Since larger businesses have a lot more at stake, having Layered Security becomes even more vital. It is in this environment that we design Anti Malware solutions to work in different areas of the business network for specific reasons.
Secure or Convenient?
There can potentially be a number of different solutions across the enterprise and some may think it is too much to manage. It may be more to manage but the truth is real security is not convenient. If we have a single solution across the whole enterprise (Mail, Gateway, Servers, Desktops, Laptops), then we have a single point of vulnerability. On the other hand the more layers we have the more difficult it becomes to get Malware by.
Client Anti Malware
The client is the last line of defense. Because this is where the largest threat surface is, (user behavior), this is where we need the best protection. Today that means a totally locked down environment using Application Whitelisting or a solution proven to be consistently the best at zero day threats. The footprint, update reliability and ease of use must also be considered.
Server Anti Malware
Since servers don’t generally go surfing on the Internet (or shouldn’t), they get files that are sent to them by other servers and users. Key considerations for choosing a server Anti Malware is footprint size, scanner speed and detection rates. Having a different solution for the servers than the clients supports the little known and dirty little secret that “Some catch some and some catch others.”
Email Anti Malware
In today’s web based world, we recommend getting email security as a service because they can focus entirely on making sure your mail is safe and you are getting only the mail you should. The ability to have multiple Anti malware scanning engines scanning each email further adds to the Layer Security.
The gateway Firewall has come a long way and now includes some pretty impressive Unified Threat Management (UTM) solutions to try and stop threat in motion. Client and Server Anti malware have the ability to look at files as they are read and written but the UTM looks at the packet level to see if there are patterns of threats being transmitted. Having different Anti Malware here provides even more layers of checking making it that much more difficult to get Malware through to the network.