vendor

Following my question to readers around the globe - Do we really need Antivirus solutions in 2008?  - The answer is a non-surprising YES we do!

As Alan over at Stillsecure puts it:

Alan goes straight to my point - we do not need the AV of 2001 - we need the AV of 2008. The solutions of today is a combined tool that offers virus cleaning/stripping, spam handling, malware control, IDP/IPS and so on. And these tools will continue to develop as the threats changes and evolve.

Kurt Wismer put it this way in comments, and on his blog:

Self replication has a way of ... attracting attention - exactly! So what we see today is that many malware authors try to avoid detection, and keep more control over the process of inflicting damage. And as such malware is not detected by normal AV-tools using signatures, we need tools that are able to detect threats that tries to fly below the radar. Which brings us back to Alan and the 2008-AV tools.

Andy is as usual spot on with his comment:

Yes, we would be much worse. It would be only a matter of time before the old jungle of virus and worms would flood the net again. It is like the measles of Alan all over again.

To summarize my take on AV anno 2008 - we still need it. We need it more than before. We need it as one of many building blocks to take care of security.

As Larko put's it:

I guess that some would, but that does not mean the rest of us should!

One of my favorite bloggers, Rob Newby has been ranting about business, technology and compliance the past few days.
He is making one major point - NAC and Firewalls will not last forever.

Although I am certain that his posting will uproar some of the vendors, and some of the technical readers as well, I happen to agree with Rob.

Technology evolves. It changes. It adopts.
Most importantly, it must change. It should adopt. If it did not, we would still be riding rock carts like the Flintstones.

And I must admit I prefer heated, leather coated, soft seats, where I can listen to an V8 roar at my willing. Knowing that some years down the line, the V8 will be replaced by an electric engine.

With IT, it is the same thing. As it is with security. The thing on your lap is not an ENIAC, mind you!

If you take a look at the firewall, it is easy to understand as well. The port controlling (stateless) FW from the 80s is still in place in today firewalls, but is only a small part of the package. Add statefull inspection, AV&AS, webfiltering, VPN and a coffee machine, and you have the UTM of today.

With NAC, the same thing will happen. It will end up as a part of the internal security systems only. And some years down the line you no longer realize that what was key technology in 2007, happens to be only one of many technologies that takes care of your ICT systems.

The challenge of all times in a commercial world is to be able to look beyond the buzzwords. To use your own business targets, goals and challenges when you choose your strategy.

Only when you take control yourself will you be able to control your world. If you leave the decision making to vendors and buzzwords, you will find yourself a hostage of insecurity - you will never know if you are adequately secured. And that is the point of forcing compliance and governance - to put you in control, to enable you to drive your modern, secure and up-to-date car. 

So that you do not have to keep dinosaurs as pets and kicking about in your rock cart.