Well you may have read the news from Symantec – Antivirus “is dead,” says Brian Dye, Symantec’s senior vice president for information security. “We don’t think of antivirus as a moneymaker in any way.”

Have they only just realised?  The border of your network is the first point of call, by the time it has got through that and to your users computers, most of the battle is lost.  The facts point to desktop anti-virus only stopping around 45% of viruses and with the advent of “Zero Day” attacks we are at a place where an hourly update to a virus signature is too long.  It can take some companies several days to identify and roll out updates for their software.

Do I think that desktop and server virus software is truly dead? – of course not!  Do we say because someone is wearing a seatbelt while in a car that we don’t need to strengthen the chassis and create crumple zones in case of accidents?  Software Anti-Virus is a tool that forms part of the arsenal that we use to combat data loss, but the border for now has to be the place where the most concentrated effort should be put in.

If your border does not have a firewall running Deep Packet Inspection and Threat Prevention then you have a gap in your network that needs closing quickly.  By checking the content of packets leaving your network as well as what is actually trying to use the protocol (its behaviour) will help shape and form policies that not only protect your network, but help recover wasted bandwidth used by applications that are allowed uncontrolled and unmonitored access through your borders.

Don’t rely on just desktop Anti-Virus, times are moving on, it is important to keep up.