RealTime IT News

Security Software Gains Many Facets

Not too long ago, antivirus software and a firewall was all that was needed to keep PCs safe from digital threats. But now, consumers apparently need a bigger arsenal of security solutions to survive the onslaught of scams and schemes they encounter online.

A recent flurry of releases this week demonstrates this trend – Microsoft's Live OneCare, McAfee's Falcon and Symantec's Norton 360 – each boast features you might not expect to see in a security solution, such as PC performance tune-ups, backup applications, file recovery, site sniffers to flush out potential phishing schemes, anti "crimeware" applications and behavior blockers intended to stop malware in its tracks.

"Consumers are looking for integrated solutions that help protect them against a broad variety of threats," said Amrit Williams, a research director at Gartner Group . "So they want antivirus, anti-spyware, and firewall capabilities in one package. Consumers also need solutions where the maintenance and updating is provided as a service – they are notorious for not updating their products in a timely fashion."

Microsoft Windows Live OneCare ($49.95 per year), released on Wednesday, offers complete, "top-to-bottom maintenance, support and performance optimization," CEO and chief software architect Bill Gates said yesterday in a statement when the product was released.

OneCare offers antivirus protection, firewall, file backups, PC tune-ups and free support. There's no built-in protection against spyware, but Microsoft's anti-spyware application, now named Windows Defender, is available as a separate free download. After installation it can easily be integrated with the LiveCare package.

McAfee , in an apparent attempt to beat Microsoft to the punch, announced that its forthcoming security application "Falcon," due sometime this summer, will include what the company has described in press releases as "breakthrough proactive threat watch" technologies. But when asked to provide details on this technology, McAfee declined to comment.

Symantec's next-generation security software, Norton 360, is expected to ship in March of 2007, a slip from the original ship date of September 2006, the company announced on Wednesday. The current plan is to offer a public beta version of the product in July.

Norton 360 will integrate Symantec's current security products with its PC backup and optimization software, as well as new solutions based on preventing online scams that can slip surreptitiously into computers.

"Attackers are focusing on profit rather than making a name for themselves, and they are focused more on getting threats onto your system quietly. They're stealthier, and the malware embeds itself deeply into the operating system. So it's harder to remove," said Oliver Friedrichs, director of emerging technologies at Symantec Security Response.

"That's in contrast to just three years ago when majority of threats were fairly easy to see and remove. Today's threats are unlikely to be seen and you're unlikely to notice the CPU spike when it's become infected."

Friedrichs said that one technique that can battle the sneakiest software is "behavior blocking," which detects specific prohibited behaviors, actions not likely to be performed by an application that doesn't have malicious intent.

"For example, if I detect someone trying to hook the keyboard driver on my computer, that's not something that most applications will want to do. But that's exactly what a keylogger that wants to record all the information I input into my computer wants to do. So you block that behavior."

Friedrichs also said that Symantec will be releasing a new product, codenamed "Voyager," later this year that will provide protection against phishing attacks and "crimeware" threats.

Symantec defines "crimeware" as software that is coded to steal information from an infected computer, such as credit card and bank account numbers, passwords, and other sensitive data.

While all of these new bundles will likely make PCs more secure by making security simpler, bigger benefits would come if operating systems and applications were more secure right out of the box, according to Gartner's Williams.

"Security needs to be built in and turned on by default. If you look at things like wireless access, security is usually turned off by default or configured so that it's not safe. A next step is for wireless and other devices to have security enabled by default," Williams said.

Enterprises are moving in much the same direction as consumer products, according to Mike Gibbons, vice president of federal security services at Unisys.

"Technologies that aggregate security events across the enterprise are becoming more and more critical," said Gibbons.

"Companies should be maintaining the information in all of their devices, servers, firewalls, intrusion detection, antivirus, etc. from a centrally managed point of view."