01.29.15

Traditional Anti-Virus VS Cloud-based Anti-Virus

Tons of temporary files can slow down a computer's performance.

Few times in a row various experts claimed that traditional AV is dead.

Some experts are disagree and most of the people does not really know the difference.

Marketing specialists can claim that the cloud approach is new and improved protection solution.

 

3

4

 

Commercial trend of cloud security is very important for marketing and nowadays, the cloud security industry continues to grow.

Strange arguments I heard are: that desktop AVs cannot handle new unknown threats; that desktop AVs have huge problem of false positives and that desktop AVs fail providing the cure of the system.

The real difference between cloud and desktop in cyber security (is the same that in any other aspect): the processing of data in cloud happens on the internet.

Maybe we better say: most of the processing: small client program is still running on desktop and scans local machine in order to detect malware and makes the connection to Cloud.

Both Anti-Viruses (desktop and cloud) use ‘signature database’ which contain signatures “fingerprints” of malware together with more sophisticated technologies for Malware detection to handle potential and future threats : such as generic, heuristic etc.

The power and quality of security depends of database’s quality and size.

a)

One of the differences is the location of anti-virus’s database:

–          Desktop: Located locally on desktop and updated using download

–          Cloud: Located on Cloud (on the Internet elsewhere) and updated there

So, the oblivious conclusion is that the cloud database may be much bigger and updated much faster in the Cloud.

Moreover, there is a possibility to use many AV databases within one product – so this maybe huge advantage of Cloud.

b)

Another huge advantages of Cloud technology are installations, configurations and update.

Those three will save you PC disk space and will save you from wrong configurations and unnecessary mistakes.

c)

But the way of approaching to this huge database is very slow compared to desktop security – good internet connection (when I say good I mean stable and very fast) is always necessary.

Otherwise the protection is impossible or almost impossible if connection is slow.

d)

Other huge disadvantage of Cloud AV is the lack of real time monitoring of all files within all locations.

‘Real time monitoring’ or ‘real time protection’ is when the files are being scanned before being accessed or executed.

This is huge part of any good anti-virus and it helps us to avoid system infection.

Real time monitoring works not only with files but with other resources such as registry, memory, media etc.

Maybe the better protection will be to combine both protection mechanisms together or creating one combined mechanism that will overcome all disadvantages and use the advantages of both protections.

Anyway, cyber criminals always think about what they can do to bypass security and to harm more.

They will find ways to find vulnerabilities of each technology.