Packet Level Virus Scanning Network Appliances?

Tiber asks: "I had the pleasure of locking down the servers for a large company against the Slapper/Sapphire worm over the weekend. It wasn't enjoyable, less so because I knew I'd have to face it again come Monday when all our users brought their business laptops in. Sure enough, Monday morning, all hell broke loose on our networks. It got me thinking, instead of routers 'dumb' routers, does someone make a network appliance that does worm scanning inside the packets and log attacks? Perhaps someone has a project they know of that does this?"

Re:slammer coming in from laptops?

[jason_watkins]

Sales guys may use a SFA solution that uses the MS data engine (ie, "diet" mssql) installed locally on their laptop for persistance. Sales guys also may hit the hibernate button instead of a full powerdown and powerup.

Therefor, it is possible that a business user plugging in his laptopt could release slammer.

When thinking about security, do not think "ohh, that can't happen, that's so unlikely". Think "what could make that possible, no matter how remote" and then "how can I eliminate that risk".