Cybersecurity is becoming an immensely complex subject to master, leaving many security professionals to wonder if the appropriate protections are in place to protect their businesses. After all, no business wants the notoriety associated with the breaches that have occurred at Equifax, Target, and countless others.
Clearwater, Florida-based VIPRE is aiming to remove the agita from cybersecurity with a cloud-based solution that ties together machine learning (ML), crowdsourced data collection, behavioral analytics and unified management to counter most cyberthreats. That product, which can also be classified as a service, goes by the moniker of VIPRE Cloud.
A Closer Look at VIPRE Cloud
In essence, VIPRE Cloud brings together several cybersecurity capabilities and unifies those technologies into a centralized security management platform unfettered by borders and connections. The company accomplishes that feat using a combination of cloud-based services and a locally installed client, referred to as an “agent.” Agents are pushed down to client systems (the company currently offers predefined policies for desktops, laptops and servers) using a number of different methods. Agents work hand-in-hand with the cloud services portion of the product to ensure that the latest anti-malware protections are in place, as is protection from zero-day threats and intrusions.
VIPRE Cloud brings to bear traditional anti-malware, intrusion prevention, anti-spam, browser protection, local firewall and several other security technologies in a lightweight agent, which is fully orchestrated by policies delivered (and enforced) from the cloud-based management platform.
Hands on with VIPRE Cloud
VIPRE Cloud uses a browser-based centralized management console that is hosted via the company’s cloud services platform. That means the console is accessible from anywhere at any time, as long as a compatible web browser over a secure internet connection is available. This methodology that eliminates the often-tedious task of installing a security platform and dedicating a server or workstation to host the management subsystem.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
Another advantage offered by a cloud-centric platform is that cybersecurity staffers do not have to worry about patches, upgrades or other maintenance items. The latest security technologies, as well as any improvements to the product, are immediately available.
The management console proves easy to access and operate, with ample integrated help and wizards to smooth over any concerns. Cybersecurity managers setting up the product need to be concerned only with what protections they need to push down to the devices in their organizations.
VIPRE Cloud guides administrators through the processes of deploying agents to target devices. Those agents can be deployed via email with end user interaction, via a link with limited end user interaction, or as an MSI package that could be pushed down via a script or other technology, eliminating the need for end user interaction.
Agents are driven by policies, which administrators can define as needed. Policy definition enables some very powerful capabilities and can be assigned by device, groups or other methodologies.
Creating a policy is a simple matter of clicking on “create policy,” which brings forth a sub-menu of choices. From those choices, an administrator can define how the agent works and which features are enabled, as well as how those features work. What’s more, policies directly relate to features and make a good starting point to understand what the product does and how it does it.
- Agent: Administrators have granular control over how the agent interacts with the end user and what permissions the end user has. That proves critical for those looking to support different modes of operation. For example, the administrator can completely hide the agent from the end user, preventing the end user from disabling security. The policy also controls what the user is able to do, such as open VIPRE, manage scans, add exclusions and so on. One nit to pick here, the GUI uses circles with checks, instead of boxes, making it difficult to determine if multiple options can be selected.
- Scanning: Here administrators can define what should be scanned and when scans should take place. Some innovative options include VIPRE Rapid Scan, which only scans files that have changed since the last scan, vastly speeding up scans. Scans can also be defined for rootkits, cookies, spyware, registry and so on, making sure that pretty much no stone is left unturned in the quest to deal with cyberthreats.
- Active Protection: Perhaps one of the most innovative components of the VIPRE Cloud comes in the form of Active Protection, a set of technologies that looks for high-risk activities in real time. Administrators can define how active the “Active Protection” is. For example, the technology can be used to monitor for malicious processes during runtime, effectively blocking any new malicious code. Active Protection has the ability to block and quarantine processes as well as to detect code injection attempts and enable the host intrusion prevention system (HIPS), which prevents non-whitelisted applications from being installed on the endpoint.
- Browser Protection: Here administrators can enable technologies that protect users from malicious websites and Web traffic, with the option of granting the end user control over the filtering schemes. Not only malicious URLs are blocked, but also any potential hidden payloads that may have been injected into legitimate websites. Administrators can also setup port blocking, as well as logging.
