With Panda Cloud Antivirus we introduce a new protection model based on a thin-client agent & server architecture which services malware protection as opposed to locally installed products. By combining local detection technologies with cloud-scanning capabilities and applying non-intrusive interception techniques on the client architecture, Panda Cloud Antivirus provides some of the best protection with a lightweight antivirus thin-client agent that barely consumes any PC resources.
Panda Cloud Antivirus is the first antivirus based on this innovative protection model which is based on two fundamental principles:
1. Automatic malware detection and remediation from the cloud in real-time.
2. The use of an ultra-lightweight thin-client agent.
Automatic Malware Detection & Remediation from the Cloud
One of the main pillars of Panda Cloud Antivirus is its real-time use of Panda Collective Intelligence, which is an online from-the-cloud system that automates the entire malware protection cycle; collecting new samples, analyzing, categorizing, creating detection and disinfection routines and delivering the protection to each node.
Thanks to this approach users do not need to worry about updating signature files anymore. In fact, detection of millions and millions of different malware variants is no longer limited by the size of a signature database, as Collective Intelligence can hold literally unlimited number of detections without consuming any memory on the users’ PC.
Another benefit of using cloud-based detection is that the time from detection to protection has been shortened a lot. It takes C.I. literally under 6 minutes to analyze and classify a new file that it receives.
An important aspect of Collective Intelligence is the use of correlation in order to further improve detection of new variants. By using information from the different nodes C.I. can protect against new strains of malware by correlating its activity from the first time it’s seen in one of the nodes. Therefore the community becomes the lab. The most users use Panda Cloud Antivirus, the better protected everybody is.
A Lightweight Thin-Client that Off-Loads the Hard Work to the Server
The client portion of Panda Cloud Antivirus has been designed from the ground up to protect PCs in a non-intrusive way. Basically we’ve redesigned the traditional on-access interception techniques to work on a slightly different way, adapting to users real needs of reduced performance impact while concentrating on the truly important aspects of protection when it is needed.
Traditionally AV engines have intercepted files and objects in multiple layers (entry vector, file system and execution). In each layer, each object is scanned by multiple technologies, such as antivirus signatures, rules, heuristics, behavioral analysis, etc. This redundancy of scans results in a degradation of user experience as the AV ends up consuming a lot of valuable PC resources and impacting global performance.
Even as a lightweight agent, Panda Cloud Antivirus provides excellent protection as it applies intelligent interceptions and scans of the files in the local PC based on Collective Intelligence and its local cache copy. It does this by implementing different types of on-access scans which are defined as follows:
- On-Access Scan. This is the maximum priority resident scan that is applied only to objects which are truly a security risk in a specific point in time: files which are being executed or used. The file is intercepted, prevented from running and disinfected if found to be malicious.
- Prefetch Scan. There are other elements such as files downloaded from the Internet which, while not being executed at a specific point in time, have a much higher risk and probability of being executed at any time. These files should be watched more closely than files which have barely any activity, as we can expect them to be executed, unpacked, copied or moved shortly. A Prefetch Scan basically launches an asynchronous local & cloud query on the file to scan it “as soon as possible” without impacting performance. Of course if any of these files is called to be executed, the file will be intercepted and an on-access scan will be applied to it.
- Background Scan. Lastly a normal PC has hundreds of thousands of files in its hard drive. Most of these files are not executing normally and simply just “sit there” until either the use double-clicks on them or they are called upon by another process. These are considered the least dangerous files from a security perspective. Panda Cloud Antivirus will continuously run Background Scans on these in an asynchronous manner while the PC is idle, without impacting performance at all. Of course if any of these files is called to be executed, the file will be intercepted and an on-access scan will be applied to it.
Panda Cloud Antivirus represents for us a new model for protecting PCs in a manner that users have been asking for a long time: without performance impact. We hope that you enjoy this technology beta and can share your experiences and test results with us, both in this blog in the form of feedback at www.cloudantivirus.com or by sending an email directly to beta@pandasecurity.com.
