Case Study - THERMO-KOOL Mid-South Industries, Inc.

Contact: Chris Moss

Industry: Manufacturing, Custom Walk-In Refrigerators and Freezers

Producst in use: GFI WebMonitor™ and GFI MailSecurity™

Quick Read

GFI DownloadSecurity (now GFI WebMonitor for ISA Server) protects manufacturer against malicious downloads.

"GFI DownloadSecurity provides us with a front-line defense against threats at the firewall. It provides us with a multiple-layer, multiple virus engine defense against virus attacks and malicious files." - Chris Moss, Accounting and IT Manager at THERMO-KOOL/Mid-South Industries, Inc., US.

THERMO-KOOL/Mid-South Industries, Inc. uses GFI DownloadSecurity for ISA Server to gain important protection against viruses, Trojans and malicious content in downloaded files. GFI DownloadSecurity* is a content security product that controls what files enter the network via FTP and HTTP and ensures they are virus-free and not malicious.

As part of his research on stepping up the organization's network security, Chris Moss, Accounting & IT Manager at Thermo-Kool, came across GFI's Security Testing Zone and ran the site's free security tests to check how well-protected his network really was against viruses, worms and other malicious content. "I evaluated GFI's email virus tests and was impressed with the added functionality of content checking in providing protection against harmful content," he said.

THERMO-KOOL identified the need for a product that provides content checking and antivirus protection for downloads. This product had to integrate with Microsoft ISA Server since THERMO-KOOL had recently acquired ISA Server as an upgrade from Proxy 2.0.

"Microsoft ISA Server gave us the ability to integrate with Active Directory. This enables us to limit Internet access by groups," Mr. Moss explained. "Also ISA is much more extensible, as GFI DownloadSecurity itself demonstrates. We can add additional 'plug-ins' to provide content checking, and other features."

For THERMO-KOOL, another significant aspect in product-seeking is the ability to try out the solution prior to purchasing it. "Access to evaluation products was really important to us and we were delighted that GFI's website allows potential customers to download a free, full trial version for a month or two," Mr. Moss affirmed.

Powerful Arsenal of Security Features

GFI DownloadSecurity for ISA Server handles the security risk of file downloads without resorting to blocking all file downloads at firewall level. Instead, it content checks downloaded files and can quarantine them based on file type and user. Its core security features include, among others:

• Multiple virus engines - to guarantee higher detection rate and faster response to new viruses
• Content checking - to quarantine dangerous files and content
• Blocking/quarantining of files based both on file type and extension
• Checking/blocking applications' hidden downloads
• Trojan & Executable Scanner - to detect malicious executables
• Network-wide blocking of Java applets and ActiveX controls.

"We were impressed by GFI DownloadSecurity and preferred its features over those of other products. The inclusion of multiple virus engines, content rules and scanning before items were saved on the network were huge plus points," Mr. Moss pointed out. "Also, the fact that the files were checked DURING downloads was crucial to us."

Besides, GFI DownloadSecurity was built from the ground up to work with ISA Server. It links in as an ISAPI extension and can leverage features such as alerts, reporting, etc that are already found in ISA Server - without necessitating any changes to the organization's network configuration.

Its use requires no learning curve on the part of the users. Users do not notice GFI DownloadSecurity until they download a file: Then GFI DownloadSecurity displays a download progress dialog box and the download proceeds. Once the download is complete, GFI DownloadSecurity scans the file for viruses. If the file has no viruses and does not trigger a rule, the user receives it immediately. If the file triggers a rule, it is put into quarantine for administrator approval. Once approved, the file is sent to the user as an email attachment or link. If the file is rejected, the user is notified.

Integration with GFI MailSecurity™

Another major advantage that Mr. Moss identified in GFI DownloadSecurity is the fact that it integrates with GFI MailSecurity, a second GFI product that Mr. Moss evaluated, this time for use with Exchange Server. GFI MailSecurity for Exchange/SMTP is an email content checking, exploit detection, threats analysis, anti-Trojan and antivirus solution that removes all types of email-borne threats before they can affect an organization's email users. GFI MailSecurity and GFI DownloadSecurity integrate seamlessly, allowing the administrator to configure content security rules and moderate quarantined files from the same interface.

"GFI MailSecurity provides an important additional layer of protection, added to GFI DownloadSecurity and our desktop virus solutions. We capture threats much earlier than with centralized desktop protection alone. GFI gives us important additional protection."

Front-line Defense Against Threats at the Firewall

Describing the product's key benefits, Mr. Moss remarked: "GFI DownloadSecurity is cost-effective as it enables us to license by authorized Internet user, rather than by the entire Active Directory user list. Also, GFI DownloadSecurity provides us with a front-line defense against threats at the firewall. This combined with GFI MailSecurity provides us with a multiple-layer, three virus engine defense against virus attacks and malicious content."

THERMO-KOOL/Mid-South Industries, Inc. is a leading US manufacturer of custom walk-in refrigeration and freezers based in Laurel, MS, with over 100 employees.

^{October 2003}

* Note: GFI DownloadSecurity has since been replaced by GFI WebMonitor for ISA Server.