- Email Protection: VIPRE Cloud has the capability to block malicious emails, as well as phishing attacks. Protection can be applied to Outlook, as well as other email clients by monitoring inbound ports (110 for POP3) and outbound traffic as well (25 for SMTP). Although not a full-fledged email protection package, VIPRE does a good job of covering the basics.
- Threat Handling: Arguably the most powerful feature of VIPRE Cloud, the Threat Handling component brings forth powerful protections for attached devices by defining what should be done when a threat is recognized. Threat Handling encompasses everything from spyware to adware to malware and much more, giving administrators granular control over how threats are dealt with, ranging from allowing the threat through to reporting on the threat to quarantining the malicious code to deleting the code. Worth noting is the product's ability to deal with potential IT risks, such as applications that can be dangerous if used improperly.
- Firewall: Administrators also have the option of deploying a local software firewall on endpoints, with an eye to replacing the default Windows firewall. The idea here is to bring more comprehensive protection to an endpoint, which leverages many of the security ideologies bundled with the VIPRE agent. The firewall also supports an extensive rule set, yet proves to be very easy to define.
- IDS: The integrated intrusion detection system (IDS) works hand-in-hand with the VIPRE firewall component and brings extra protections to the endpoint. The IDS sports several rules of its own, which can be defined to allow, notify administrators about or block any intrusion attempts. One noteworthy capability is the IDS’s ability to identify and block trojans, as well as attempted admin access. IDS paired with the firewall and the advanced threat handling should prove to be very powerful protections for distributed systems.
Simply put, it all comes down to the packaging of the security capabilities of VIPRE Cloud. The company has effectively separated the various protections into easy-to-administer chunks, all without weakening any one type of protection. That is exactly where the power of a cloud-based dashboard and integrated controls comes into play. By using a divide and conquer ideology, VIPRE Cloud brings forth multiple security capabilities that will protect multiple endpoints, whether they are centralized or distributed throughout the field.
That said, cybersecurity means little without the proper intelligence. In other words, it takes more than just protecting against the threats of yesterday to be successful. Threats are constantly evolving, and cybersecurity professionals need to be informed. Here, VIPRE Cloud brings forth some powerful analytics and reporting capabilities, making it easier for administrators to get a real-time feel for the current threat environment.
The product offers the prerequisite dashboard that reports on critical elements, such as number of threats, devices threatened and so forth. The dashboard supports drill down and the ability to launch additional investigative tools and will prove to be something a cybersecurity pro will rely upon daily. In addition, cybersecurity managers need more than just active data; they also need insight and predictions, which is where the product's reporting module comes into play. Reports are readily available for threat detection, threat summaries, device activity, scans and so forth, making it less likely that anything will fall through the cracks.
VIPRE Cloud brings forth powerful setup tools that should make the life of any cybersecurity manager much easier. The product leverages the cloud to eliminate the need for an onsite implementation, which helps to speed and smooth over deployment issues.
Administrators also benefit from the product’s ability to deploy rapidly to endpoints, even if they are not connected via a domain or other networking technology. Much the same can be said for protecting Windows servers, where an MSI can be pushed down to secure a server quickly. Other notable capabilities include the powerful policy-definition engine, which is easy to navigate and covers all of the bases of protection. Giving administrators the power to control how active the end user is in the protection process also proves to be a boon for standardization. Simply put, if end users can’t play with security settings, then they are less likely to expose their systems to threats. What’s more, the cloud-based technologies ensure that everything is up to date and removes the burdens of signature updates, patches and other administrative chores.
Although there are a few nits to pick, such as some slightly confusing GUI elements and a lack of some capability definitions, VIPRE Cloud has the potential to become a top security product for SMBs, especially those that have distributed workforces, employees in the field and BYOD operators.
VIPRE Cloud is currently focused on the Windows market, but protection for other platforms is sure to arrive shortly. Pricing at launch is based upon number of seats, with 5 to 49 seats costing $30 per year per seat. Prices decline as seat count increases, with 250 or more seats costing $19 per year per seat.
Frank Ohlhorst is an award-winning technology journalist, professional speaker and IT business consultant. He has written for leading technology publications including Computerworld, TechTarget, PCWorld, ExtremeTech and Tom's Hardware, and business publications including Entrepreneur, Forbes and BNET. Ohlhorst was also the executive technology editor for Ziff Davis Enterprise's eWeek and former director of the CRN Test Center.