Saturday, December 11, 2010

Cloud based Internet Security

All Internet users are going to experience a new age of Internet security – “cloud”. Some may feel like “cloud” or confused of what it means “cloud”.

For many years, antivirus vendors have based their products on a “pattern-based” model. That is, your computer downloads patterns from the software vendor server, stores on users' own hard drives for detecting against security threats. However, with the new “cloud-based” technology, no such pattern files will be downloaded. Instead, users connect directly to the so called “cloud” to check against security threats.

The advantages are obvious:

·         Light-weight client software – internet security software can take much lesser computer resources. As a result, user computer is not being slowed down.

·         Shorten the window period – from the time a security threat is detected, a pattern released and being downloaded by user; it's always a time race. There exists a window period, in which the security threat is spreading when the pattern is not yet available to users. With “cloud”, this window time is much shorter.

·         Improved detection – in the past, the efficiency of the detection depends much on how well the antivirus software vendor did in formulating the pattern files. Cloud-based technology used shared user knowledge, of course together with the feeds from the software vendor. As a result, the detection engine reflects more closely to the real-world situation.

So, it sounds like “cloud” is perfect … the fact: not really. There are disadvantages:

·         Availability of the “Cloud” - if your Internet connection quality is poor or not stable, cloud-based may not be a good idea. If the cloud is not accessible, such as a temporary disconnection from the Internet, protection amounts to nothing! A scenario - you are not connected to the Internet and you plug a USB thumb drive with virus to your computer = disaster!!

·         Quality of the “Cloud” - efficiency of detection depends much on the size of the cloud community. Of course, the larger the cloud community population (i.e. the number of users connecting and sharing information on the same cloud), the better will be the protection. Sadly, in many cases, the community population is not known – especially to those commercial vendors … and for good reasons, the figures are “commercial secrets”, which most commercial companies will not like to disclose. Also, the quality of cloud users affect too. If many of these cloud users are actually client software installed on email gateways, servers, you have a quality cloud!

·         Geographical Factor – although it also affects the traditional pattern-based protection, it seems “cloud-based” is more sensitive to user locations. For example, if most of the cloud users are living in Europe, your cloud-based protection will be more “European” and less effective in Asia, such as in China or Korea.

·         Slowness in installing new software – the presence of cloud-based detection is obvious when you're installing software to your computer. When your cloud-based security software keep checking every application and library files you're installing against the cloud, the installation process drags... sometimes, painfully slow.

Don't get me wrong, I'm not discouraging you to use “cloud-based” technology. In fact, I've been using it for months. And it's obvious that cloud-based will continue to be the trend. But, a more realistic view of  “cloud” may help you better assess the situation.

Recently, many security vendors are joining the race, offering FREE cloud-based security solutions. The happiest are the users. But, have you ever wondered why “free”? Of course, market share is an issue. On technical side, a “cloud-based” without a sizable cloud will make the cloud useless! No wonder it must be free to get people in!

Want to give cloud-based a try?

Some “cloud-based” solutions like “clamav” allows you to install it on a computer with another antivirus software. So, you may install “clamav” on a computer with AVG. This approach gives you another layer of protection. The down side, of course, it further slows down your computer a little bit.

Other well known vendors like Panda and Trend Micro (China) also have free or 1-year free trial available. There is nothing to lose with another good layer of Internet protection, which is definitely a must in today's cyber world.

No comments:

Post a Comment