Some questions

[cesccerdanya]

Hi. Apologies for the English of the translator. I am newbie to using Immunet. I like the product but I have some doubts and I would like to ask some questions:

- Who's behind Immunet? It was born as Open Source, it was acquired by Sourcefire and later Cisco acquired Sourcefire?

- Seeing that currently there are some irregularities (Cloud Stats, Updates, lost functionalities), does the product have a guarantee of continuity or is it being abandoned?

- When a scheduled or on-demand scan is executed, is it done against the cloud or against the ClamAV DB?

- 'Cisco AMP for Endpoints Connector' (sfc.exe) has 1,083,032 KB (1GB) of Private Bytes (size, in bytes, of memory that this process has allocated that cannot be shared with other processes) assigned in my PC, although the working set used to being much shorter. Is this normal?

Thanks if someone bothers to answer.

[ritchie58]

Immunet started out as a privately owned LLC by a few developers that originally worked for Microsoft Corp. Immunet was strictly a cloud-based AV until the introduction of the open-sourced ClamAV code was added. This gave Immunet the ability to run scans off-line besides an additional layer of security. Then Sourcefire acquired Immunet and Cisco bought Sourcefire. Cisco is now the parent company for Immunet.

I don't believe Immunet is turning into abandonware but I do believe it's not getting quite the attention it once did. There is a new bug fix build that will be rolled-out sometime this month that will address some update issues and the cloud stats.

It depends what settings you use as to what detection engine(s) are used during a scan. Always leave the ETHOS & SPERO cloud engines enabled. If you use the ClamAV module enabled then all three detection engines will be employed during a scan.

Some improvements & additions to Immunet's processes were made to make them much less likely that malware can disable them.

I hope this answers your questions adequately.
Cheers, Ritchie...

 

[cesccerdanya]

Thanks for answering, Ritchie. Regarding the amount of memory that the program is allocated, any comment?

[ritchie58]

The amount of CPU/RAM usage depends on the settings you use. For instance if you're looking for the smallest system footprint by Immunet you could go the minimalist approach and only use the cloud engines. However it is recommended that if you use Immunet as a "stand-alone" AV solution to enable the ClamAV module & updates for it which will use additional memory.

Of course when an update is occurring or a scan is implemented Immunet will use additional system resources. Enabling Scan Archive Files & Scan Packed Files will make Immunet dig deeper looking for malware. That will also increase the amount of resources being used & the scan time. Most malware code is encrypted/compressed so it is a good idea to use these settings however.

Best wishes, Ritchie...