
(Java applets and ActiveX, e
tc).
ScanMail also provides email
activity logs that allow
administrators to gauge the
throughput of their Domino servers.



11

Database Protection:

ScanMail for Lo
tus Notes features two types of protection for data stored in
Notes databases: 1) "On
-
demand" (manually activated, or pre
-
scheduled) scans for archived data such as
email or old databases, and real
-
time scanning of documents as they are saved to Notes dat
abases.


On
-
demand scans, which can also be scheduled to occur automatically, are able to penetrate the special
Notes database format and examine all files that are part of the database. Only in this way can the Notes
administrator be sure that the datab
ase is initially "clean," preventing re
-
infection each time an infected
document is accessed.


Real
-
time scans are the heart of ScanMail for Lotus Notes database protection. On the Domino server,
clients can open a document from the shared database, modif
y it (possibly infecting it with a virus), and
return it to the shared database. Whenever a client saves a document in this database, ScanMail for Lotus
Notes scans the document for viruses just before it is closed, preventing the spread of any virus pres
ent on
the document. And this action is imperceptible to the user. Once the document has been found to be virus
-
free (or if found to have a virus, once cleaned, quarantined, deleted, or ignored), clients are allowed to
access the file.



Replication Prot
ection:

In Lotus Domino, when replication begins, the replicator opens the database,
updates an entry (i.e., document), closes the entry, updates the next entry, closes that entry, and so on.
Whenever a database entry is updated, the real
-
time replicatio
n scan in ScanMail for Lotus Notes scans that
document for viruses just before it closes. If a virus is detected in the entry, replication of that entry is
blocked. But during this scan, ScanMail allows the task of replicating other entries to continue u
nabated.
Hence, even if a virus is identified during a scan, replication of clean entries continues, and there is no
degradation in replication performance. The result is replication of only clean entries. As during the
database scan, at the administrat
or's option, infected files can be deleted, moved, passed, or cleaned.


Compared to methods that require virus scanning to be completed before replication is continued, this
approach saves on costly dial
-
up telephone connections when replication involves r
emote servers. In fact,
alternative approaches can double or even triple telephone connection time and costs.



Domino Server Protection:

To protect Lotus Notes Domino Servers from viruses introduced via FTP
downloading from the Internet, Trend Micro'
s ScanMail for Lotus Notes scans each downloaded file. Soon,
Trend will extend Domino Server protection to include unwanted Java applets and uncertified ActiveX
controls. Trend Micro was one of the first to provide server
-
based security solutions for bot
h ActiveX and
Java components. The technology the company uses selectively filters ActiveX code from unknown
sources, while letting known vendor code to pass through. The filter blocks Java applets, uncertified
ActiveX controls, FTP
-

and HTTP
-
borne virus
es, CABinet, and Win 32 portable executables.















12

Appendix



Implementing virus protection throughout an enterprise


To provide complete virus protection across entire enterprise network environments, Trend Micro offers
products to protect each
potential virus entry point in the network. The diagram below shows where
organizations should install Trend’s product family.









Figure 6. Trend products working together to cover all enterprise virus ent
ry points.



The Trend Enterprise Solution stops viruses at all network entry points



Only when network administrators

have secured all the virus entry points mentioned below can they be
assured that their enterprise networks are fully protected against v
irus outbreaks.


Internet Gateway Servers:

On Unix
-

and Windows NT
-
based Internet gateway servers, Trend InterScan® VirusWall®
scans SMTP, HTTP and FTP traffic to eliminate viruses attempting gateway entry into the enterprise.



Email/groupware Servers

In email/groupware environments, install Trend ScanMail® for Microsoft Exchange, Lotus Notes,
Lotus cc:Mail, Microsoft Mail or HP OpenMail systems as appropriate. ScanMail protects
email/groupw
are messaging systems by scanning email attachments and shared information.
By eliminating viruses in email/groupware servers, ScanMail prevents these systems from
inadvertently distributing viruses to workstations acro
ss or beyond the enterprise.

InterScan VirusWall at the

Internet gateway scans three
Internet traffic types
.

ScanMail for Microsoft
Exchange

ServerProtect

OfficeScan
Corporate Edition



Trend VCS console for centralized virus
control

operates anywhere on this size of the firewall

or remotely through secure Internet access


13



File/Application Servers

At the file/application server, Trend ServerProtect™ for NT or NetWare keeps viruses from residing on
these general
-
purpose servers preventing them from distributing viruses to workstations.


