Security

Sophos Reinvents Antivirus With Cloud Lookup

Sophos has become the latest security vendor to harness its antivirus software to a collective database based on cloud detection.

The company announced the loud-based 'Live Protection' system as part of the new version of its all-in-one business security client, Endpoint Data Protection 9.5.

PCs running the software still use local signature databases but in the event that the threat engine detects a file with suspicious design, or simply one it cannot classify, it can now reach out to the cloud database as a second line of checking. Files are quarantined until identified.

The premise of cloud intelligence systems such as this is that the database represents the the sum of the files seen by all its contributors, which in this case is all the subscribers to Sophos's antivirus products. This is supposed to increase the reach of its detection, not only to help spot unusual malware but to avoid the traditional bane of fingerprinting systems, false positives.

Sophos has also added a new URL filtering system based on live lookup, which analyses every URL entered in a browser. The company claims this can be done without any performance hit and would be especially useful when connecting in public places not protected by corporate systems.

"More and more people are working outside the office without using the VPN," said Sophos product specialist, Jonathan Tait. "IT teams pay security companies to protect them from bad stuff, but many vendors leave customers to decide what to do with suspicious files," he said.

Version 9.5 also extends the software's support for Microsoft Hyper-V and VMWare's vSphere

Cloud intelligence is undoubtedly the future of antivirus software because it will, in due course, make plausible application whitelisting. Live lookup of URLs is another feature that will creep into antivirus software in the coming months.

Consumer and business security company Panda Security already uses a cloud-based collective fingerprinting system.

Sophos subscribers will be due to get the new features free of charge from today.

Subscribe to the Security Watch Newsletter

Comments