Apps optimize

Bitdefender's cloud-based security tools worth investigating for SMBs

Steven Trippe describes Bitdefender's cloud security services and points out issues to consider for SMBs weighing security solutions.

Bitdefender, like many other service providers, has taken the big step into bringing advanced products to the cloud. Their Cloud Security for Endpoints protects systems remotely and employs the same enterprise-class security technologies as their on-site solutions. Cloud Security for Email provides aggressive cloud-based security tools to scan for malware and spam prior to it being delivered and after it's sent. Their services provide full antivirus, antispyware, antiphishing, trojan/rootkit detection, and a two-way personal Firewall with intrusion detection. They also provide remotely configurable security policies that can control user access to local applications, block specified websites, or set time limits for Internet usage.

Cloud Security for Endpoints

Bitdefender's offering is a cloud-enabled security solution for small and medium businesses looking to get advanced security that is highly scalable and flexible. It's a great product for those that have systems in many different locations, or have frequent travelers to secure. It offers robust antimalware protection for both clients and server endpoints. Additionally, it has the ability to protect remote users' Internet access by employing a personal two-way intrusion detection firewall. They also offer a solution for larger deployments using the Gravity Architecture for Very Large Enterprises (VLEs).

Here are some of the highlights, inner workings and things to consider.

  • Scalability is a major benefit of the Bitdefender cloud security model. The ability to easily expand protection based on current needs is built-in. There is no software to install or extensive downloads before protection, and policies are active. As soon as the client is added, it's protected.
  • There is no hardware or software required on-site, eliminating the need for management or maintenance of security products. For companies that don't have large IT staffs, this can be a great solution to secure multiple systems as management requirements are way less intensive.
  • Statistics and an overall status of endpoint client security are provided by the Cloud Security Console dashboard. It also provides a unified place for all security configurations. This allows for enterprise security management anywhere you have internet access.
  • Bitdefender boasts that it is quiet and non-intrusive in the way that it protects systems.
  • Independent tests performed by AV-Test give Bitdefender high marks for its protection, repair, and usability. This is mainly due to its heuristic detection engine called B-HAVE. It sandboxes all programs that are executed to ensure they behave normally prior to completely starting them. It then uses Active Virus Control (AVC) to continually monitor running programs to ensure their behavior stays within normal parameters; if not, it takes action to stop the offending program.

Cloud Security Console dashboard

Looking at the capabilities of the dashboard provides a better insight into what Bitdefender cloud security is all about. It provides a window into the protection management functions and allows you to visually see how protection is configured across your enterprise. To keep your information private, connecting to the dashboard is made via an https browser session. The dashboard is composed of six main sections including Computers, Policies, Reports, Quarantines, Accounts, and Logs. This puts managing endpoint security in one easy location and makes it virtually painless to use. Here's what they do.

  • The Computers section lists all detected endpoints. The intelligent network discovery feature ensures that all devices on the network are listed. No more unprotected clients sneaking on to the network. You can also group computers in areas for easier management. Lists include the computer name, current IP address, OS, date it was last updated, and when it was last connected. There are reports and tasks that can also be viewed from here. Some of the report types consist of update status, computer status, malware activity, and even the top 10 most infected users. This will allow you to zero in on areas to address to increase protection, even down to the user. Tasks include scanning, module configuration and deployment.
  • Under the Policies tab, you are able to define new policies as well as view and edit existing ones. This allows for straightforward security management of the endpoint clients and servers.
  • The Reports section of the dashboard allows you to create new reports, view existing reports, and even schedule reports to run automatically. They can be saved in a variety of file formats and directly emailed out.
  • The Quarantine section allows you to view threats by name and shows where they were located on the endpoints. This is great for trend analysis and protection breakdown examination.
  • Under the Accounts section you have complete control of Cloud Security for Endpoints rights. You can assign designated users the ability to manage specific security area functions as needed.
  • Logs have a variety of security records that can be used for analysis of system performance or other actions that have taken place during a specific period. These can be viewed from anywhere you have Internet connectivity.

Cloud Security for Email

Cloud security for email can also be integrated and managed by the Cloud Security Console. It contains antispam, antimalware, and powerful filtering capabilities. Again, there is no on-site security devices required for protection. Email is fed to the Bitdefender cloud for scanning first. It's then delivered to the company's email server once it passes a thorough screening. Email that is unsolicited, or scans as being malicious, never reaches the organization. Outgoing mail is directed to Bitdefender's cloud security space before being forwarded to the recipient for delivery.

Bitdefender has not fully deployed the Cloud Security for Email service yet, but look for it in the near future as a viable email security solution.

Things to consider

Just two other items to consider when analyzing these products.

  • Speed of service is a concern and should be analyzed prior to full scale enterprise deployment. Bitdefender currently offers a 30 day trial for evaluation which would provide a great opportunity to evaluate and address any issues before deploying it throughout the enterprise.
  • The one downside is the lack of protection outside of Microsoft products. This may change in the future, so check back if you have other operating systems you're responsible for.

About

Steven has 20 years experience in information and network security, network engineering, operating systems, technical writing, facilitating, and project management. He holds Cisco, CompTIA and other industry certifications and studied Information Sys...

3 comments
LigiaAdam
LigiaAdam

The answer is yes, you can use Bitdefender cloud based solutions in conjunction with a competitor. You can't mix and mash solutions on the workstation (so if you have installed Bitdefender Endpoint Security you should't run another antivirus on the same machine.)

JCitizen
JCitizen

Sorry I can't bring anything to the table. I used to use the online scanner to double check other performance on competitors. I've quit using online scanners. Today's AV performance is pretty good, so I have more confidence in the brands I recommend. I really like Prevx as a cloud AV, but because it conflicts with other sub-kernal security solutions I use, I had to drop it. Although It had no virus removal ability(or shouldn't) I didn't hold that against it; I just ran CCleaner and *POOF*, the malicious code was gone - just sleeping in the temp files. Can Bit Defender be used in conjunction with a competitor? I used to like to run Prevx and Avast together back when. The cloud scanner didn't interfere with onboard software AV at all. It was the only way I could find to run two serious AVs at the same time, with both having real time protection enabled. There was no conflict with the system at all.

Michael Kassner
Michael Kassner

I have read reports -- not second sourced -- describing issues.