"Our focus is on managing and securing gray networks," said Facetime CEO Kailash Ambwani. "IM is an important piece of what we do, but it isn't the only thing. We want to protect against everything that an end user can bring into the enterprise and block malware and spyware whatever the vector."

You will want to keep several things in mind as you evaluate these offerings. Each product blocks or manages a different series of IM and peer-to-peer services. Most have yet to figure out a way to block Skype connections, for example.

Next, understand how these IM protection products can complement your intrusion-detection and -prevention systems. "IPS and IDSs don't always work for IM threats," said Art Gilliland, director of product marketing at Symantec. "A lot of times, virus traffic looks like safe traffic over IM. For this reason, you need security at multiple layers and at multiple points across your network."

Third, realize that most of the IM systems have Web-based clients or clients that run on mobile phones and PDAs.

"IM clients can be resourceful," said Michael Osterman, an independent IM analyst. "If you block Port 80, you can unintentionally block legitimate Web traffic, so you have to do more sophisticated things." How the security system manages and blocks this kind of traffic is important, since infections can easily spread from these sources