Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 31

Thread: Cloud computing and it's security aspect.

  1. #11
    @Cider.. No No .. don’t get me wrong.. I wasn't trying to make the conversation private.. I just wanted to talk to MS about something’s..



    which is light due to "scanning" from the cloud.

    From my testing of Trend's product, which specifically utilizes cloud for scanning I found this to be foolish.. I for some odd reason didn't agree onto the way the product functioned (it was a single executable scanner [not housecall 7] that trend provided to my company). It relied "completely" on the cloud for its scanning need and scanned only certain areas. Just to confirm I asked the eng's present there is this is how the test product is configured or there are some parameters to it. He clearly mentioned that the scanner picks up information from the cloud and scan’s only area's that are "currently" seeing heavy infection. If we believe him, then it’s easy to conclude that relying on cloud for scanning needs is stupid.

    If we don't believe him (i don't) then still instead of relying on cloud "completely" for scanning needs / def's i think we can use cloud to transfer information fast about spreading risks and other such needs.. The way trend has developed its product and I’m also talking of house call right now is actually going to provide less protection overall. If anyone gets time to check new version of housecall you will find that it scans only system folders + few others to find risks. This is inefficient use of cloud architecture plus companies / individuals using this product will be exposed to more risks overall.

    My point of conversation here is mainly that cloud architecture and its current use with respect to security risks being created and destroyed depending on its deployment / use and architecture overall.
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  2. #12
    Btw, I also feel either i've not understood use of cloud architecture by AV vendors or I do not understand the reply to the post.

    The way Trend portrayed it is a global information sharing center. Like if I find a file which is bad it will be told to everyone using trend.. like a broadcast.. am i going wrong here ?
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  3. #13
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    No No,

    That is basically it however you say it relies on the cloud for everything. Incorrect from my side. You will have a resident antivirus signature file which only disinfects maybe 1 million malware / virus's / spyware or whatever but having access to the cloud we have access to 30 Million ...

    Also if a suspicious file is detected through behavioral analysis and deep code scan , the MD5 of that file will reference the cloud and then it will be autogenerated and put it if it pertained as goodware or badware.

    I understand your point where it relies totoally on the cloud... Ho do you infect the company? Kill their internet and then plug in the USB and off you go - no protection. There has to be protection from the cloud + a resident sig file + strong enough heuristic scanners to eat up suspicious files ...

    but in the sense of "outsourcing" your companies AV or whatever app can be outsourced to a hosted service, could also have issues.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  4. #14
    What the AV vendors are doing is something firewall vendors started years back.. Where rules you create are sent back to the vendor and he decides to either roll them out to all his customers or if he finds them malicious he doesn't do anything..

    This is basically what I’m talking about :

    http://www.agnitum.com/support/improvenet/technical.php

    .. If AV vendors use the cloud to pass on information fast to everyone else, its good idea. Using information from the cloud to protect customers will definitely be good but I think for one vendor "trend" they're going the wrong way as of now to an extent.

    Speaking of cloud to provide service like Amazon or Google.. What are your thoughts ? How will privacy laws affect data being given out submitted in the cloud affect current situations?

    The thread is actually alive !



    EDIT : I was going over how trend is planning to roll out its AV in coming months which will utilize cloud architecture .. I had a question will all these machines sending information to the cloud, wouldn't the processing be over whelming ? I mean so many files, so many MD5's (I think they should have SHA1 or above, but whatever) wouldn't it be an information overflow ?
    Last edited by ByTeWrangler; July 7th, 2009 at 04:39 PM.
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  5. #15
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    wouldn't it be an information overflow ?
    Well as I understand it from Panda Managed Office Protection, only the suspicious files, caught by beahvioral or deep code scan will submit their md5 so it wont be every file ...

    The resident has a resident signature to deal with most threats internally, never leaving the network to access the cloud.

    I would also like the response towards google and so on about doing this sort of thing ...
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  6. #16
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Quote Originally Posted by ByTeWrangler View Post
    Hey I just went over Trend's documents and presentation (sale's oriented) describing how they are using cloud computing for their anti-malware / enterprise grade products..

    I really don't like the way they have done this! I mean it's stupid and actually decreases security level provided.. It does decrease the time frame for new malware to be detected but provides much less security too..

    Can we discuss this? (PM / IM maybe, please )
    I'd be interested in discussing it but if it's ok, can we get into the in-depth discussion next week after Monday morning? I'm in the process of studying for my VCP 4 Beta exam (it's rather lengthy) and want to pass it on first go but I know it'll be longer than the regular exam.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  7. #17
    ALL THE BEST FOR YOUR EXAM'S !

    YOU WILL PASS I'M SURE !

    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  8. #18
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Funny things clouds...........they are woolly, fuzzy, and obscure your vision. But, every one of them has a silver lining, or so the saying goes.

    At least that seems to be the hope of Google, Microsoft, IBM, Sun Microsystems and everyone else who seems to be trying to jump on this "cloud computing" bandwagon............or will it be a gravy train?.............they wish!

    There is no such thing as "The Cloud" other than in the imaginations of marketing drones and media hacks.

    It already has a name as it happens.............it is called "The Internet"

    So, given that we are really talking about "Internet Computing", I would suggest that these are a few of the areas where security needs to be considered:


    1. Everything is a service so who is responsible for controlling and securing it?
    2. Who audits their stewardship of these responsibilities?
    3. Who hires and vets the staff?
    4. Who ensures regulatory compliance and how?
    5. Location of data.
    6. Encryption and secure data transfer.
    7. Access control; both physical and remote.
    8. Disaster recovery
    9. Business continuity.
    10. Forensics



    It might be useful to look at stuff on e-commerce security, as a lot of the issues will be similar.

    P.S. Good Luck MsM!

  9. #19
    http://www.youtube.com/watch?v=QJncFirhjPg

    Possibly the best video out there explaining Cloud Computing. I always compared it with virtualization but it’s not exactly the same. Anyway A MUST WATCH VIDEO.
    Parth Maniar,
    CISSP, CISM, CISA, SSCP

    *Thank you GOD*

    Greater the Difficulty, SWEETER the Victory.

    Believe in yourself.

  10. #20
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Thanks, ill get someone to download and ill preview it later.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •