Cloud,Anti-Virus,ready,for,the technology Is Cloud Anti-Virus ready for the mass market?
The electronic cigarette is not new. People who buy electronic cigarette knows that this product has been in the market for years now. Despite some sectors apparently trying to shoot the product down from the shelves, the popularity of elect Active shredder safety technology for the small office. Shreds 15sheets per pass into 5/32" x 1-1/2" cross-cut particles (Security Level3). Patented SafeSense® Technology stops shredding when hands touch thepaper opening. Designated shredde
They presented their results of some in-depth testing of anti-virussolutions using the cloud as a supplemental method to deliver malwareidentities. What did they find?Overall they determined that solutions using "in-the-cloud"services were no more effective than traditional anti-virus solutions. Theyalso noted that the results they have seen from the vendors they tested arewildly unpredictable as to what to expect from one threat to the next. One of the points made by Andreas really hit home for me, which is that theability to publish identities seems to be the gating factor in providing up tothe moment protection. The delivery mechanism is largely unimportant if youhave a reliable means of providing threat data to the product.In their paper, they also mention that on-computer anti-virus has far morecapabilities for detecting new malware than simple file checksums. Today'scloud-based services rely on checksums which are not equipped to deal withserver-side polymorphic malware. Andreas had pointed out that there were inconsistencies with results fromsome vendors. He showed how one vendor showed a file as being suspicious viaits cloud service, then it was safe later that day, and finally markedmalicious that evening. During the question and answer period, Dmitry Gryaznovhad some clarifications to this slide from McAfee's perspective. Confusingly,Dmitry seemed to confirm that this was in fact true.Another issue raised in the talk was around network impact, especially inorganizations with a large concentration of computers. Not just malicious filesare being checksummed and sent into the cloud, many legitimate files maytrigger the technology as well. In their paper, they point out that thesetransactions can be 5K bytes or more, resulting in a potentially significant amountof bandwidth in a organization with network capacity issues.Unless I misunderstood, this rush to identify checksums and publish them assuspicious and revoke them later seems to imply that there could be a highfalse-positive, or false-negative problem. Andreas and Maik touched on theirconcerns related to quality assurance processes as well.The conclusion of the tests performed reinforced my existing thoughts onproviding best protection to our customers computers. Provide quality updatesas fast as you can. The means of delivery are not important so long as thecomputers receive their identities.Sophos has used "the cloud" in our anti-spam solutions for severalyears, and like any other technology will carefully consider which toolprovides the best protection for our customers in each scenario we providesolutions to.
Cloud,Anti-Virus,ready,for,the