They found that malicious web pages come about for four main reasons:

1. Poor web-server security
2. User-contributed content (blogs, MySpace, etc.)
3. Advertising (banner ad space sold to unscrupulous third parties)
4. Third-party "widgets" (little browser-based programs)

It’s a very academic (that is, dry and boring) read, but interesting non the less.

Google PDF on Web Viruses

You accidentally go to the wrong web site and before we know it, ads start popping up by themselves. Your computer feels glacially slow. You search the web for a utility that might fix it, but it only made it worse. And somehow your anti-virus software let all this happen.

"Drive-by downloads" exploit weaknesses in your browser or sometimes in your good intentions. They may be installing ad-ware, viruses, keystroke loggers, or god knows what else. They make your computer slow and annoying, and they might be doing some very dangerous things without you knowing.

Win the virus war before it’s fought on your PC.

The new method for attacking PC’s is shifting from e-mail based threats to include web based threats. We have a filtering system that catches these attacks before they have a chance to crack your PC. When you ask for a web page, it’s fetched and scrubbed by the filter. If there’s a problem found, that page or download is blocked.

But we all ready have anti-virus on our PC’s. Shouldn’t that catch this sort of thing?

In our testing, we were surprised to find how poorly any one particular anti-virus program catches a set of current viruses and ad-ware. Very surprised! It was only when scanning with multiple anti-virus programs did we get decent detection rates. Having more than one anti-virus on your PC can be a recipe for disaster–they start fighting amongst themselves. But on the server, then can be configured to run in harmony, pooling their collective power to better protect you.

This must slow things down or cause some problems?

You’d be surprised. In our testing, there wasn’t a discernable difference, and we were testing with a total of 5 virus scanners running simultaneously. In many cases, there is actually a speed up from page caching. Once a web page has been fetched and scrubbed, it’s kept locally. If it’s requested again and it the orginal hasn’t changed, the page can be served from the local cache instead of going back through the internet. Your browser does this all the time, but now you have a smarter cache courtesy of all the other web requests from your office.

Do the end users have to do anything different?

That’s the best part. From an end user perspective, nothing will change. Occasionally they’ll get a notice saying the page they requested was blocked. They just surf along as usual while the system silently protects them.

Protection this thorough must be expensive?

Web virus protection is surprisingly affordable, especially compared with the costs of dealing with a compromised PC. The exact costs vary depending on the number of users and the number of virus scanners you’d like to rely on.

As an example: For a small office of about 10 clients, using just free anti-virus software, a system would start at $1,500 installed. Adding two commercial virus scanners to the mix would add around $500, depending on which products you choose. Commercial virus packages also have to be renewed on a yearly basis.

I’d like to know more!

Give us a call or send us an e-mail and we’ll stop by your office for a free consultation. We’ll go over the details of your office network, decide on an optimal configuration to fit your needs, and give you a more precise cost estimate.