TIA
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
47 comments
How will this work with Outlook 2007 email, will I still have to run an application for email protection
The Canadian,
take a look at the online help. There it is written: Panda Cloud Antivirus works with Windows XP & Windows Vista in 32Bit only. See: http://www.cloudantivirus.com/help/01/en/nnv_en.htm#05.htm
You may use the Panda Antivirus/Internet Security/Global Protection 2009 instead, which can be installed on x64 Systems.
People@panda,
Where can i return my 60+ Panda Antivirus Packs we’ve bought from a dutch distributor? WTF!
First sell Antivirus solutions to a reseller and than start giving it away for free? This is just not done. Please give us a refund.
There are not enough 64bit users to sell this to.
The firewall is not worth 20 euros…. Because that is the only real difference.
Good to give away free stuff, but stop selling your other solution like Antivirus Pro.
This free solution works better than PAV09…? Systemload is less…
How can you sell this to your resellers?
regards,
Rik Smits
Okay…for everybody complaining…the key word here is BETA….this is a BETA…and beta programs, historically, have been distributed for FREE…I would imagine that once this program comes out of beta, it will be charged for, just like most other programs.
That is NOT the point, if they were going to bring something like this out they should have made it for everyone to be able to install…and I’ve never had any other application refuse to run on x64; so this as it stands is a big fat piece of shit and will fail because Panda is telling x64 users to screw off!!!
Also, Peter, stop being a kiss ass…!
Does Panda’s Cloud Antivirus have anything to do with the similarly named Cloud AV which was developed at the University of Michigan?
http://www.ns.umich.edu/htdocs/releases/story.php?id=6666
Definitely not the first approach for cloud-based antivirus:
http://www.eecs.umich.edu/fjgroup/cloudav/
The power of free
Panda plans to offer this service free to consumers indefinitely, Santana says. He figures Panda has a head start over larger rivals. Still, the service must build a track record. McKeay wonders if Panda’s cloud protection will work well for PC users with slower Internet connections and if Panda is truly prepared to expand rapidly, if need be. “I’m slightly skeptical of the implementation,” McKeay says.
http://www.usatoday.com/tech/news/computersecurity/2009-04-29-panda-security-cloud-antivirus_N.htm?csp=15
see the words free indefinitely
Lots of technobabble and marketing blahblah in this “explanation”. I really don’t quite understand it and it’s actually totally annoying to try to figure out what’s hidden behind meaningless hollow phrases like: “intelligent interceptions”, “Collective Intelligence”. Use clear language please and define the technical terms you use (invent), like “cloud system”.
For now anyway, I can’t see how this would be so different and so much better than what i have right now.
I just guess this requires an always on internet connection and the scan is quasi-online as well.
For me right now this is just snake oil and I dont’ think I like it.
are computers still protected when they’re not connected to the internet ? 🙂
if i happen to plug an infected usb key while not online, what happens?
@Sage, no need to run a separate email protection program in parallel. As soon as the attachments are copied to the drive or tried to execute, they will be scanned and deleted/disinfected if needed.
@TheCanadian, I deleted your comments in this post as they are duplicated in the “Welcome” post and I answered there. Am a 64x user myself and I can guarantee you will have a version available for 64bits.
@Rik, it’s not quite the same thing. Keep in mind security suites containt many more functionalities not found in free AVs like Panda Cloud Antivirus, such as firewall, anti-spam, parental control, technical support, etc.
@Robert, we will not charge after beta is completed. It will continue being free.
@Dave, @Grew, the only thing that Panda Cloud Antivirus has in common with the UofM project is the name “cloud”. If you read the documentation from the project you’ll see that what they’ve done is basically an agent that sends complete files to a centralized server to be scanned by multiple AV engines. At the end what you have is still dependent on the signature detection and on whether these have the latest sig files or not. Also all the files are transmitted through the wire, which is not very convenient for users.
@TheAmerican, if you want to see more in-depth how it works you can read the next post “Testing Panda Cloud Antivirus: Advanced Logging”. Install the product, turn on advanced logging and you´ll be able to see what it does by yourself.
