Virginia Tech: Fighting Viruses on Campus
By William Dougherty
The use of e-mail has increased
dramatically over the last several years. It has become an essential form of
communication, surpassing even the telephone for many people. For faculty, staff,
and students, it has become the primary means of communicating. However, e-mail
has one weakness the telephone d'esn't—susceptibility to computer viruses.
Internet Infections
Viruses are the bane of university IT departments. Given the critical importance
of e-mail, it's absolutely crucial to protect it. Three main types of viruses
can be found online today:
File infectors generally attach themselves to program files, like .com or .exe
files. When the program is loaded, the virus is loaded as well. Other file infector
viruses infect computers as programs or scripts sent as an attachment to an
e-mail message.
System or boot-record infectors infect code in areas on a disk. They attach
to the DOS boot sector on diskettes or the Master Boot Record on hard disks.
When placed in a drive with the computer off, an infected disk will launch this
virus, which will proceed to damage your files.
Macro viruses are very common but not very dangerous. Macro viruses affect
Microsoft Word applications, adding new words and phrases to documents.
Securing Protection
So how do universities handle this dilemma? At Virginia Tech, our e-mail system
serves more than 70,000 users among faculty, staff, and students. Like many
universities, we based our major effort on virus protection available for users'
desktops. Unfortunately, we learned quickly that this was insufficient.
Over the past two years, a plague of new viruses has emerged on the Internet.
Viruses were getting into our system and spreading among users at an alarming
rate. By the spring semester of 2001, we were collecting 50,000 viruses a day
on our system. Our help desk was receiving 10 to 20 calls per day from frustrated
students and faculty. Some of these calls were taking up to 30 minutes or longer
to resolve. At the height of the problem, the help desk was tied up for 3 hours
a day on virus issues.
Messaging Needs
We realized we needed a better, more proactive security method, one that was
not solely dependent on users maintaining up-to-date files on their computers.
After surveying various possibilities, we decided on a system that has been
designed and optimized to specifically handle messaging—unlike other strictly
software or piecemeal solutions. Mirapoint Inc.'s platform is essentially a
messaging appliance—a specialized server with special software that can address
a variety of messaging needs.
Historically, customers have purchased separate hardware and storage components
along with general-purpose operating systems to address their messaging requirements.
This approach required costly integration of heterogeneous components to create
complete messaging services.
In contrast, Mirapoint's approach delivers purpose-built, integrated messaging
systems that help eliminate the complications associated with traditional deployment
of messaging services. With Mirapoint's purpose-built approach, we were able
to deploy services more rapidly than systems that require integration between
software, hardware, and other components.
We chose the Mirapoint Message Director because it sits in front of our e-mail
network and protects it from outside infection with a special anti-virus filter.
We did some testing and decided in less than two weeks that Mirapoint's product
would provide the security we required.
Single-Platform Approach
We implemented the new service in August 2001. The results were dramatic and
immediate. As fewer viruses got through to our e-mail system, fewer spread.
By January 2002, we were detecting less than 1,500 viruses per day, and our
help desk was spending less than 30 minutes per day on virus calls.
Virus protection needs to be transparent. The user should not be aware that
files are being scanned. The system should continue to operate at its usual
speed. It is also important that the virus protection is continuous without
interruption—a capability called "high availability." We discovered that only
a dedicated solution covered all of these bases. We still provide desktop anti-virus
software and encourage our users to load it as many of them go to other environments
during semester breaks and can bring back viruses on their laptops when they
return to campus.
Our new system has saved us hundreds of people-hours on help desk, while allowing
e-mail to flow at its normal rate and, in the long run, saving us money. Universities
have a diverse set of users, each with different needs. We've seen that a single-platform
approach is one that is the most flexible, easy to manage, and cost effective.
For more information contact William Dougherty, E Communications & Client
Tools/ Windows Administrative Services Team, Systems Engineering and Administration
Dept. at Virginia Tech, at [email protected].