Desktop/mobile client workstations

At desktop and mobile client

workstations, Trend OfficeScan™ Corporate Edition completes enterprise
virus protection by guarding against infected floppy disks, remote dial
-
up modem and other electronic
access that can allow viruses to bypass network virus protection.


Trend VCS centr
alizes complete enterprise virus control

Most of these Trend antivirus products for the enterprise are integrated into the Trend Virus Control
System™ (VCS)


a single
-
console, web
-
based remote or local management interface for network
administrators. Thro
ugh Trend VCS, network administrators can configure, update virus patterns,
monitor and receive virus alerts to control all aspects of Trend server
-
based virus protection throughout
the enterprise regardless of network complexity, server locat
ion or platform from a single panel.


Test drive the Trend Enterprise Solution

Trend developed the Virtual Lab as an effective, simple way to demonstrate the Trend Enterprise Solution
to viruses proliferating in distributed enterprise computing environment
s. The Lab’s numerous servers
simulate companies’ complex, multiple
-
platform computing environments allowing them to load
-
test
Trend’s complete line of antivirus software prior to installing it on their own critical file, email and Internet
servers for in
-
house tests. The power of Trend VCS to centrally manage Trend enterprise
antivirus applications across global networks can also be tested easily in the Virtual Lab at:

http://virtual
-
lab.antivirus.com.


Trend
Micro products may be easily downloaded from www.antivirus.com for a 30
-
day evaluation.




References


1). International Computer Security Association (ICSA, formerly National Computer Security

Association), “1998 Virus Prevalence Survey,” September, 19
98. Available on the web at:

http://www.icsa.net/services/consortia/antivirus/survey_request.shtml


2). Trend Micro, Inc., “Trapping the World’s Most Prevalent Viruses,”
September, 1998. Available on the
web at: http://www.antivirus.com/corporate/white/index.htm
-

Trapping




System Requirements


www.antivirus.com/products/smcc/index.htm


lists all the latest
systems requirements for the broad range of ScanMail for Exchange Platforms supported
including the:
S390, AS400, NT, Solaris, AIX and OS/2
operating systems.




For More Information


For more information on Trend Micro’s range of virus protection solution
s, contact:


14

Trend Micro, Incorporated

10101 North De Anza Blvd., 4
th

Floor

Cupertino, CA 95014

(800) 228
-
5651

Web: www.antivirus.com




About Trend Micro


Trend Micro provides centrally controlled server
-
based virus protection and content
-
filtering product
s and
services. By protecting information that flows through file servers, email servers and Internet gateways,
Trend Micro allows companies worldwide to stop viruses and other malicious code from a central point
before they ever reach the desktop.


Trend

Micro’s award
-
winning products have been chosen by Hewlett
-
Packard, IBM, ISS, Lotus Softswitch,
Microsoft, Netscape, Oracle, Sun Microsystems, Wingra and WorldTalk as a key part of their server
security solutions.


Trend Micro is publicly held in Japan w
ith North American headquarters in Cupertino, Calif., and offices
worldwide.


Evaluation copies of all of Trend Micro’s products may be downloaded from its award
-
winning site,
http://www.antivirus.com. Web site visitors may also test
-
drive products online

through Trend Micro’s
Virtual Lab. Recent Trend Micro awards:




1998

Trend Micro’s network, antivirus solution

OfficeScan Corporate Edition, ServerProtect and
Trend VCS
--

declared a “Test Center Hot Pick”, by
InfoWorld



1998

OfficeScan for Microsoft Small

Business Server: Recommended by
Computer Reseller
News
/Spring COMDEX Test Center



1998

ServerProtect: Five Palm Award, Beverly Hills Software



1998

ScanMail for Lotus Notes: Gold Editors’ Choice Security Award
, Lotus Notes and Domino
Advisor



1997

ScanMail f
or Lotus Notes 1.0: Best of Test Center Award,
InfoWorld



1997

HouseCall: Best of the Web,
HomePC



1997

InterScan Email VirusWall, Editors’ Choice for Internet Email Gateway Antivirus,
PC
Magazine




© Copyright 1999 by Trend Micro, Inc. All rights reserved
. ScanMail is a registered trademark of

Trend Micro, Inc.