A Brief on Anti-Virus for Enterprise Systems

Site Links

Part 1: A Brief History

In the corporate world; many firms rely on readily available security services and anti-virus programs for both their client workstations and their advanced systems. Usually in the past the majority of enterprise security was limited, but in the past ten to twenty years new companies have emerged to combat the threat of malicious software. The first of these services was the (UVK) or "Ultimate Virus Killer" product created by the German company G Data Software in 1987 for the Atari ST platforms. This was the first step in a budding industry in a world that was about to be rocked by malicious software. In the following years several influential household names for antivirus software companies emerged, Symantec, MacAfee, and Avira Anti-Virus were among the first. Perhaps the most famous antivirus products initially released was created by Tjark Auerbach who founded Avira and created "AntiVir" codenamed: "Luke Filewalker."
Following the beginning of the 90s most of the modern Anti-Virus Companies began to form. Symantec released its first version of Norton AV in 1991, in 1990 the founding of the Computer Anti-Virus Research Organization (CARO) which in 1991 released its "Virus Naming Scheme", and became an outdated but was potentially the widest standard convention of virus classification ever adopted by several companies. While the adoption of the "Virus Naming Scheme," failed to gain traction an enormous number of companies to this day try to stay as consistent as possible with other companies and even work together to share findings on current exploits. Most of the early ages of Enterprise AV companies were initially spearheaded by the Companies that made the Operating Systems themselves. Microsoft released its initial network security software, which was geared toward enterprise systems, and in addition to consumer grade systems. Today however there are many options available for enterprise systems, commonly held practices include the installation of OSSEC, in addition to Symantec Endpoint Security as a more expensive solution to enterprise antivirus, other companies and small businesses may purchase Malwarebytes Anti-Malware Enterprise Edition which comes with Malwarebytes Anti-Exploit as the primary tool for avoiding zero-day exploits as well as other possible threats which may occur. There are many other products available but for the majority of systems in Academia the majority of the security contracts come from Sophos Anti-Virus as the primary AV product of workstations, and in very rare cases critical University Infrastructure and Networking Systems.

Various types of open-source Anti-Virus or enterprise security software have sprung up over the last 20 years, this includes the famous open-source ClamAV which was released in 2001 written by Tomasz Kojm, which has now been bought under the umbrella of Cisco Systems in 2013, but remains open-source and free to use. OSSEC is another security software that is completely open source, and available across multiple operating systems originally developed by Daniel B. Cid; OSSEC operates as logging analysis software, and is classified as a Host-based Intrusion Detection System or HIDS. Current Operating systems supported are most Linux distributions, OpenBSD, FreeBSD, OS X, Solaris, and Windows. To this day it is the main service that is used primarily for network forensics and even diagnostics.

Part 2: The Many Threats and the Necessity of Enterprise Anti-Virus Systems:

Today’s modern Anti-Virus systems that are essentially for home and consumer use are numerous, however the type of Anti-Virus and malicious software detection that you use at home, is completely different than what firms use for their everyday operation. In response to most threats firms choose to purchase a license or security system from many accredited corporations. Many would either hire Sophos, Symantec, or Kaspersky for traditional workstation use; however for larger operations many corporations would have Red-Hat Enterprise Linux as their backbone for networking and services infrastructure. Despite its varying degrees of reliability some firms also use Microsoft Windows Server, and also include various security packages and plugins for their own use. Many however will continue to stick with Red Hat and buy support and other royalties from their licensing agreement. While Red-Hat is a commercialized distribution of Linux, most of the code is open-source.
Many threats exist in the current present day work environment. Some heavily damaging malicious software found in the wild can and will cripple a small business to even the largest firms is proper protections aren’t in place. These threats include ransomware such as Cerber, which operates as RaaS or (Ransomware as a Service), other damaging types in the ransomware classification include Lockey, and Crypto locker however that latter has been phased out. The primary goal of ransomware is to hold the files and digital property of the victim for ransom, mainly locked with extremely sophisticated encryption mechanisms that can only be unlocked with the right randomly generated key. However that isn’t everything, ransomware also as its name implies carries an enormous fee to unlock and save all of the individual’s files. These fees are normally paid for in crypto-currency and in addition the currency most often used is bitcoins paid to an anonymous onion page in the Tor Browser. Most criminal malicious software developers are mainly organized into lone black-hats or heavily organized criminal enterprises many of whom are located throughout Far East Asia, Eastern Europe, and Central Asia.est Common Practices, and Enterprise AV Page: This page will have multiple divs and tables detailing the best software alternatives concerning network/server infrastructure, workstations, and telecommunications for a small to large business. In addition to this it will cover some of the differentiations between the products and services both detailing pros and cons toward implementing them.

