Traditional security solutions are obsolete. Symantec security researchers see 200+ million attacks on average every month, the vast majority of which are never-seen-before threats and delivered via the web. While Symantec created nearly 1.8 million new virus definitions in 2008, the reality is that the signature approach and other traditional methods of security are not keeping pace with the number of threats being created by online criminals.
"Looking at the sheer volume of infected systems in the world, one thing is resoundingly clear: basic security protection is not good enough," said Rowan Trollope, senior vice president, Consumer Business Unit, Symantec. "Norton pioneered the signature-based model of security and today we’re introducing a new standard that reconsiders all facets of protection. ’Quorum’ lets us stop the bad guys even if we’ve never seen their ’wanted’ poster."
Similar to the auto industry recognizing the need for a significant shift to more fuel efficient vehicles, Symantec believes the security industry demands a similar "rethinking" of the traditional approach. With the 2010 Norton products, Symantec will introduce "Quorum," the codename for a new protection system based not only on the traditional "fuel" of malware signatures but also on the new "fuel" of reputation with an intelligent control system using each when necessary.
In spite of the dramatic shift to a constant flood of deceptive and unknown malware, industry responses have been largely based on adjusting existing protection models rather than adopting a fresh approach. Project Quorum introduces not only new reputation-based threat detection, but also reconsiders other fundamentals such as security alerting, threat removal, antispam and parental controls.
The New Fuel: Reputation
From web page rankings to finding the perfect restaurant, the concept of reputation has harnessed statistics and ratings to solve a diverse series of problems online. Similarly, Symantec’s 2010 products use application reputation in response to the problem of dealing with online criminals who use unique, new threats to evade security vendors. Application reputation is created by leveraging the millions of users in the worldwide Norton Community Watch program who choose to anonymously contribute data about the characteristics of the applications running on their systems. Most users run mostly good applications, of known origins and with known publishers and other common attributes. Conversely, malware typically has never been seen before, has an unknown publisher, and other attributes that give it a poor reputation. This data enables Symantec to calculate a reputation safety score for each application. Without ever having to ask the user, Symantec can statistically infer with an extremely high degree of accuracy the likelihood of an unknown application being good or bad.
The Control System: SONAR 2
The next generation behavioral antimalware system, SONAR 2, intelligently measures feedback across the PC to make high accuracy decisions, seamlessly switching between protection "fuel" types as needed. SONAR 2 is designed to detect unknown threats by harnessing intelligence from all Norton protection features, whether it is driven by network communications, program activity on the system, leveraging reputation data in the cloud, or other defenses.
The New Dashboard Gauges
The new genre of deceptive threats that trick users into installing them by posing as software updates and codecs have made typical detection alerts outdated as they fail to describe what has happened in plain language. Norton 2010 will introduce a new experience that will help users better understand what has happened during an attempted infection, while still remaining unobtrusive. Novice users can now quickly grasp what took place while technically savvy users can drill down to details such as the threat origin and any activities performed.
The new protection model of Norton 2010 additionally extends to both AntiSpam and Parental Controls. AntiSpam features a new engine from Symantec Brightmail to bring enterprise-class protection to consumer inboxes. The new AntiSpam feature offers dramatic effectiveness improvements with no time-consuming "training," working from time-tested heuristics and cloud-based signatures. Additionally, Norton 2010 users can sign up for a free subscription to OnlineFamily.Norton, a new Web-based service that keeps parents in the loop on their kids’ online lives and fosters communication about what’s appropriate and inappropriate behavior on the Internet.
"Symantec is in a unique position to bring this approach to market due to our unmatched installed base and the fact that we’ve had teams of engineers developing and refining this technology for the past three years," said Trollope. "No other vendor’s approach to consumer protection comes close. Our new approach changes the ’rules’ by both enhancing traditional security techniques to make them more aggressive and by making it dramatically more difficult for attackers to evade detection by simply changing their malware."
All flagship Norton products including Norton 360, Norton Internet Security and Norton AntiVirus are planned to be Microsoft Windows 7 compatible as of the general availability of the new operating system. Norton users with a valid product subscription will receive the compatibility updates delivered automatically online at no additional cost.
Norton beta testers are encouraged to share feedback and discuss their product experiences in our online Norton Public Beta Forum.
Beta Availability [July 6, 2009]
These beta products are available for free public download now at:
Norton Internet Security 2010 beta: www.norton.com/nis2010beta
Norton AntiVirus 2010 beta: www.norton.com/nav2010beta
Send this IT news to a friend