ANALYZE AND CRITICIZE.........

GFI warns one anti-virus engine is not enough to protect your business

FBI study shows 97 percent of organizations have anti-virus software installed, yet 65 percent have been affected by a virus attack at least once during the previous 12 months.
London, UK, 5 October, 2006 – GFI, a leading provider of network security, content security and messaging software, today issued a stark warning to businesses across the United States about the dangers of deploying a single anti-virus engine.
GFI’s new white paper, “Why one virus engine is not enough,” reveals that organizations relying on the protection of a single anti-virus engine are actually leaving themselves exposed to a severe and constant threat from all forms of malware. The white paper outlines the fact that even though every anti-virus vendor in the market claims to have a fast response time, there is no single company that will consistently be the first and fastest to respond to a virus outbreak. Depending on a single anti-virus engine does not guarantee the quickest reaction to outbreaks every time, leaving productivity and business operations vulnerable to attack.
In addition, different anti-virus engines have different strengths and weaknesses. Some engines excel at identifying a certain type of malware while others excel at other types. As with reaction times, there is no one anti-virus engine that can guarantee protection from every type of malware – from trojans to spyware. The use of multiple anti-virus engines irons out these weaknesses, ensuring the highest level of protection from every type of threat.
While no organization would rely on a single security guard or alarm system to protect its most valuable physical assets from different threats such as theft, vandalism, fire and natural disaster, many still expect their data to be protected by a single anti-virus engine. This is a dangerous approach to take. The only practical way to guarantee the protection of your organization’s data – its most valuable asset of all – is by using multiple anti-virus engines. Using multiple anti-virus engines allows you to pool all the strengths of each different vendor, without being exposed by their weaknesses, ensuring you always get the quickest signature update.
“Having multiple virus engines ensures that there are different reaction times from different teams to address the problem,” said David Vella, Product Manager, GFI MailSecurity. “Our customers will always be protected by the anti-virus vendor team which delivers the signature files first in case of such virus outbreaks. Speedy reaction is key in identifying a virus, producing the virus signature and releasing it to the customer."
Andreas Marx, anti-virus expert with AV-test.org, agrees that a multiple anti-virus engine approach is the most comprehensive way for organizations to detect and combat virus attacks. "Studies prove that the best way to prevent virus introduction is with several layers of protection, which include multiple anti-virus scanners. Different anti-virus companies are using different ways to detect unknown malware proactively, for example, using heuristics or Sandboxing. When one company can detect 30 percent and another one can detect 20 percent of all newly released malware files, the combined proactive detection score might be boosted to 50 percent," Marx said.
The “Why one virus engine is not enough” white paper is available at www.gfi.com/whitepapers/why-one-virus-engine-is-not-enough.pdf .
About GFI
GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. With award-winning technology, an aggressive pricing strategy and a strong focus on small-to-medium sized businesses, GFI is able to satisfy the need for business continuity and productivity encountered by organizations on a global scale. Founded in 1992, GFI has offices in Malta, London, Raleigh, Hong Kong, Adelaide, Hamburg and Cyprus which support more than 160,000 installations worldwide. GFI is a channel-focused company with over 10,000 partners throughout the world. GFI is also a Microsoft Gold Certified Partner. More information about GFI can be found at www.gfi.com .

All product and company names herein may be trademarks of their respective owners.

Maybe it's just me but I have always found that more than one AV solution on a single device like a PC causes no end of headaches mainly because each one sees the other's virii database and thinks it's a massivly infected PC. Each solution then starts trying to knock the other down in a constant struggle that leaves the PC useless for anything as the processor goes into overdrive.

I've seen it many times outside of work as well where friends have just piled on any av solution they can get their hands on and slapped it on only to phone me when I get home from work saying their PC is booting but they can't do anything with it... can I come quick /sigh.

Maybe if the differing solutions were to know about each other and leave each other alone you might get the strengths of each working in your favour but that's unlikely to happen.

Maybe in the workplace, email filters can go to work on whats coming into the organisation but typically a virus isn't a virus until it's been fully downloaded onto someone's pc and starts itself up.

As has been commented on in other posts, the best method is an educated workforce or a very strict and dictatorial IT policy but even then you are going to get caught out every now and again.

There is also the other aspect of this on the horizon now where Vista will not allow things like antivirus programs to work at all so that you can only use the built in solution that comes with the OS. Just that alone fills me with horror at the thought of anything written by Microsoft being my only defence against this sort of thing. We all know their track record and the glaring holes they leave in their software on a very regular basis. AV companys are trying to fight this but even if they get access to the core OS, they will not get full access... you know Microsoft.

This is a valuable debate though. Antivirus, Malware defence and antihacking should be at the top of every IT persons agenda for at least the next 5 years until we can finally irradicate this nonsense once and for all.

hey man u have a point but i tell u that this days people insult anti virus engines.

This is a valuable debate though. Antivirus, Malware defence and antihacking should be at the top of every IT persons agenda for at least the next 5 years until we can finally irradicate this nonsense once and for all

and u talked about eradicating the whole nonsense sure u right but i tell u that b4 this things can be eradicated IT professionals ("who say they are") have to understand, know, and look into the concepts behind all anti virus engines, what they cure- (spyware, normal worm, normal virus, adwares, trojans, etc)..... thats why i earlier said dt anti virus engines are being insulted.

people fail to understand the uses of this engines thats why the spread of viruses increases.

lets see what another person has to say...........