Company
Time
(in hours)
AntiVir
11.5
McAfee / NAI
40.5
Kaspersky
43.0
Norman
60.0
BitDefender
114.5
Symantec
116.0
ClamAV
164.5
TrendMicro
168.0
Panda
168.0
Sophos
170.0
(in hours)
BitDefender
10.5
Kaspersky
12.0
F-Prot (Frisk)
12.5
F-Secure
13.0
Norman
15.5
eSafe (Alladin)
15.5
TrendMicro
17.0
AVG (Grisoft)
17.5
AntiVir (H + BEDV)
19.5
Symantec
25.0
Avast!(Alwil)
31.0
Sophos
35.5
Panda AV
38.0
McAfee / NAI
49.0
Ikarus
56.5
Range: from 10.5 hours to 56.5 hours. Average: 17.5 hours. Usually: 24.53 hours.
(According to the data of February 2004 of VirusBTN)
Table 2 - Response time of antivirus software companies before the appearance of w32.Sober.Y worm:
Company
Time
(in hours)
AntiVir
11.5
McAfee / NAI
40.5
Kaspersky
43.0
Norman
60.0
BitDefender
114.5
Symantec
116.0
ClamAV
164.5
TrendMicro
168.0
Panda
168.0
Sophos
170.0
Range: from 11.5 hours to 170 hours. Average: 115.75 hours. Usually: 105.6 hours.
(According to av-Test.de November 2005 data).
As you can see, the time it takes for companies to come up with new virus processing programs takes hours, even days. That's enough for them to attack your network.
Need to combine many technologies together
Each virus scanning program has its differences, no single program is considered to be the best. They have their own strengths and weaknesses. Anti-virus software products often incorporate many technologies in one unified set. The three most common synthesis methods are:
If separated, each technology has its own effectiveness, but cannot guarantee 100% success with all viruses. People often use combining two or three products at the same time, because no single solution is the best. The only effective way to ensure the highest level of security and security is to use multi-level intensive protection barriers with multiple antivirus software.
Use multiple antivirus software
According to PC SecurityShield, more than 40 new viruses are created every day. In June 2006, Microsoft announced that one in every 300 computers was attacked by malware (malware). You should also remember that today's environment allows malware created by a variety of independent individuals with their own attack methods and strategies.
The fun factor that comes first when using multi-tool antivirus is simple. In fact, there is no single virus scanner that performs all the functions in all areas of security, nor is there any independent virus scanner that is the fastest, most effective and 'best'. at every place If you currently use the program with the fastest average response time, very good. But don't think that with the new virus appearing next, its reaction time will be 'fastest'. It is not a question of whether the virus scanning engine is the fastest to respond to specific viruses, or is equipped with a combination of the necessary technologies that your network may be quickly attacked. Quickly, leaving many heavy consequences. The consequences can be productivity losses, downtime, loss of business opportunities and additional costs for businesses.
Furthermore, over and over again, updates of a virus scanning program may be flawed. That's because the manufacturers always try to release these upate versions as quickly as possible to compete with new virus attacks. Based on a single tool often leads to failure, because the virus can take a detour, passing through the defect barrier of a processing program, while using multiple tools, you will be provided grant a backup.
Small warning
Using multiple virus scanning tools is a safer and smarter solution, but one important point to remember is to understand what you have in your hand. Using 5 virus scanning programs doesn't mean you have 5 layers of protection. Simply give you 5 opportunities to get the correct answer. Each answer, figuratively speaking, is independent. It is similar to passing the five rounds at the airport, when each security officer is responsible for inspecting a part, organized in an intensive form. Therefore, you have the opportunity to catch the event before it happens.
Continuous attacks undermine the effectiveness of protective barriers
Returning to the 2006 FBI / CSI research report, 65% of companies were attacked at least once in the last 12 months, causing losses in the US organizations of nearly $ 16 million. It is possible that all participants in the study were users of industrial antivirus software. Failure in network protection is often noted by the use of individual antivirus tools
Multiple layers are used in most other security and security formats
It is difficult to find an organization that only uses a single protection barrier or warning system to protect all valuable physical resources against threats such as theft, deliberate destruction. , fire, natural disasters . Instead, it is the popularity of multi-layer protection with many components such as security fences, surveillance cameras, fire-fighting sprinkler systems and domes. All have backup systems if they fail or fail.
Data of an organization, most of which are precious resources, also require such a diverse protection system. Of course, this diverse system can only be provided by many anti-virus tools combined. So far, there is no other more reliable method for you to choose.
New models and new strategies
As mentioned above, defensive barriers with a single virus scanning tool are not effective in network protection. Therefore requires you to identify other strategies that are compatible with the multi-program protection layer. Organizations need to implement a stratified scanning solution, combining rhythmic activity so that at least one software is updated with the new virus sign. Using multiple virus scanning tools also means combining many technical functions together to combat all threats. Your network is then protected at maximum security.
Nothing is perfect, but using 4 or 5 virus scanning programs and multi-tool manager such as GFI MailSecurity for Exchange / SMTP will help your network be protected effectively and safely. You can be confident that a single manufacturer can respond quickly, promptly and in accordance with the requirements.
Learn a bit about GFI MailSecurity for Exchange / SMTP
GFI MailSecurity for Exchange / SMTP is an e-mail security solution, providing a way to identify vulnerabilities, analyze threats and kill viruses, effectively eliminate all threats from email before they can impact on an organization's e-mail users. GFI MailSecurity uses multiple virus scanners to scan all e-mails, such as, McAfee, BitDefender, Norman and AVG Anti-Virus. There are also a number of other important components such as attachment checking modules and e-mail content, which can isolate these objects if detected dangerous; a protective net exploit vulnerability, to prevent viruses based on current vulnerabilities and possibly even in the future (like Nimda, Bugbear); a mechanism to review HTML, to remove HTML scripts; a program that scans trojans and executable files (Trojan & Executable Scanner), to detect malicious executable files. For more information and download a trial version of GFI MailSecurity for Exchange / SMTP, you can go to: http://www.gfi.com/adentry.asp?adv=25&loc=112