Skip Links

Webroot plots the end of desktop security

By John E. Dunn, TechWorld
May 01, 2008 11:02 AM ET

TechWorld - Security's rising star, Webroot, plans to offer Web and malware filtering as a service to SMBs, the first vendor of any size to offer such a capability in subscription form.

The software-as-a-service (SaaS) model, which extends the e-mail filtering service already offered by the company, will appeal to smaller and midsized outfits for whom keeping out Web threats with conventional security appliances is now proving increasingly onerous.

Expected to go live in the U.S. in June, the unnamed service will mean business running web traffic through Webroot data centers where it will be filtered for suspicious URLs, web-borne downloads such as Trojans, and vulnerability malware trying to exploit known software holes.

When run with the company's e-mail filtering service, the idea is that the bulk of an SMB's traffic security problems will have been taken care of. Although it can in principle replace desktop anti-malware, the company still recommends users run desktop software as a second line of defense and to intercept threats when using third-party pipes while roaming.

"The advantage of the service model is that you have unlimited computing power and you can do much more. You also have greater visibility [on threats] because you have all the traffic. You can see patterns of outbreak very quickly that you will never see on the desktop," said Webroot's CTO Gerhard Eschelbeck.

He said that the system would be able to stop filtering bypass hacks such as proxy Web sites, even if they were previously unknown. That is the worry - that cleverer users attempt to bypass filtering services by opening encrypted tunnels to proxy sites.

According to Eschelbeck, the trick with stopping users visiting such sites was to detect the URL obfuscation scheme being used from the five in common use today. And if they come up with a new one?

"We can update the service every day so if we see a new one [obfuscation] happening in the wild, we just update our service. That is not going to be possible on a client or the desktop," he said.

Further details of the service are still unconfirmed but it is likely that subscribing companies would have some control over the parameters applied to their filtering through a Web front-end. This would allow requirements to be set on the basis of user or time of day, for instance.

Despite the fashionable jargon of SaaS, the arrival of security-as-a-service marks an important moment for the security industry, hitherto dominated by the idea that security is a problem best solved on the desktop. This model is widely acknowledged to have been under strain for some time as security companies have struggled to integrate new security functions into desktop programs while updating them on a daily basis with ever-larger signature file blacklists.

If there's a downside, it's the investment needed to create the large data centers across different time zones required to offer reliable services. With a rumored IPO in the offing, Webroot has taken the high-risk approach of sticking investor cash into such a building program on the assumption that the users will come.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News