Sophos recently released a thinly-veiled swipe at the recent fuss that some security vendors - notably Symantec and McAfee - have been making about the upcoming Microsoft Vista OS. The release from Sophos is as follows:
23 October 2006 - Symantec and McAfee should have prepared better for Microsoft Windows Vista - Sophos comment
IT security firm Sophos is recommending that system administrators ask their security vendors if they are capable of properly protecting them on the forthcoming 64-bit version of Vista, as arguments continue regarding access to Microsoft's operating system code (kernel). Sophos has reassured its customers that Sophos Anti-Virus will offer full protection against malware threats on Vista, and suggests that some security vendors may not have given sufficient thought to the new operating system when developing their products.
Anti-virus firms Symantec and McAfee have recently made high-profile complaints that they are being "locked out" of the Vista operating system kernel by Microsoft's PatchGuard prevention system (also known as Kernel Patch Protection). They argue that this is preventing them from continuing to develop pro-active protection against new malware, sometimes referred to as 'host intrusion prevention' or 'HIPS'. They claim this action is anti-competitive.
However, Sophos argues that its approach to HIPS technology has met with no problems on both the low-spec and high-spec versions of Windows Vista. In addition, Sophos claims that Microsoft has so far provided all the interfaces that Sophos needs for providing this form of protection.
"Symantec and McAfee may be struggling with HIPS because they haven't coded their solutions with high-spec Vista in mind," said Richard Jacobs, CTO of Sophos. "We've taken a different approach, by focusing on catching bad behaviour before it has a chance to occur. Additionally, we are building our technology by making use of supported Microsoft interfaces rather than by trying to subvert them. That's why we're ready for 64-bit Vista, and others aren't."
Sophos Anti-Virus, including its HIPS functionality, has been designed for 64-bit Windows Vista.
Sophos believes that PatchGuard is a positive step by Microsoft to improve security in Windows Vista, and is not in itself anti-competitive, provided that Microsoft delivers on its commitment to provide the same level of kernel support and integration to third party security vendors as it does to its own security product team.
"It's clearly the case that we and other vendors will now have some dependency on Microsoft to deliver kernel interfaces for new security innovations, which could slow us all down," continued Jacobs. "However this is more than compensated for by the additional security offered by Vista. PatchGuard is a step in the right direction for customers, and we believe that security vendors should embrace and work with PatchGuard rather than fight it."
Share this...
- Comprehensive Endpoint Security...
Brilliantly simple security and control The Sophos philosophy is to keep things simple for their customers. Sophos Endpoint Security makes it easy to secure ... - AntiVirus, AntiSpam and Policy Enforcement...
Sophos PureMessage is the industry leader in corporate spam management. Why? Leading anti-spam protection - PureMessage's industry-leading anti-spam techn... - Sophos Joins Windows Security Team...
Sophos has joined Microsoft's SecureIT Alliance, an IT industry push to help improve security for businesses running Microsoft operating systems. As part of the... - Sophos Endpoint Security Review...
Sophos Endpoint Security beats McAfee and Symantec This Endpoint Security for Enterprise comparative review by Cascadia Labs (February 2007) evaluated the ... - Sophos Version 8.0...
Sophos Endpoint Security and Control 8.0 is now available! This new release includes standard NAC (network access control) functionality to identify and contr...
