Jump to content

Cnet's Review Of Immunet 3.0


ritchie58

Recommended Posts

What's new in this version: The 3.0 release was primarily intended to sharpen focus on malware detection and to provide comprehensive protection to users who are not always connected to the cloud.

 

Complete Offline Protection

 

The 3.0 release adds an 'Offline' engine. This engine (which is ClamAV .97) once enabled will automatically pull down latest detections and allow for complete detection coverage, even when you are not connected to the Internet. New detections for 'hot' threats, prevalent on the net protect you from current 'in the wild' threats and their variants. Offline protection also includes have several complex engines for detection native to the desktop and support for file formats such as .DOC, .XLS, HTML etc. as well as strong unpacking support.

 

If you are installing fresh, you will have the option to install this engine turned 'On' by default. If you are upgrading from ClamAV for Windows this engine will be turned off be default. The screenshot here shows how to enable it from the 'Settings' feature on the front the User Interface.

 

Cloud Recall

 

A Cloud model for hunting and identifying threats allows Immunet to retain and analyze vast amounts of data about what our community is seeing at any given time. Unlike traditional Anti-Virus, or even other Cloud Anti-Virus we constantly reconsider all the data we see or have seen in our community. This allows us to evaluate every decision we have made about a file in our community and see if we still agree with that decision as time advances. If we find that our position has changed about the security of a file in our community because of new information on that file we can now seamlessly act on it. To put this in practical terms if you look up a file today and we do not know it's malicious yet and tonight or tomorrow we discover it is malicious we will alert your system to find the file and remove it, all without you needing to download a single definition update. This 'Cloud Recall' ensures that your security is advanced with every new piece of information we become aware of. You will always know as much as we do, when we do.

 

Custom Signature Creation

 

Something which has been missing in modern Windows Anti-Virus products is a feature which allows advanced users to craft and deploy their own signatures or detection capabilities. With 3.0 we now offer the first Windows Anti-Virus product which allows our users to write their own detections with our engines just as we would.

 

Users can now hunt threats (or Advanced Persistent Threats if you like) by creating signatures which range from simplistic (straight MD5 matches) to complex (logically chained expressive signatures w/ offset support and wild carding). Signature management is done with a new SigUI tool.

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...