Oct 05 2010

Security Through the Cloud

Improve client antivirus by leveraging remote computing resources.

It's a shame the nickname "the cloud" is used so often today. The term is confusing, scares a lot of non-technical users, and makes remote computing resources seem nebulous and insubstantial. What is a cloud resource? It includes a remote computer system and custom software much more powerful than you likely can afford in your own company.

Cloud misconceptions matter when we talk about security from malware and security for your data, so let's stop saying “cloud” for a moment and say “remote computing resource” (RCR) instead.

For more than two decades, when purchasing client-based antivirus products (assumed to include protections against spyware, Trojans, and worms), you loaded a large software application onto your computer, then watched it take far too many CPU cycles. Then you watched it download megabytes per day to update the malware definitions needed to protect your computer.

But what if you could stop the megabytes-per-day download? It would save you some hassle and save the antivirus manufacturers a ton of money for storage and bandwidth. Unfortunately, we can't stop cyber-creeps from making more malware, so we have to keep updating the signature database. But some companies are leveraging remote computing resources to improve client antivirus software.

The two I'm familiar with are Panda, which you might know, and Immunet (www.immunet.com), which you probably don't. Both are leveraging their remote computing resources to make your antivirus product work faster and better.

Each still requires client software on your computer, so don't think "antivirus in the cloud" means no local installation. But rather than downloading signatures of new malware, both send snippets of the suspected malware to their cluster of virus-identifying computers, and send back a thumbs up or thumbs down. Bad programs are quarantined or deleted, just as before, but the heavy lifting of virus identification doesn't drag down your local computer's performance.

Now that most consumers and businesses have fast Internet connections, the delay to involve a remote RCR is minimal. If you've ever been aggravated by a virus check dragging down your computer, the new Panda or Immunet method of using their RCR may be less aggravating.

Complaints about using RCR for primary backup include slow downloads if replacements for big files are needed, slow uploads from individual computers, and various levels of paranoia about storing important data elsewhere. What local backup can't do well is provide location redundancy for disaster-recovery purposes. Tape units allow you to take full tapes offsite, but few companies do that correctly. If only there was some way to have the speed and ease of local backup with the redundancy of sending it elsewhere. Oh, wait, there is — SonicWALL's Continuous Data Protection products.

While the continuous data protection part isn't important here (another time, I promise), storage of files both locally and remotely, all handled by the backup appliance, provides incredible benefits. The SonicWALL CDP 110, CDP 210, CDP 5040 and CDP 6080 range in size from small and client-oriented, to large and "vacuum up every data bit in the company." Backup data is stored locally, and then the appliance manages the replication of data somewhere else. If your building burns down or your computer room is flooded, all your data will be safe and secure.

James E. Gaskin writes books, articles and jokes about technology from his Dallas-area home office. He also consults for those who don't read his books and articles.