Desktop security moves from virus-hunting to more tasks according to Symantec

Article

“Antivirus is dead” says maker of Norton AntiVirus | PC World

Antivirus Is Dead — Long Live Antivirus | Krebs On Security

My Comments

What did anti-virus software do?

McAfee LiveSafe desktop security program

A typical desktop-security program in action

Previously, an anti-virus program was regularly vetting software against a known signature-based list of virus software or, in some cases, Trojan-Horse software. Better programs of this class also implemented “heuristics-based” detection that observed software behaviour for known virus-like characteristics.

The software authors beihind the anti-virus programs were playing cat-and-mouse with the malware authors who are trying to get their rotten software on to our computers. For example, malware authors use “crypting” services to hide their software from the gateway software, typically through the use of obfuscation.

What have the anti-virus software programs evolved to?

These have evolved to robust “desktop security” software suites that perform many different security functions for the computers they are protecting.

Firstly they work with your email client software to vet your incoming email for spam and phishing emails. This will typically work with client-based email setups like Outlook, Apple Mail, Windows Live Mail and others rather than Webmail setups like GMail or Hotmail.

As well, they implement a desktop firewall that  verifies traffic coming to and from the Internet and home network so that malware can’t easily “report to sender” to fulfill its task.

They also implement a wider malware-checking mandate such as catching out rootkits, adware and spyware. Sometimes this is done on a “software reputation” mechanism or observing for particular behaviour traits.

Another function is to implement a “reputation check” for the websites that you visit. This checks whether a Website is a host for questionable software or implementing other questionable practices. This may also be included with a desktop content-filtering function which filters against pornography, hatred and other undesireable content.

They also work as a privacy watchdog by monitoring Websites or social-media services for improper activity that threatens your privacy or that of your child or other vulnerable person.

But, wait, there’s more!

Some of these programs offer extra functionality in the form of a password vault which looks after the passwords for the Websites and other resources you visit.

They may offer a client-server VPN so you can use the Web from other networks like your friends’ and relatives homes or public networks in a secure manner. Similarly, they offer a secure file-storage option, whether on the cloud or on your local machine.

Different levels of functionality available

Most desktop security suites pitched at the home or small-business user tend to be sold with client-focused manageability where you set their parameters to manage that particular client computer. If you have multiple computers, you have to manually replicate that same setup across those computers. As well, they are priced either “per machine” or in a licence-pack that covers up to five or, in some cases, ten machines. You may be lucky to have the software provided as a site-licence that covers equipment owned by a particular household.

Conversely, desktop-security software that is targeted at the big business or at some small businesses is set up for management of multiple machines from one logical point. This includes the ability to deploy the same software across multiple machines yet have the same standards preserved across the multiple machines. They are typically priced in licence-packs that encompass many machines or may also offer a site-licence deal which covers all equipment kept at a particular location or by a particular organisation.

Leave a Reply