IMlogic unveils IM, P2P threat-detection network

07.12.2004
Von Todd R.

IMlogic Inc. and several partners Tuesday unveiled a new instant messaging "threat center" clearinghouse aimed at fighting IM viruses, malicious software code and spam before they occur.

In an announcement, Waltham, Mass.-based IMlogic said the new IMlogic Threat Center will raise the fight for IM security to the level of efforts now under way against e-mail viruses, spam and malware.

The threat center network, under construction for a year, will now provide a central place for detecting and analyzing IM and peer-to-peer threats, including IM-borne viruses, worms, SPIM (spam over IM) and malicious code, according to IMlogic. The center is also designed to alert IM users of problem threats and help protect against them. It will include a knowledge base for known IM and P2P vulnerabilities.

Partnering with IMlogic in the program are antispam and antivirus security vendors McAfee Inc., Symantec Corp. and Sybari Software Inc., as well as IM vendors America Online Inc. and Microsoft Corp.

Francis deSouza, CEO of IMlogic, said the network will use honeypots to help detect IM and P2P threats. Security workers around the world will be able to communicate through the network, using the knowledge base to find information and new ways to fight problems, he said.

"In our mind, it is the cost of doing business," deSouza said of the threat network. "To do the best protection, we have to do the best detection."

IMlogic sells software that helps businesses manage, monitor, log and administer their IM users and networks.

While in beta operation, the threat network has so far identified and cataloged up to 400 IM viruses on networks around the world. That number is expected to rise dramatically, deSouza said.

The idea for the network came after several IMlogic customers said that as much as 7 percent of their IM traffic was from malware and SPIM attacks on IM users. The customers said their concern is that the rising number of IM attacks could mirror the quick rise in e-mail spam, he said.

The new network, deSouza said, will help already harried IT managers who have to fight many threats across their networks. "I"m hoping this will take something off your plate," he said. "This is one less thing for a busy IT manager."

One IT manager familiar with the threat network project who has seen its portal Web pages said it will be a useful tool for network security workers.

"I see that as just another resource for me," said Brandon Dunlap, an information protection supervisor at Constellation Energy Inc., an energy generation and consulting company in Baltimore. "It gives me another source of information."

Constellation Energy has about 9,000 users, Dunlap said, and the company has been taking a look at managing its IM use more closely to comply with regulatory requirements, security and other needs. "We"re looking at that technology as just another step" in protecting the company"s network and users, he said. "It is definitely on the top of my mind right now. I"m anxious to see where it goes."

Genelle Hung, an analyst at The Radicati Group Inc. in Palo Alto, Calif., said the creation of the new detection and notification network makes sense.

"If we had this kind of warning before (the problems of) spam in e-mail, I think we"d have been very happy," Hung said. "IT would probably have a lot less to deal with today," because it would have been focused "more on prevention than on having to find a cure."