Symantec is releasing a suite of tools today that will help companies deal
with virus outbreaks that might infect documents, spreadsheets, and other ways
that malware might make it back into your company. As more workers become
virtual, cloud computing offers compelling ways to share information, but as
workers connect, you never know what is going to be on their home PC.
As malware proliferates and grows in both scope and stealithiness, antivirus
vendors have to keep on adding to their signature files, which takes computer
resources, disk space, and memory. The trend for ever larger signature files can
sometimes overwhelm smaller capacity computers, leaving computers unprotected,
and the AV program not working the way that it should be working. With AV going
to Software as a Service (SaaS) this might reduce the computing burden on the
client and on the server, as the AV program can consume resources, and then
release the resources back to the cloud. This should reduce the burden on the
client in relationship to CPU and Memory overhead.
effective in stopping malware and other attacks, Sherstobitoff says. By
employing a broad-based set of servers for analyzing new attacks and developing
vaccinations, Panda may be able to better correlate the attack data and apply
computing muscle to the process. "If we see malware in one country, we can more
easily correlate it with a similar attack we see in another country," he says.
This makes the signature process more effective and less bulky on the client
end, he says. Source: Dark
What makes this interesting is that the on demand-computing model for people
who are in countries that are bandwidth limited can use this process to make
sure that their systems are protected against what the AV program knows about,
in a much quicker manner than the local computing based scanning that can take a
day on slower computers. The standard time to scan a computer for infection is
at nighttime (default with Symantec to start late at night), and most people
leave their computers on overnight in the work environment.
The other benefit to this is that as files are uploaded (depending on if you
writing locally this makes sense) to the server they are scanned (which is a
normal operation), but if the file comes up as infected, that connecting
computer to the cloud can be flagged for a scan next time it connects, or right
on the spot. The other interesting part of this is that a computer that is
connecting to the cloud network will also try to scan all of its connections,
meaning the same process can apply, the computer is flagged because it is
exhibiting behavior that means it is infected and be scanned then and there on
demand. This kind of process will be familiar to anyone who runs NAC for guest
computers or in some cases any computer that connects to the company network.
This is more likely the first step in providing NAC to cloud computing with
all of its associated services. NeuStar
is planning to apply the NAC principles to Cloud Computing, meaning like any
other remote client that connects to a company resource, the system will check
to see if the computer meets the minimum policy based computer security model.
Adding Anti-Virus as a service means that the next step in integrating remote
workers into the company cloud is taking the next step forward, without
burdening the worker, their computer, or their ability to do work.