In addition to having virus protection software on each computer, it is also advisable to block viruses and other undesirable downloads before they reach the target PCs.

Having antivirus at the PC level provides a good level of protection; it is a purely reactive measure. As all incoming data has to pass through the network gateway (usually a firewall) antivirus at this level allows for a more proactive approach. For example, if all users started to receive large number of e-mails with the same attachment (as would be the case during an e-mail virus outbreak, the gateway could look at this pattern and block the receipt of all these mails. The desktop antivirus would be able to strip and clean the individual messages on each PC, but this would lead to either the PC becoming unresponsive or at least the loss of use of the mail system until the outbreak ceased.

There are two main methods for protecting your network at the gateway level.

The first is to use a firewall that includes antivirus filtering. This stops viruses before they reach your network, and also allows you to control what users can and can not download when browsing the internet. Click here for details on the Fortigate range of firewalls which we recommend for this purpose.

The second is to use a filter for your e-mail system. Most Trojans, viruses and other malware programs enter the network via e-mail. For this reason, it we recommended that our clients use the Mail Frontier package to add comprehensive filtering, including the filtering of Spam e-mails to their other antivirus protection. For more details on this product, click here.