Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    A Booster Shot for Anti-Virus

    By
    Andrew Garcia
    -
    May 23, 2007
    Share
    Facebook
    Twitter
    Linkedin

      No security solution can promise to identify every threat, block every zero-day exploit and scrub away every virus strain that strikes enterprise infrastructures, but with sufficient visibility into client performance, status and security posture, companies can better identify potential problems even if their anti-malware platform initially whiffs.

      Administrators need real-time insight into the entire security posture of the systems under their charge, with status reports that extend beyond basic anti-virus or anti-spyware logging to help administrators identify a wide range of potential problems, such as firewall misconfigurations, missing patches (for both the operating system and applications), weak passwords, unnecessary services or incorrect encryption implementations. Ideally, these reports should be able to be correlated with the reports of other security solutions and should offer actionable response suggestions and processes.

      As eWEEK Labs reviews of Microsofts FCS (Forefront Client Security), eEye Digital Securitys Blink Professional 3.0 and Kaspersky Labs Kaspersky Anti-Virus 6.0 show, some of the most interesting developments on this front are not coming from the usual suspects but from a collection of vendors coming at the problem from different backgrounds and through varied angles.

      /zimages/1/28571.gifeEye Digital Securitys Blink Professional 3.0 provides strong vulnerability assessment tools. Click here to read eWEEK Labs review.

      For years, a small cadre of anti-virus vendors has represented the lions share of enterprise anti-virus deployments. The anti-virus solutions from Symantec, McAfee, Trend Micro and CA have been the most prevalent, often in large part because the companies developed the most effective management platforms providing centralized policy control, signature distribution, and logging and alerting functionality for large organizations.

      /zimages/1/175708.jpg

      However, these companies have grown somewhat complacent through the years, and their technologies have gotten a little stale on their front-line security and management fronts. We believe these vendors efforts to expand their management offerings have been bogged down, in part, by the inevitable challenges inherent in choosing acquisition as a primary source for new core security technologies. These companies, in some cases, have had trouble shoehorning purchased technologies and products into their existing management infrastructures.

      As an example of this ennui, Symantecs System Response Center has not changed significantly from versions 7.5 to 10.0 of the Symantec AntiVirus Solution—what seemed pretty good in 2000 doesnt meet customer needs in 2007. A few of the toptier vendors have taken steps to ameliorate the visibility gap through some key acquisitions of management technologies, but customers may grow impatient waiting for McAfee to bear fruit from Citadels Hercules assessment platform or for Symantec to figure out how Altiris fits into its already-overcrowded portfolio.

      Healthy Competition

      While the big boys slowly lurch toward the future, we are seeing a number of companies without much of an enterprise-grade anti-malware track record develop new technologies and foster new relationships that warrant a look from enterprise administrators who have grown dissatisfied with their existing solutions.

      /zimages/1/175621.jpg

      For Kevin Hayden, visibility into the infrastructure he oversees as desktop engineering manager for Analog Devices is of the utmost importance. Hayden requires automated reports and alerts to access the information he considers essential—for instance, high-level looks at infected machines across the network rather than infected files on particular machines. Although Hayden declined to reveal his previous solution provider, he indicated that his prior anti-virus vendor had once been known for its management platform but that the vendor could no longer provide his company with the insight it required.

      Analog, of Norwood, Mass., is now halfway through a migration to Microsofts brand-new FCS anti-virus and anti-spyware platform. FCS relies heavily on several mature Microsoft management platforms to provide the level of management Hayden is looking for—Active Directory and Windows Server Update Services, for software and policy distribution, and MOM (Microsoft Operations Manager) and SQL Server, for data collection, alerting and reporting. According to Hayden, this collection of technology allows Microsoft to present him with a wide view of client security posture as well as drill-down details on malware infestations.

      /zimages/1/28571.gifClick here to read eWEEK Labs review of Microsofts Forefront Client Security.

      Soon after Haydens FCS pilot program started, Analog was hit with a new malware outbreak, which afforded Hayden the opportunity to compare the two solutions side by side. And Microsoft, with its reporting capabilities and nimble Premier Services support staff, won the showdown hands down.

      “Forefront Client Security has been better than most other Microsoft Version 1 products weve tried,” said Hayden.

      Smaller security companies, such as Kaspersky, have always faced a bit of a conundrum when it comes to the enterprise market. Kaspersky has led the charge to develop automated malware detection and signature creation tools and has implemented a lightning-fast response team that promises new signatures on an hourly basis. However, delivering these capabilities to enterprise customers requires a management infrastructure, and resources that Kaspersky spent developing that infrastructure meant fewer resources to devote to innovation on the security front. Now that Kaspersky has had a few generations to build out its central management platform (the Admin Kit), its solutions capacity for deploying client packages, malware signatures and policies has matured enough to meet enterprise customers expectations, as well as exceed expectations with beefed-up reporting capabilities.

      /zimages/1/28571.gifKaspersky Anti-Virus 6.0 is a robust AV tool. Read eWEEK Labs review here.

      In light of the time it takes to shepherd management components to maturity, we believe there are better avenues through which small security vendors should look to build out this functionality. For one, small security companies can strike up strategic partnerships to satisfy customer needs on the management side of things, perhaps by seeking an alliance with another security provider with a synergistic technology or with a security management purveyor such as BigFix. With these alliances, small security vendors can reinvest in their core competencies—security R&D.

      To pursue this route, security vendors must commit to creating an open interface for their solutions that third parties can easily access via documented APIs. Vendors seeking partnerships should also try to adhere to commonly used operating system instrumentation, allowing third parties to get the lay of the land through common means.

      In an example of this type of alliance, Norman recently partnered with eEye for the latest iteration of the Blink HIPS (host-based intrusion prevention system). The combination of Normans respected signature-based anti-malware detection and cleaning and eEyes vulnerability detection and HIPS prowess (not to mention its fine REM management platform) makes for a compelling aggregate solution.

      Senior Technical Analyst Andrew Garcia can be reached at andrew_garcia@ziffdavis.com.

      Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.

      Andrew Garcia
      Andrew cut his teeth as a systems administrator at the University of California, learning the ins and outs of server migration, Windows desktop management, Unix and Novell administration. After a tour of duty as a team leader for PC Magazine's Labs, Andrew turned to system integration - providing network, server, and desktop consulting services for small businesses throughout the Bay Area. With eWEEK Labs since 2003, Andrew concentrates on wireless networking technologies while moonlighting with Microsoft Windows, mobile devices and management, and unified communications. He produces product reviews, technology analysis and opinion pieces for eWEEK.com, eWEEK magazine, and the Labs' Release Notes blog. Follow Andrew on Twitter at andrewrgarcia, or reach him by email at agarcia@eweek.com.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×