Browse: Home / Anti Virus in the Cloud

Anti Virus in the Cloud

By Dan Morrill on September 18, 2008

Symantec is releasing a suite of tools today that will help companies deal
with virus outbreaks that might infect documents, spreadsheets, and other ways
that malware might make it back into your company. As more workers become
virtual, cloud computing offers compelling ways to share information, but as
workers connect, you never know what is going to be on their home PC.

As malware proliferates and grows in both scope and stealithiness, antivirus
vendors have to keep on adding to their signature files, which takes computer
resources, disk space, and memory. The trend for ever larger signature files can
sometimes overwhelm smaller capacity computers, leaving computers unprotected,
and the AV program not working the way that it should be working. With AV going
to Software as a Service (SaaS) this might reduce the computing burden on the
client and on the server, as the AV program can consume resources, and then
release the resources back to the cloud. This should reduce the burden on the
client in relationship to CPU and Memory overhead.

 The cloud computing approach could also make antivirus software more
effective in stopping malware and other attacks, Sherstobitoff says. By
employing a broad-based set of servers for analyzing new attacks and developing
vaccinations, Panda may be able to better correlate the attack data and apply
computing muscle to the process. "If we see malware in one country, we can more
easily correlate it with a similar attack we see in another country," he says.
This makes the signature process more effective and less bulky on the client
end, he says. Source: Dark
Reading

What makes this interesting is that the on demand-computing model for people
who are in countries that are bandwidth limited can use this process to make
sure that their systems are protected against what the AV program knows about,
in a much quicker manner than the local computing based scanning that can take a
day on slower computers. The standard time to scan a computer for infection is
at nighttime (default with Symantec to start late at night), and most people
leave their computers on overnight in the work environment.

The other benefit to this is that as files are uploaded (depending on if you
writing locally this makes sense) to the server they are scanned (which is a
normal operation), but if the file comes up as infected, that connecting
computer to the cloud can be flagged for a scan next time it connects, or right
on the spot. The other interesting part of this is that a computer that is
connecting to the cloud network will also try to scan all of its connections,
meaning the same process can apply, the computer is flagged because it is
exhibiting behavior that means it is infected and be scanned then and there on
demand. This kind of process will be familiar to anyone who runs NAC for guest
computers or in some cases any computer that connects to the company network.

This is more likely the first step in providing NAC to cloud computing with
all of its associated services. NeuStar
is planning to apply the NAC principles to Cloud Computing, meaning like any
other remote client that connects to a company resource, the system will check
to see if the computer meets the minimum policy based computer security model.
Adding Anti-Virus as a service means that the next step in integrating remote
workers into the company cloud is taking the next step forward, without
burdening the worker, their computer, or their ability to do work.

Related articles by Zemanta
Reblog this post [with Zemanta]

Posted in | Tagged , , , , , , , , | 4 Responses

Dan Morrill works in Interactive Media and Cloud delivery systems for Comics Forge as the COO. He has been blogging since 2003 covering different emerging technologies, management and information security. Dan works as a founding member of a number of startups, including Startup Academy International and Dead Tree Comics. His interests are in intellectual property protection, piracy, and information security as it applies to cloud computing. He also has a deep interest in media, mobile computing, and education.. His personal blog is here,  his other pro-blog is here .

4 responses to “Anti Virus in the Cloud”

  1. F-Secure moves its security suit into the cloud | CloudAve
    F-Secure moves its security suit into the cloud | CloudAve November 13, 2008 at 2:31 pm |

    [..] September, I wrote about Symantec [..]

  2. Cloud Avenue | DeveloperZen
    Cloud Avenue | DeveloperZen January 10, 2009 at 7:10 am |

    [..] Anti-Virus in the Cloud [..]

  3. Antivirus
    Antivirus December 4, 2009 at 7:52 am |

    I would say that the concept of Cloud AV is not just interesting, it is the 10,000 volts of electricity in the butt that the AV industry has needed for years. It will be interesting to see how slowly/quickly the major companies implement cloud computing into their AV packages. There will undoubtedly be some quick adapters, and some long term deniers. The next few years will be a great show to watch…I just need some popcorn!

  4. Firewalls | Adam Mooz
    Firewalls | Adam Mooz April 18, 2010 at 9:15 am |

    [..] A friend, Scott O’Neil pointed me out to a link related to the topic, but focused on cloud-based antivirus: http://www.cloudave.com/link/Anti-Virus-in-the-Cloud [..]