Part 3: Recommended Products and Services:

With the way the market is heading many firms are in need of high quality and reliable products. In today’s world many corporations have begun to invest in Enterprise Linux systems due to their high reliability as well as their extra layers of embedded security. However for companies still persisting to use Windows or Mac OSX for their workstations it is highly recommended that the installation of Malwarebytes for both of those operating systems are in place. There are certain instances with the compromising of Mac and Windows Systems that could in the end spread to other devices on the network via a pivoting exploit. However in many cases the usual occurrence is simply the need to wipe the device and start over. Malwarebytes for Business is an excellent alternative for securing workstations that still rely on Windows and Mac OSX, partially due to its reliable Zero-Day Exploit Protection, Anti-Ransomware Protection, as well as active Web and Network Monitoring Protection for both web browsers and outbound connections to possibly comprised domains. The reason why this product is heavily recommended is not only due to its reliability for the Operating Systems stated, but also partially to its minimal consumption of resources, and that it isn’t annoying for most users, and its prompts aren’t heavily distracting either. In addition to this the services are relatively cheap compared to most firms, and in addition they do offer small-business and are planning on adding packages for academia as well.
Symantec Endpoint Security is another heavily endorsed products as it covers most bases for both network and workstation security packages. In addition it is pricier that most would care for, however it does provide excellent service packages, as well as high priority support to clients. Enterprise Sophos Anti-Virus is another product for firms, in addition to covering both Networking and Workstations it offers great contracts and deals to academia, as well as school systems, because of this it has the education market cornered, but they still carry great support and price packages. For those who do not care for monopolized Enterprise Packages, there are open source alternatives for security for both workstations and networks. Linux Distributions primarily enterprise ones like CentOS, and Red-Hat especially are key products for workstations as they come packaged with SE-Linux which is a critical resource on the Operating System that guarantees almost impenetrable security for the device. A popular open-source network security resource is OSSEC, which as I’ve stated before is crucial for providing up to date forensics and heuristics for servers. Red-Hat Enterprise Linux servers with their support packages included also make up the majority of open-source security services for servers and high end corporate infrastructure; CentOS also is a great free alternative but requires more manual maintenance and professionalism.

Part 4: Conclusion

Many firms today are at risk of potentially devastating malicious software attacks, with the largest and critical companies such as credit card, phone, and insurance companies being hit the hardest with tech companies following closely behind. As a result drastic and crucial measures are taken to ensure the securing of high end security services and support. Many companies invest millions on updating their information systems and providing the highest degrees of security on the market. With this in mind one must take into account the risks that firms face, as well as the best cost effective way to reduce or mitigate these risks. In today’s world many threats are out there, be they ransomware, Trojans, worms, botnets, and other security threats, so many companies must take the necessary steps to secure their systems or face intense public scrutiny for their failure to secure user information and critical data.

References: IN APA FORMAT

1.Cid, D., Rossi, J., Parriott, D., Shinn, S., Bassett, S., Lhotsky, B., Widdersheim, A., Hargrave, V., Cheng, J. (2017, Jan 1) About -- OSSEC. Retrieved from http://ossec.github.io/about.html
2. Nameless. (2017, May 2) About Symantec. Retrieved from https://www.symantec.com/about

3. Nameless. (2017, May 2) About Malwarebytes For Business. Retrieved from https://www.malwarebytes.com/business/endpointsecurity/

4. Wiki Contributers (2017, May 2) Antivirus Software. Retrieved from https://en.wikipedia.org/wiki/Antivirus_software

5. Wiki Contributers (2017, May 2) Symantec. Retrieved from https://en.wikipedia.org/wiki/Symantec

6. Wiki Contributers (2017, May 2) ClamAV. Retrieved from https://en.wikipedia.org/wiki/Clam_AntiVirus

7. ClamAV (2017, May 2) ClamAV. Retrieved from https://www.clamav.net/