Questions about Cloud-Based AVs

Discussion in 'other anti-virus software' started by phyniks, Mar 31, 2014.

Thread Status:
Not open for further replies.
  1. phyniks

    phyniks Registered Member

    Jun 3, 2011
    As you know this technology is growing and lots of AVs are now introducing this method to their new versions(along with their offline database).

    But some security softwares are merely based on this technology,such as Bitdefender Free and Panda questions concern this catagory:

    How is the protection level when the system is offline?
    I know the system is not that vulnarable to zero-day malwares when you re offline,but what about widespread old threats....can these AVs protect the system against an old known worm on a USB?
    Do they have basic offline database for those kinds of attacks? or their blocking behavorial technologies,can they block old malwares?

    The vendors claim these AVs do not affect the system and they re faster than old AVs.
    I know they may use less resources,but,
    as far as I know,an AV's performance depends on two major factors:
    1-It's system resource usage
    2-How fast the AV can load its database and modules on the system(more important)

    Which one can be faster,,,,loading database from a hard drive or getting it via internet?

    besides, does internet connection speed affect the performance?

    Thanks in advance
    Last edited: Apr 1, 2014
  2. RejZoR

    RejZoR Registered Member

    May 31, 2004
    Nearly all cloud AV's have either local databases or they perform caching/synchronization. Meaning, even if you're offline, they will detect a lot of stuff. I know Panda Cloud works like this and we've seen very high detection rate even when offline. Not sure how effective is BitDefender, but i know it has offline definitions as well.

    As for the performance, i think they overhype it a bit for cloud antiviruses. They say most of the works is done in the cloud, but i disagree. You still have to unpack the files and perform cloud lookup on the internals of the file. Doing it in a brute way by checksuming every single packed/crypted file would be a total waste of cloud resources because you can make a single file into billion versions just by slightly modifying them. So, you still have to do part of processing locally. They are light but nowhere near zero impact. Then again, there are AV's that use full local processing and cloud and they are still ultra light.
  3. Ya5h Kh4n

    Ya5h Kh4n Registered Member

    Apr 4, 2011
    Bitdefender free AV has local definitions that are updated every hour.
    It has local Behavior Blocker i.e Active Virus Control

    In my tests it is very effective in both offline/online tests.
    Hope to see tests from testing organization just to get an idea.
Thread Status:
Not open for further replies.