Unity of two worlds
Who else does not know - under this motto right now we are launching new versions of our personal products in Russia, India, Eastern Europe and other countries. Lunches were fun, we continue to teach people to understand what hybrid protection is and why it is needed. It would also be interesting to talk with you about the hybrid: what is behind this frightening term, and most importantly, why do we promote it at all?
So, you all know that the clouds are cool, fashionable and who are not indulging in them right now. Everyone "young and old" has already climbed into the clouds and broadcasts philosophical revelations and market predictions from there. Yeah. Here it is our bright path and let's go there in orderly columns.
Under the pressure of analytical thought, an outside observer may get the impression that here it is, the long-awaited panacea from everything and for everything has finally been found. And, of course, now we will solve all the problems with protection against Malvari, spam and hackers.
')
And yes, we also use the clouds. This is a truly great discovery that will help solve many problems. Kaspersky Lab first introduced this technology in 2006 and now we are giving it more and more development. Kaspersky Security Network is a distributed system that allows real-time gathering of information about existing threats, as well as effectively identifying unknown threats and their sources, quickly protecting users from them. But if to measure with real indicators, it is enough to say that on average only 40 (sic!) Seconds pass between the detector and the update. And all this thanks to KSN.
Obviously, a security solution that does not use cloud technologies is no longer relevant today. However, how can vendors transfer all protection to the cloud if there are many threats that come not only from the Internet?
We have so far entrusted KSN with neutralizing about 30% of all threats on a user machine. The rest are analyzed and processed already directly by local security programs on the computer. It contains all the functionality of the antivirus, including such proactive technologies as control of unwanted program activity, heuristic analyzer, hazard rating and others, which also use information accumulated in the Kaspersky Security Network.
As Eugene Kaspersky says :
“The cloud is not a self-sufficient technology, but a successful game in a tandem with autonomous protection.”
Yes, but why?
“First, accessibility . Protection from the cloud works only when the computer is online. No connection - no protection. And the threats remain. They stuck an infected flash drive or CD / DVD, downloaded data from other computers or mobile devices - that's it, ales kaput. And they can infect them so that later you cannot connect to the cloud.
Secondly, the security of the cloud itself . Let's be frank: we cannot guarantee 100% that the cloud itself is immune from attacks. Rather the opposite. And the recent Sony PSN hack (details here and here ) is proof of that. Moreover, it shows that the clouds become the main target of the attackers. How convenient - to cover thousands, tens of thousands of users at once with one burglary.
Conclusion - without a standalone agent, hacking the cloud will result in an absolute vulnerability of the computer. Depending on the implementation of cloud protection, hacking can have other consequences. For example, hackers can take control of the protected computers themselves.
Finally, do not forget about self-defense. Without a strong autonomous agent, malware can easily block access to the cloud.
Thirdly, the quality of protection . Detecting and removing rootkits, polymorphic and other complex malware using cloud protection is difficult or impossible in principle. Here you can not do without an agent on a computer that is deeply integrated into the operating system. Throwing a micro agent from the cloud is not an option, as the cloud itself may already be unavailable.
Let's return to the message: I love clouds, but I do not agree with the positioning and perception of this technology as self-sufficient.
Users need a combination of cloud and offline protection. And I do not see how this situation may change in the foreseeable future. Well, we have reached 100% coverage of the globe with internet access. Though on Elbrus, at least at the South Pole. Thick and omnipresent such a channel. OK. But still, the problem of the security of the cloud itself and the fight against complex threats remains. ”
That, in fact, is what hybrid protection is . The unity of two worlds. That's why, as our hybrids commercial says, are cool and awesome:
Yes, by the way, hybrid protection will also be in the upcoming release of corporate products .
So, you all know that the clouds are cool, fashionable and who are not indulging in them right now. Everyone "young and old" has already climbed into the clouds and broadcasts philosophical revelations and market predictions from there. Yeah. Here it is our bright path and let's go there in orderly columns.
Under the pressure of analytical thought, an outside observer may get the impression that here it is, the long-awaited panacea from everything and for everything has finally been found. And, of course, now we will solve all the problems with protection against Malvari, spam and hackers.
')
And yes, we also use the clouds. This is a truly great discovery that will help solve many problems. Kaspersky Lab first introduced this technology in 2006 and now we are giving it more and more development. Kaspersky Security Network is a distributed system that allows real-time gathering of information about existing threats, as well as effectively identifying unknown threats and their sources, quickly protecting users from them. But if to measure with real indicators, it is enough to say that on average only 40 (sic!) Seconds pass between the detector and the update. And all this thanks to KSN.
Obviously, a security solution that does not use cloud technologies is no longer relevant today. However, how can vendors transfer all protection to the cloud if there are many threats that come not only from the Internet?
We have so far entrusted KSN with neutralizing about 30% of all threats on a user machine. The rest are analyzed and processed already directly by local security programs on the computer. It contains all the functionality of the antivirus, including such proactive technologies as control of unwanted program activity, heuristic analyzer, hazard rating and others, which also use information accumulated in the Kaspersky Security Network.
As Eugene Kaspersky says :
“The cloud is not a self-sufficient technology, but a successful game in a tandem with autonomous protection.”
Yes, but why?
“First, accessibility . Protection from the cloud works only when the computer is online. No connection - no protection. And the threats remain. They stuck an infected flash drive or CD / DVD, downloaded data from other computers or mobile devices - that's it, ales kaput. And they can infect them so that later you cannot connect to the cloud.
Secondly, the security of the cloud itself . Let's be frank: we cannot guarantee 100% that the cloud itself is immune from attacks. Rather the opposite. And the recent Sony PSN hack (details here and here ) is proof of that. Moreover, it shows that the clouds become the main target of the attackers. How convenient - to cover thousands, tens of thousands of users at once with one burglary.
Conclusion - without a standalone agent, hacking the cloud will result in an absolute vulnerability of the computer. Depending on the implementation of cloud protection, hacking can have other consequences. For example, hackers can take control of the protected computers themselves.
Finally, do not forget about self-defense. Without a strong autonomous agent, malware can easily block access to the cloud.
Thirdly, the quality of protection . Detecting and removing rootkits, polymorphic and other complex malware using cloud protection is difficult or impossible in principle. Here you can not do without an agent on a computer that is deeply integrated into the operating system. Throwing a micro agent from the cloud is not an option, as the cloud itself may already be unavailable.
Let's return to the message: I love clouds, but I do not agree with the positioning and perception of this technology as self-sufficient.
Users need a combination of cloud and offline protection. And I do not see how this situation may change in the foreseeable future. Well, we have reached 100% coverage of the globe with internet access. Though on Elbrus, at least at the South Pole. Thick and omnipresent such a channel. OK. But still, the problem of the security of the cloud itself and the fight against complex threats remains. ”
That, in fact, is what hybrid protection is . The unity of two worlds. That's why, as our hybrids commercial says, are cool and awesome:
Yes, by the way, hybrid protection will also be in the upcoming release of corporate products .
Source: https://habr.com/ru/post/127138/
All Articles