Latest Release of Antigen Products Provide E-mail Users with Increased Protection from Viruses, Spam and Other Security Threats
Microsoft Corp. of late announced the release of Microsoft Antigen e-mail security products — including Antigen for Exchange, Antigen for SMTP Gateways, Antigen Spam Manager and Antigen Enterprise Manager – available to customers July 1, 2006.
Microsoft said the new Antigen-branded products, all of which will be available via volume licensing. Four of the five can be downloaded in 90-day free trial versions from Microsoft’s Web site.
This milestone marks the first Microsoft-branded release of the enterprise anti-virus and anti-spam products acquired in the 2005 acquisition of Sybari Software Inc.
We are releasing a comprehensive set of Microsoft-branded products that have an unprecedented degree of integration with the Exchange environment, boasted Steve Brown, the director of product management in the company’s security, access, and solutions group.
Microsoft has added a number of features to Antigen, including a new Web-based management console, new clustering capabilities, and a new malware-detection engine, based on technology that Microsoft uses in the Windows Malicious Software Removal Tool.
This is an engine that we have been working on for several years, said Joe Licari, director of product management for Antigen, adding that Antigen is the "first business product that has the Microsoft [malware detection] engine in it."
Natalie Lambert, an analyst at Forrester Research, said she expects the Antigen product line will be popular among enterprise customers. Using multiple scanning engines, Lambert said, will help customers feel confident that they are protected.
Perhaps the most notable feature of the software — which comes in several flavors, is that it uses multiple virus-scanning engines.
Three renamed and reworked products — Antigen for Exchange, Antigen for SMTP Gateways, and Antigen Spam Manager — rely on multiple scanning engines from Ahnlab, Authentium, Computer Associates, Kaspersky Labs, MailFilters, Norman Data Defense Systems, Sophos, and VirusBuster to sniff out malware and/or spam either at the perimeter edge (Antigen for SMTP Gateways) or inside the network at the Exchange server itself (Antigen for Exchange, Antigen Spam Manager).
A three-pack, dubbed Antigen Messaging Security Suite, includes all the components.
Customers are faced with the challenge of providing the best possible protection for their e-mail users and maintaining the availability, uptime and performance of this mission-critical application, said Ted Kummert, corporate vice president of the Security, Access and Solutions Division at Microsoft. "Antigen’s unique multiengine solution integrates seamlessly with Microsoft Exchange Server to provide customers with the benefits of layered protection, while minimizing cost, complexity and impact on performance."
These new products have completed the Security Development Lifecycle process. Other new feature additions include enhanced signature updates and quarantine management for improved security and log file management, and cluster support for easier administration.
Microsoft will also debut the Antigen Enterprise Manager, a central console to control and report on the Antigen-branded defenses — but not third-party products — and will give away an add-on to Microsoft Operations Manager (MOM) 2005 that monitors the products as well as notifies administrators and alerts users of malware and spam activity.
Licari ticked off the new and improved features of the scanning components, suite, and console. Among them: support for server clusters, digitally-signed signature updates that have been vetted by Microsoft which pulls them from the various scan engine providers, and stored configuration and update data for rapid restart when a server goes down.
Server-based security for e-mail and collaborative applications is an important component of a multilayer security model and critical for protecting internal resources and providing threat containment, said Brian Burke, research analyst at IDC. "Antigen’s proven strength in providing layered, anti-malware protection for e-mail servers addresses the most important customer concern around e-mail security: preserving uptime and availability of Exchange servers. By managing multiple engines, Antigen eliminates daily downtime during updates and provides customers with the opportunity to lower overall risk."
On the clustering side, Antigen has been changed so that the software’s signature files are automatically up to date in the event of a server failure. "This ensures that customers who are running Exchange on Windows Cluster servers get the same protection and availability when Exchange fails over from one server to another," Licari said.
Enterprise Masterstroke
Microsoft Antigen e-mail security products have already proven to be highly effective in helping customers such as global technology consultants Perot Systems achieve outstanding results in trial implementations. Perot processes nearly 15.5 million e-mail messages per month across its entire production environment, as much as 77 percent of which is spam or malicious in nature.
