Immunet 3

Your mention of that jogs my memory and is the primary reason I dumped Immunet back when v3 first arrived as I was expecting that to be implemented. I also found its all-too-often, um... intervention during installs to be a real pain in the seat. The nail in the coffin was when it foobar'd a Windows update.

 

One would hope you don't do your own book keeping.

Please cite your source for this attestation.
A link to Immunet documentation or FAQ will suffice.
Or a screenshot of a TCP connection monitor where you observe an Immunet process accessing ep-reverse.nimbus.bitdefender.net

 

Well, IMO you can´t beat the most impressive cloud service ever, namely: VirusTotal

The only drawback, it can´t scan files larger than 128MB, but almost all apps (except for games) are smaller.

 

Slightly off topic, but I couldn't agree more.

But since you mention it, Zemana AntiLogger Pro will in real time submit to VT threats detected by its System-Defense module.

-http://www.zemana.com/product/antilogger/modules/intelliguard.aspx-
-http://www.zemana.com/product/antilogger/modules/system-defence.aspx-

I don't do the Internet without Zemana.

 

As noted in a previous post;

The no-name engine is the Bitdefender cloud. On Immunet pay version, you get the Bitdefender signature download, too, + root kit scanning.

Which Immunet references - even when ETHOS+SPEROS are disabled, it still has a massive threat database. I wasn't sure what that threat database was, but others keep pointing to BD cloud as part of their Tetra licensing agreement.

 

Is this documented somewhere? thanks

 

It specifically states that Bitdefender is only included in the Plus version within their Tetra engine. Free is just ClamAV and about as close to useless as possible unfortunately.

 

I know the Tetra/Pro version uses Bitdefender. I didn't see any mention of the cloud using it.

 

None of this is meant to be construed that I present Immunet as anything other than a fine and effective infosec solution. However...

Tetra is Immunet's branding for its local implementation of Bitdefender's signature enabled engine of which kernel libraries include bdcore.dll and trufos.dll.

Bitdefender's cloud services live on servers at ep-reverse.nimbus.bitdefender.net. The only way I know of as of this writing that one can access these services for free is by running the TrafficLight Add-on in a supported browser or BD's own (seemingly abandoned) Free version.

The only way Immunet could implement the "the Bitdefender cloud" is if
1) they mirrored ep-reverse.nimbus.bitdefender.net in their own servers or
2) a local Immunet process is doing so, as in TrafficLight.

Alternatively, Immunet could be analyzing client pushed Ethos and/or Spero detections in real time with BD's libraries within their infrastructure. But that is not "the Bitdefender cloud."

Up to this point only forum user sourced conjecture and "no-name engine" fantasy constructs this "the Bitdefender cloud" allegation.

One would expect Bitdefender would be trumpeted here:
-http://www.immunet.com/about/index.html-
It is not.

The typical fanboy failure to back up statements and a lack of Immunet exposition leads even casual participants in this discussion to conclude there is no "the Bitdefender cloud" in Immunet.

I stand to be corrected by the posting up of real data. Otherwise, I'm outta here.

Cheers.

 

Taking things too seriously much? Granted it's pure speculation they are accessing BD cloud. I personally quoted the Immunet folks themselves - stating they have a system in place - even with ETHOS+SPEROS+CLAM+BD disabled - their product detects over 20 million threats (and that was in 2012). They failed to mention how/why this happens, or what database they are using.

Nevertheless, I wouldn't go all thesis on this.

 

So what? the 3M users is insignificant compared with almost any other AV.
http://www.opswat.com/about/media/reports/antivirus-january-2014

All the AV's nowadays have a cloud AV, the community thing of Immunet is just a marketing trick and is more or less the same thing that all the other AV companies are doing in their cloud AV.
Only avast has almost 80 times more users than Immunet.

 

Immunet is obviously not known enough..

 

True. I personally don't think very highly of it. However, I think that it has potential. If Cisco takes it seriously and puts some marketing money, developers and just more resources in general toward Immunet, it could very well be taken seriously in a few years.

 

I can only agree with you.

 

As a layered approach, it seems quite nice. I wouldn't rely on it for exclusive protection. But toss it on with MBAM, then try to infect a machine and let me know how it goes.

Personally, I would run Immunet3 over Webroot as an adjunct to MBAM.

 

Yes, everyone is talking about the cloud nowadays, while the best one (VirusTotal) is available for free.

Off topic: I still need to check out Zemana, it seems to be a cool app.

But I´m a bit bothered by the fact that you can´t buy a lifetime license. Also, during checkout, it´s not mentioned if it´s a yearly license or not.

My bad, I didn´t even know that it was owned by Cisco (Sourcefire), that makes it more trustworthy of course.

 

On my 1 month run of Immunet on 6 machines to test.

So far - flawless. I'm going to be deploying this to clients, and giving up on bloated, traditional suites, and buggy AV's. As part of a layered approach I find Immunet3 to be absolutely perfect when paired with something like MBAM. The cost is minimal, which is a big bonus.. I see no reason not to deploy it. Giving up on the other products now - frankly.

Done with the bloat!

 

Did you do some testing against malware?

 

Yes. Unable to infect a system with MBAM+Immunet+Appguard. Regardless of what I did. That's AFTER I disabled the 4 additional IP/HTTP/s filters to allow the malware through. I turned APPGuard off to allow some installations, and was still unable to infect properly. So overall, I am impressed with this combination, and how light it is on a PC.

 

I think it is almost impossible to infect system using only AG.

 

Right, I'd be interested how just Immunet does.