Panda Launches New Internet Cloud Protection
I sat down and spoke to Ben Kaplan, senior director of products over at Panda Security. He gave me a quick rundown, noting that Panda Security is a world-wide company with 750 employees and headquarters in Spain. They’re growing, but they’re not that well known in the US.
But Kaplan was sure of one thing; “Panda Security [has been] built with a track record of innovation.” Kaplan boasted that Panda Security in 1998 became the first company to offer a daily signature file. And he says the innovations have been ongoing since that time.
These days, Panda is discussing protection in the cloud. How does it work? First, Kaplan gave me basics. “We call it “Collective-Intelligence” in the cloud. [We have] 25 terabytes of analyzed malware [and good ware]. With 48 million files hosted in the database, it’s quite a bit of data. We do all processing in the cloud [and can] scan a machine quickly.”
But still, how does that work? Wouldn’t you still need a client? Indeed, you do.
“[Our client] scans a machine quickly and each file [on the drive] gets a hash. Then, the file hash goes up to the Collective-Intelligence cloud and is scanned against the 25TB database. If [any hash matches known signature for malware or virus] the client knows and the file is removed from the machine.” The introduction of the new “Internet Security” package brings the ability to detect botnets, phishing, cross-site scripting and other advanced web 2.0 attacks.
Kaplan noted there’s no daily definition updates needed to be constantly downloaded, and that the user benefits from the exposure to a bigger database with instant protection. Plus, their client is light weight, calling it a “nano-agent,” leaving a minimal footprint and impact on the user’s computer.
I brought up some privacy concerns, considering the fact that every file was scanned and uploaded. Kaplan stressed that the physical file never leaves the computer, just a hash-tag does. However, if a user does come in contact with a ‘new’ virus that’s recognized in the cloud, that user instantaneously helps everyone else running Panda Security because the new hash for the new virus is added to the cloud database. In effect, you getting a new virus helps protect everyone else instantly. “Response time to new viruses is typically done in 24-48 hours…[but] we’re able to respond in minutes…” And what if your machine is offline? “There are local signatures… that provide enough protection until the next time you connect.”
Still: how is all the traffic filtered through their system? I pressed Kaplan on the technical details, but he didn’t get too specific. He noted that it works with a combination of specific proxy servers and tweaking of host files in the operating system. But basically, no traffic gets in and out of the computer without first hitting Panda’s servers.
Would that cause a bottle neck? Kaplan noted that there’s a hardly-measurable (if at all) hit on speed. Panda’s servers don’t deal with the traffic, they just quickly see if File A is a virus or malware, and then spit it out, or move on. It’s all done in real time and it’s all in the hash tags.
Implementation in a company is simple, too, since there’s no big hardware that needs to managed on site (and Panda will run on big hardware servers, too). Without having to convince a company to invest in hardware that gets outdated, VARs might see some huge potential. It allows businesses to focus on their business, and VARs to manage issues off-site by simply logging into a central management console.
“We’re the only security vendor to offer protection of all three threat vector with cloud based SaaS solutions,” asserted Kaplan. What’s more, management of a company’s network can get “granular,” with Panda Security. Kaplan noted that on top of URL filtering, you can control Web 2.0 app access, like Facebook, instant messaging and Pandora. But you can get down to the nitty gritty. You can let your users log on to Facebook, but restrict their ability to write on walls and share videos.
You can also enforce compliance by implementing rules on outbound data, too. The example given was that no Excel files can be mailed, uploaded or moved outside the company’s network. Plus, mobile employees are protected just as much, since through the unique implementation of tamper-proof traffic-tunneling process, Panda will always route traffic to the nearest data center.
So VARs, if you’re ready to jump on board as a partner, you’d be happy to know that Panda is 100% channel focused. The management console can be co-branded for your needs, and the logs that Panda Security provides can impress your customers. There’s full forensic and data mining capabilities without the sludge of massive weblogs and the ability to show how well Panda is protecting the company, despite the nearly ‘invisible’ layer of security they have. As of now, this package is for SMBs only, but Kaplan said there may be consumer-level implementation much later down the line, but was unsure.