TheEdge! Posted September 24, 2010 Report Share Posted September 24, 2010 Hello, I'm new to this forum. I have researched alot of Cloud Computing... but don't understand much of it, but still it's my hobby. I heard about Immunet back in 2009 and followed the tracks on the forum about Version 2.0. When it was released, I tried it - It was good but not the best. I have tested Immunet in 1 year now, and searched for the secrets beyond this AV, and as I know now... This require some stuff that I would add to it! Some new Engines or something. Here there are! 1. CLOUD FIREWALL: While having an Anti-Virus Cloud Engine, why not have a Cloud Based Firewall? The Firewall can protect a user by defining Whitelisting/Blacklisting WHITELISTING: The Firewall will have a list of KNOWN GOOD files and will allow the connection of the softwares in the list. BLACKLISTING: The Firewall will have a list of KNOWN BAD files and will block all connection of the softwares in the list. UNKNOWN: The Firewall will allow the Connection, but block certain parts of the program. Like, remote control the PC(For hackers) or for BOTS. 2. BEHAVIOR ENGINE: We need a typical Whitelist of softwares, but the Behavior Engine needs something to detect and block automatic just like SONAR in NORTON. How it determines the Behavior: Everytime you download a Software wich isnt in the Whitelist(Unknown Files) the Behavior Engine will automatically Sandbox the program and a mesage will pop-up: "Checking Behavior." How can it Check the behavior in the Sandbox: The Sandbox runs the program, but the USER cannot see it. After it is installed in the Sandbox, the Behavior will be checked against: Editing Registry, adding itself to Windows32, doing something dangerous. Where will it be Sandboxed: As I know from ZoneAlarm, their Sandbox unknown program on the PC and checks behavior. BUT it can use alot of ram/CPU, so IMP Behavior Engine will be runned on the Server. IF THE FILE is malicous, the data will be send to the Experts and will be added a signature. 3. SANDBOX: The user can choose what to sandbox, like a Browser or something. So... if I come up with more ideas, I will UPDATE. CHEERS! TheEdge. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.