OPSWAT Combines 7 Anti-virus Engines to Improve Malware Scanning

OPSWAT's Metascan is built from anti-virus engines from seven different companies, including Kaspersky Lab, AVG Technologies and CA, combined into a single security product to keep malware at bay. Metascan can also be used to manage security scans by preinstalled tools from companies such as Symantec and McAfee.

OPSWAT is offering customers a new vision of layered security.

The company unveiled on Jan. 27 a product called Metascan that combines anti-virus engines from seven different vendors to improve the chances of catching malware infections before they do any damage. Metascan brings together technologies from Kaspersky Lab, CA, ESET, AVG Technologies, VirusBuster, Norman and ClamWin.

The built-in engines can be managed through a programmatic interface, MMC (Microsoft Management Console) or the ICAP (Internet Content Adaptation Protocol).

"Metascan combines seven built-in anti-virus engines plus an interface supporting integration with many anti-virus packages a user may already own," said Benny Czarny, founder and CEO of OPSWAT. "The benefit of scanning content with multiple engines is that not all engines can detect all threats and not all engines scan files in [the] same time period, so by using multiple engines you get faster detection with broader coverage."

Metascan works on Windows systems, and can detect over 400 file types including PDF, .doc and .exe formats. Metascan also integrates with third-party software and hardware via Version 1.0 of the ICAP and an intuitive API, and provides a single scanning interface for pre-installed anti-virus from vendors such as Symantec and McAfee, OPSWAT said.

The presence of all these different engines may raise flags about system performance, (PDF) but Czarny contends that Metascan is only "slightly slower than the slowest built-in engine" for a given file scan.

"Also note that normally [the] issue of running multiple engines together is related to their on-access [real-time] scanning component," Czarny added. "Metascan does not have any resident real-time scanner: It is an API-driven on-demand scanner."

As the number and sophistication of Internet-based threats grows, many organizations are augmenting defense-in-depth strategies with defense-in-breadth strategies, opined Andrew Braunberg, research director of enterprise software and security for Current Analysis.

"Centrally managing these security applications is an increasingly critical component of overall security management capabilities," Braunberg said in a statement.