How a Cloud Antivirus Works

Whether you have years of computing behind you, or you’ve just bought your first laptop or desktop, you’re probably familiar with the need to protect computers from viruses. A virus is a software program that installs itself on your computer and makes undesirable changes to the data on your computer. Though there are rare viruses designed to target offline computers, we’re talking about malicious software (malware) you can pick up from the Internet.
panda panda

To prevent malware from attacking your data, you can use antivirus software. One antivirus option is a technology called cloud antivirus. Cloud antivirus software does most of its processing elsewhere on the Internet rather than on your computer’s hard drive. Internet technology like cloud computing has made such innovations both possible and affordable.

Cloud antivirus software consists of client and Web service components working together. The client is a small program running on your local computer, which scans the system for malware. Full locally installed antivirus applications are notorious resource hogs, but cloud antivirus clients require only a small amount processing power.

The Web service behind cloud antivirus is software running on one or more servers somewhere on the Internet. The Web service handles most of the data processing so your computer doesn’t have to process and store massive amounts of virus information. At regular intervals, the client will scan your computer for any malware listed in the Web service’s database.

Here’s a summary of the advantages cloud antivirus has over traditional, locally installed antivirus software:

  • You have access to the latest data about malware within minutes of the cloud antivirus Web service learning about it. There’s no need to continually update your antivirus software to ensure you’re protected from the latest threats.
  • The cloud antivirus client is small, and it requires little processing power as you go on with your day-to-day activities online.
  • It’s free! You can get an impressive level of virus protection from the free versions of cloud antivirus software. You can also purchase upgrades for additional utilities and support, for prices that are competitive with popular local-only antivirus applications.

Now that you know what cloud antivirus is, let’s look at the features of cloud antivirus software and how you can use them to keep your system clean.

Cloud Antivirus Features

If you have any experience using antivirus software, the user interface (UI) of cloud antivirus software should look familiar. After all, its primary job is the same as any other antivirus application: Scanning your computer to identify and clean up any malware. Therefore, you’ll find these common functions in a cloud antivirus UI:

  • Scan the entire computer or certain folders on the computer.
  • Adjust when to make automatic scans and what files to include in them.
  • View detailed reports to see what malware was detected during a scan.

Take actions to remove or restore any quarantined files, or files that were neutralized in some way until you decide to restore or delete them.

The unique features in cloud antivirus are those you won’t see in the UI. We’ve already seen that cloud antivirus splits its tasks between your computer (a client application) and Web servers elsewhere on the Internet. Because of this split personality, cloud antivirus can leverage resources from across the Internet to better defend your computer against malware. For each cloud antivirus product, these resources come together to form a central database of malware data.

This malware data is collected in different ways depending on the product. For example, Panda Cloud Antivirus gets data for what it calls its Collective Intelligence from IT and software industry resources, honeypots (computers used to trap malware) staged worldwide and feedback from customers [source: Ilascu]. Immunet Free Antivirus depends on its entire community of users (the Immunet Cloud) to learn about potential threats, adding the data to its Collective Immunity technology . Cloud antivirus servers run algorithms on the data to classify malware by different qualities, including level of threat.

What makes these malware databases special, though, isn’t just their collection techniques. Their real advantage is how quickly they can make that data available to you. Rather than waiting to download some big patch for your antivirus software every few weeks, your computer can scan for the latest threats while you’re online, catching them within minutes of their addition to the database.

For offline access, a cloud antivirus product might keep a cache of malware data on your local computer. The cloud antivirus software can keep this cache up-to-date as long as you’re online. This cache won’t include the entire database of malware threats, but it will include malware that presents the most common threats to your computer.

So far, we’ve looked at the general features of cloud antivirus software. For a better idea of what this looks like, let’s examine the user interface for one of these cloud antivirus products.

Panda Cloud Antivirus

Panda Cloud Antivirus, by Panda Security, is available in both Free and Pro editions for Windows 7, Vista and XP (Service Pack 2 or later). As soon as you install Panda Cloud Antivirus, a panda head logo appears in your System Tray, indicating that the software is running. Click the panda head to open the user interface (UI) for the client software. You can also right-click the panda head to select other options, such as enabling or disabling the software.

