Why companies need to take a multi-layered approach to anti-virus protection

When we talk about security, defense in depth is not a new idea. It is widely accepted that no single technology or point product can provide adequate protection from today’s sophisticated network attacks. Modern threats employ complex techniques capable of infecting multiple touch points within the corporate network. Let’s review why your organization should implement anti-virus technologies at multiple locations such as firewalls, email gateways and endpoints, and how these technologies differ but help us achieve our common goal of protecting corporate networks and data.

Detecting and preventing a virus at the firewall before it enters the network is the ideal way to protect your infrastructure. Modern next-generation firewalls, in addition to having standard firewall features such as stateful packet inspection, include integrated Intrusion Prevention Systems (IPS), advanced malware protection and the ability to control application traffic as it enters the network. One key method that attackers use to overcome detection is encrypting the traffic that goes through the firewall. A second shortcoming of many legacy firewalls is the inability to scan all traffic without introducing visible latency. In other words, not all next-generation firewalls are built the same. Dell SonicWALL Next-Generation Firewalls offer deep security by scanning all traffic including encrypted without degrading performance and are one of the few in the industry that has been independently tested and certified for network-based malware protection by ICSA Labs.

Though newer forms of communication continue to emerge, email still remains the primary form information exchange. Virus-laden emails are the most elusive yet damaging form of email threats. Equally menacing, zombie attacks can disrupt business operations for days. Zombies are remote-controlled code that get installed on end-user systems and send spam, phishing and viruses using corporate email systems. These zombie attacks can lead to corporate domain blacklisting and network bandwidth deterioration. The complexity and speed of virus attacks is so overwhelming, typical point-product anti-virus solutions are not enough. Once again, a multi-layered approach is essential to virus protection for any organization. Dell SonicWALL takes this approach very seriously and as part of its Email Security solution offers three layers of protection through Dell SonicWALL GRID Anti-Virus, Dell SonicWALL Time Zero Anti-Virus, anti-virus signatures from industry leader McAfee® and zombie detection.

Finally, if all devices in a corporate network remained within the firewall/email security boundary and did not connect to the Internet or interact with peripherals such as USB devices, CDs, etc., then there would be no need for an endpoint anti-virus solution. But such restrictions are detrimental to the productivity of the company and unrealistic to implement. This leads us to the most common and obvious place to implement anti-virus protection which is the endpoint. Thought it is still the most essential place for anti-virus protection deploying, maintaining and enforcing the right security software on endpoint devices can strain IT resources and budgets. As discussed earlier, Dell™ SonicWALL™ next-generation firewalls provide an innovative multi-layered anti-malware strategy consisting anti-malware solution at the gateway. Additionally, the firewall simplifies the deployment of anti-virus solution at the endpoints. Dell SonicWALL Enforced Client Anti-Virus and Anti-Spyware offer comprehensive virus, spyware protection for desktops and laptops using a single integrated client. Developed in partnership with McAfee, it provides automated updates of virus and spyware signatures, eliminating machine-by-machine deployment, thus minimizing administrative cost while providing full protection.

About the Author: Swarup Selvaraman