Posted by: Eric Hansen
anti-virus, av, cloud, computing, solution
On January 5th, 2011, Sourcefire, the creator of SNORT, released a press release over a “partnership to deliver a free, Windows-based version of the ClamAV(R) antivirus solution.” In a world where buyouts and “partnerships” happen left-and-right, why is this so important, you ask? Further into the press release, it states that it’s going to utilize a cloud-based anti-virus scanning set up, to provide further true positives.
While I’m not the most avid supporter of cloud computing, this seems to be a more intelligent way to use the capabilities of clouds. Case in point, Windows with it’s roaming profiles. All that is is simply cloud computing, and while it is convenient, it’s also a very slow process to log into another computer. Here, from what the press release says, it’s basically using a cloud platform to store various scan reports (what files are infected, what type of infection, etc…). At least to my eyes, this seems more like a offline-version of various online multi-virus-scanner websites.
Right now, one of the main problems I see with the anti-virus community is not that there’s so many false positives and such, but that there’s no protocol. While nothing’s perfect, and all these products do their job differently, it’s truly nothing but a big whirlwind. Perhaps this is what is needed for the anti-virus vendors to finally see working together, instead of against each other, is going to be about the only way you can truly be successful. Sharing virus definitions can do nothing but help the public and themselves, and the greediness is only hurting everyone that has a computer connected to the Internet.
If this idea picks up as much as I honestly hope it does. My ideal vision of this would be that there will be one anti-virus program that uses this cloud. No more Norton, McAfee, Kaspersky, etc…but, they all form sort of a committee of their own (similar to IEEE). They develop a singular anti-virus program that does what it’s supposed to, and it just simply works. Let the vendors develop their own GUI to the definitions and scanner if want-be, but make the definitions themselves open to the public basically. Let the whole programming community write their own scanners as well.
This is 2011, not 2000, things have to change in the I.T. world for things to continue moving forward, instead of backward. No longer can we continue to see things for ourselves, but we have to start really looking out for others as well. If there is no competition, it is doomed to fail.
If you want proof of this, look at Microsoft. For many years, they were on top of the I.T. world. Windows was the most-used operating system available. November 1991 came around and Linus Torvald decided to release a college project, Linux. Was it a threat back then? Definitely not. Over the years though, the community came together and made it a very viable alternative to the once-king operating system. From then on, Microsoft has really stepped up it’s products and released a very solid system in Windows 7.
Only time will tell how well the cloud-AV solution will work. While ClamAV was never the greatest anti-virus scanner personally, it was still a good solution if paying for a product was not possible. Given that ClamAV is also heavily used on servers, I’m hoping that this will lead to a whole different ballpark for safety, security and care for these vendors’ customers.