Tuesday, January 16, 2007

How effective is Anti Virus software at stopping worm attacks?

Host Anti Virus software and Network Anti Virus appliances can both be used to stop worms. But there are a few caveats.

1. New exploits may not be stopped by many Anti Virus packages
2. You must use auto-update features of your AV software to ensure that definitions of current worms are activated.
3. Host anti virus will not stop worms destined for any devices except the device they are installed on.

When it comes to stopping worms I recommend a full blown IPS and also behavior based Host Intrusion prevention software. Network IPS mitigates worms against all network assets and behaviors based intrusion prevention does not depend on signature updates to stop threats.

Yes I'm a Cisco bigot check

Check adds on this page for other credible AV and IPS vendors that can mitigate work behavior.

Ha ha, did I really say mitigate work behavior? Ah that should be WORM behavior but I suppose mitigating work behavior wouldn't be a bad idea for some of us......

No comments:

With Great Power Comes Great Responsibility....raise the bar

With Great Power Comes Great Responsibility....raise the bar
Get Secure