Prevention of malicious software in network services

Traditional anti-virus software intended for a workstation or file server has two basic modes, i.e. the static file review mode and the dynamic real time mode. The file review mode is useful for instance when checking if there are infected files on a diskette or the hard disc. The real time mode again prevents the infection of files, because the anti-virus software inspects the file to be opened before it is opened to the user. Anti-virus software can be adjusted to function in different ways in the situation where if finds an infected file. It can for instance clean the file or put it in quarantine.

When malicious software has become more general, the prevention of viruses has also become part of network services. In particular in electronic mail servers, file servers and web servers receiving traffic from external networks or users’ workstations, anti-virus software scanning for malicious software from the files is used. For instance in the electronic mail traffic, mail messages including malicious software are already removed in the server receiving e-mail traffic. Thus viruses and other malicious software cannot get to the target computer to cause damage.

Every month, tens or even hundreds of new malicious softwares are issued. Therefore, it is important to update the virus databases of the anti-virus software regularly, in order that the prevention software could give protection against these new viruses and other malicious software. As an example it may be mentioned that almost all of the infectious viruses detected last year in e-mail messages were discovered for the first time.