Cloud Native Operational Solutions – Malware Prevention Management
Malware prevention is a very hot topic due to the recent ransomware attacks that have completely crippled several companies and organizations. For most smaller companies, being able to hire a full-time security engineer is a pipe dream at best, and even larger companies just don’t see the need to spend money on a dedicated security resource. The need for malware prevention is undeniable given the number of threats that are out there on the internet and the incentive that hackers have to continue to create more and more malware. Malware prevention and endpoint protection software at an enterprise level have traditionally been cumbersome and unwieldy to manage and maintain.
The benefits of managed malware prevention are:
- Simplified Deployment – Malware prevention management solutions are notorious for being a pain to install and get started. This becomes less desirable based on the fact that malware prevention is a true business value add in the eyes of most on the business side of a company.
- Simplified Scalability – One of the challenges with managing malware prevention or endpoint protection servers is the storage for packages and maintaining the database. Leveraging the SaaS offering can offload that work and allow management of 10,000 hosts to be similar to that of a back-end environment of 10 hosts. Not having to worry about re-architecting the deployment when reaching a certain number of nodes is a major win for operational efficiency.
- Faster Access to Technological Advancements – Malware prevention is a constant game of playing catch-up to prevent the latest form of malware that is smarter and more advanced than the last one. SaaS offerings enable administrators faster access to advances that security companies create. An example is a more advanced threat detection engine that utilizes machine learning but would require an upgrade for non-SaaS implementations.
The following solutions are managed deployments. This means the malware prevention management software company has added a deployment solution to the respective cloud provider’s marketplace to allow the infrastructure to be provisioned with the click of a button.
Palo Alto Networks VM-Series Next-Generation Firewall Bundle
Palo Alto Networks VM-Series Next-Generation is a virtual instance that is deployed as a traditional perimeter firewall just like the Palo Alto firewall and includes the ability to detect and prevent malware at the network level. The firewall is available in both the AWS and Azure marketplaces.
Fortinet FortiGate Next-Generation Firewall
Fortinet FortiGate Next-Generation Firewall Bundle is a virtual instance that is typically deployed as a traditional perimeter firewall, but the bundle also includes the ability to detect and prevent malware at the network level. The firewall is also available in both the AWS and Azure marketplaces.
The following solutions are Software as a Service (SaaS) deployments. This means the malware prevention management software company hosts the software for its customers.
Trend Micro Deep Security as a Service
Trend Micro Deep Security is an agent-based Software as a Service solution that supports dynamic inventory validation for AWS EC2 instance workloads and can be used to secure other native AWS services like WAF and Inspector.
Symantec Cloud Workload Protection
Symantec Cloud Workload Protection is an agent-based SaaS solution that supports instances as well as containers. Cloud Workload Protection supports dynamic inventory/discovery for the three major public clouds (AWS, GCP, Azure).
Symantec Cloud Workload Protection for Storage
Symantec Cloud Workload Protection for Storage is a SaaS based deployment that is used to scan AWS S3 buckets for malicious objects. This solution integrates with Symantec Protection Engine to provide a single management interface for both malware protection of AWS EC2 instances as well as AWS S3 buckets.
Arc4dia SNOW is a lightweight endpoint detection/response sensor that feeds data into the SNOW Cloud where advanced anomaly detection and deep analysis are performed on the data gathered from the sensors.
Malware prevention, much like many of the other topics covered in this Cloud Native Operational Solutions series, is an area of IT that very often goes overlooked and uncared for until there is a major crisis that brings the organization to their knees due to a system outage.