Using Microsoft Antigen, Perot has been able to capture and eliminate nearly all of that unwanted e-mail traffic. Perot has also deployed Antigen in customer environments worldwide, and has benefited from Antigen’s support for multiple scan engines, ease of deployment, rapid signature updates, and centralized, efficient management, significantly upgrading the company’s ability to regulate network traffic for itself and its customers.
Analysts are saying that the Sybari purchase and updated Antigen line are masterstrokes for Microsoft as it barrels into the security market.
With Antigen, we have a solution that delivers signatures from industry-leading anti-virus labs around the world with a single product that offers complete virus signature coverage, said Don Westurn, senior Microsoft Exchange engineer at Perot Systems. "We have deployed Antigen on many servers in different kinds of environments, and it continues to impress us. In every instance, we have had great results; Antigen has been robust, reliable and easy to deploy."
Laura Koetzle, an analyst at Forrester Research, said that the software provides businesses with the "best overall integration" with the Microsoft product line it is designed to protect.
"They now have hosted security service, e-mail security, client security, active directory, and associated identity-management components and secure remote access," Koetzle said.
With the launch last week of the consumer-oriented Windows Live OneCare software, bringing out security products for businesses was a logical next step for Microsoft, she noted.
The following products were announced:
- Antigen for Exchange provides anti-virus and content filtering for Exchange Server 2003 and 2000, stopping threats that get past perimeter defenses while simultaneously containing internal incidents.
- Antigen for SMTP Gateways provides anti-virus and content filtering for Windows Server(TM) 2003 and Windows Server 2000 Server SMTP Gateways, stopping threats before they reach internal messaging resources and users.
- Antigen Spam Manager provides anti-spam and content filtering for Windows(R)-based SMTP and Exchange servers, stopping spam before it can affect user and network productivity
- Antigen Enterprise Manager provides centralized management for Antigen- protected servers, improving IT administrators’ visibility into and control of e-mail server security.
- Antigen Messaging Security Suite provides comprehensive anti-virus, anti-spam and content filtering for Exchange Server 2003 and Exchange 2000 Server e-mail servers and SMTP gateways (includes Antigen for Exchange, Antigen for SMTP Gateways and Antigen Spam Manager).
- Antigen Management Pack for Microsoft Operations Manager 2005. Provides critical events and alerts on virus, worm and spam activity to Microsoft Operations Manager 2005 from Antigen for Exchange Server 2003, Antigen for SMTP Gateways, and Antigen Spam Manager, and monitors the health and availability of these products.
Microsoft’s also tossing its own anti-virus scanning engine into the mix. "Microsoft’s engine is based on GeCAD technology," said Licari. Romania-based GeCAD, which was bought in 2003, also provided the core of Microsoft’s OneCare anti-virus protection. "This is the first time that we have used GeCAD in a corporate environment."
Predicted Popularity
This is a differentiator for Microsoft, as the other e-mail-security vendors only offer their own antivirus engine, said Lambert. "More importantly, Microsoft will be able to enter the e-mail security market even with businesses that do not trust Microsoft … because Antigen has this multiple-engine strategy and companies can bypass the Microsoft engine if they wish."
Andrew Jaquith, a Yankee Group analyst, offered a similar take, calling the use of multiple antivirus engines a smart strategy. "Incumbent antivirus vendors are likely to bristle at the idea that their products are merely just ‘blades’ to snap into Antigen, because it reduces their engines to commodity status," he said.
Availability and Pricing
A free three-month trial license for Antigen e-mail security products is available online at: http://www.microsoft.com/antigen/downloads/trial-software.mspx. All Antigen products will be available through Microsoft Volume Licensing and the Microsoft industry partner channel on July 1, 2006. This includes Antigen for SharePoint and Antigen for Instant Messaging, which will remain Sybari-branded products until the next versions, which are targeted for release in the first half of 2007. More information can be found at http://www.microsoft.com/antigen.
"For companies with fewer than 250 users, the Suite will be priced at $14.50 per user per year," Brown said. "And the Enterprise Manager will be priced at $98 per server."
Brown, who touted pricing as "very competitive," said that the Antigen line would be sold on a subscription basis in the industry’s usual per-user-per-year fashion, not as a Client Access License (CAL) to Exchange.