 

The UI opens to a status screen indicating whether there are errors to handle or if the system is OK. If the software is currently running a scan, you’ll also see green bars moving across a progress bar. If there’s no scan running, you can start one. To do that, click the Scan icon at the top, which looks like a magnifying glass. There you have the following scanning options:

  • Optimized Scan — Scan select folders and files on your Windows system that are vulnerable to known malware.
  • Other scans > Scan all My computer — Scan everything on your Windows system. This could take a long time if you have a lot of data on your hard drive.
  • Other scans > Scan other items — Check the boxes for specific folders that you want scanned for malware.

When Panda Cloud Antivirus finishes a scan, it refreshes the status to indicate whether there are any security problems. If the status is not OK, you can either click a linked message indicating how many errors were found, or you can click the reports icon at the top which looks like a pie graph. On the reports screen, you’ll see a breakdown of the types of malware Panda Cloud Antivirus found on your computer. There’s also a link to view the full event report, which shows a log of all the application’s scanning activity, all the malicious files it found and what it did with those files when it found them.

Like other antivirus applications, Panda Cloud Antivirus will quarantine some suspect files that it can’t definitively determine to be malware. Panda Cloud Antivirus calls that quarantine its recycle bin, a concept familiar to Windows users. This means the files are neutralized by renaming them in a way that makes them difficult to find. If a file ends up in the recycle bin, Panda Cloud Antivirus gives you a chance to recover that file so it’s usable again.

Each cloud antivirus client will have default settings and options to change some of those settings. If you click the gear in the lower right of the UI, the window appears to flip to its options screen. You can flip this back by clicking the gear in the lower left while you’re on the options screen. Here’s a list of things you can adjust in the Panda Cloud Antivirus settings:

Connection settings through a proxy server (rare for home users but common for people working on a business network)

  • Enable/disable automatic scans (autorun)
  • Enable/disable scanning USB drives, referred to as a vaccination (available in the Pro edition only)
  • Advanced settings to adjust how the scans, recycle bin and reports work.

Next, let’s consider some of the challenges cloud antivirus technology faces and how some software companies have addressed those challenges in their products.

Products and Challenges

There seems to be a growing number of cloud antivirus products out there. The following are some you might want to check out:

 Panda Cloud Antivirus – This is the software we looked at earlier. It has a Free Edition which may be sufficient for you. The Pro Edition, listed at $29,99, includes technical support services and USB device protection.

  • Immunet – This product, launched by a former Symantec executive, emphasizes strength in numbers. The Free edition is designed to gather information about malware threats from users and to share that data with the larger community. Immunet Plus, listed at $24.95, adds offline protection and advanced scanning and removal features.
  • HitMan Pro – This free product is designed to offer a second opinion scan to supplement your existing antivirus protection.
  • Webroot – Webroot and Prevx have partnered to create a cloud antivirus product that was in beta testing as of this writing. We found some hints at what it will look like here.

Cloud antivirus skeptics argue that this approach to malware protection lacks some essential components for security and performance. One concern is the potential invasion of privacy because of the collected data from your computer. Some products may be a bigger threat in this respect than others. Panda assures its users that their files never leave their computers, and that only certain executables are checked against the cloud data, which excludes files that could contain personal information. Before you decide on any cloud antivirus product, be sure to find out what data from your computer could become part of its collective database.

Performance arguments include some of the same concerns you might have about traditional antivirus software. For example, cloud antivirus software could increase the time required to start or shut down your computer or slow down the overall performance of other applications. CNET reviews of Panda Cloud Antivirus demonstrate some of the impact that product had on a system compared to having no other antivirus software and found that it had a “small but detectable impact on system performance” . It’s possible, though, that this might still beat the impact of some traditional antivirus programs. Determine whether a cloud antivirus product’s performance is acceptable to you by trying out the software on your computer through your day-to-day activities. For most cloud antivirus products, giving it a try won’t cost you anything!

Source: Howstuffworks News