@Gonzague, yes, computers are still protected while not connected to the Internet. Basically Panda Cloud Antivirus keeps a local cache copy of the Collective Intelligence servers for off-line operation, which contains detections for malware that is truly out there infecting people (approx 4-5 million samples). While the complete detection capabilities are much higher while connected to the Internet (approx 25 million samples detected last week), also the chances of being infected are much lower when off-line.
This still doesn’t explain what is transferred over the wire? What latencies are we talking about for an onAccess scan (more or less than local antiviruses)? What amount of network traffic are we dealing with?
There’s a variety of information sent to the cloud depending on the actions which the agent is performing locally: telemetry and statistics on detections, signatures, behavioral traits, detection names,… Not much different than the information exchanged between your traditional AV interception driver and the different scanning engines (signature/heuristic/behavioral). The only difference is that instead of having all this information exchange happen locally in your PC, it is now exchanged between client and server.
Does cloud antivirus work well with others or should be run alone?
Thanks for the fist come back
Ah…well, I didn’t see those words…”free indefinitely”, that is. I stand humbled and corrected.
non compatible with existing security suite. not possible to install it, without prior unistall of control centre.
What about web security in this AV?
“Panda Cloud Antivirus is the first antivirus based on this innovative protection model”
Prevx has been doing this for years so Panda is definitely not the first AV to use the cloud!
@Sage, actually just like other AVs, you need to uninstall any other AV before installing cloud antivirus.
@sistema, exactly, you need to uninstall any other AV before being able to install cloud antivirus.
@comm, when you mention “web security” what do you refer to exactly, http scanning? The new model we’re proposing with Cloud Antivirus tags these files which are downloaded via http for scanning in an asynchronous way, so yes they are scanned.
Thanks. This is very interesting if it works;)
@Mr Smith, we have been doing cloud-scanning as well for a long time, actually since 2007 with our NanoScan online scanner. Also when refering to first we mean not only cloud-based but also the protection architecture model of new philosophy of on-access interception.
I’ve just installed it yesterday.
Works perfectly. I was about to buy a new laptop because this one had gotten slow (using 360 AV solutions before this), but now it speedy again.
I didnt know an av could use up this much resources from my pc.
Great software!! (but do keep it free 🙂
According to your FAQ:
“Once the Beta period has finished, the detection capacity of the antivirus will reduce considerably as it will no longer have access to our Collective Intelligence servers. From then on, you can get the free version and benefit from special conditions when you buy the full service.”
The way I read that, the free version will not have access to the Collective Intelligence servers.
If this is not the case,I would strongly suggest that the FAQ be clarified.
@Dave P You’re right, it reads a little confusing. Rest assured, Panda Cloud Antivirus will remain free after beta with full detection capabilities.
Recientemente me llegó el anuncio de su nuevo producto. Me siento contento de que ahora mejoren su mercado y la oferta para las personas que disfrutan de su antivirus. Ahora, lo que resta es probarlo y dejar que la experiencia como usuarios nos anime a adquirir alguna versión de pago que me imagino sacarán dentro de poco. Saludos desde El Salvador.
Can you make a clear and unambiguous statement concerning how much of each scanned user file, if any, is transmitted to the cloud to address security concerns end users may have? For example, if scanning a MS Outlook file, which portions of that file are revealed to the cloud?
Interesting.
1. Only two options for manual scanning? What about false positive or testing? Panda is going to delete a file without quarantining it first so if there is a false positive oh well sorry Panda deleted the file and now a program or function is broken?
2. If this is free what features will make users want to pay for a Pro version? Will there even be a Pro version?
3. I understand a 64bit version will come later but that does nothing now to let users work out the bugs now.
@Bob Anderson We don’t scan user documents, only PE files (executable code). And of PE files we don’t send any portion thereof to the cloud, only what we call “reverse signatures” and “behavioral traits” or properties of the file. Enough to be able to process it to classify it as either malware or goodware.
@James 1. There is a quarantine. It’s called Recycle Bin and you can access it from the folded bottom-right corner of the application.
2. Yes we are thinking about a pro vesion with more features and functionalities. But you’ll always have a full AV for free. Whatever happens we will not use protection features as a differentiator so that FREE detects less. The idea is that the FREE version has all it needs when it comes to anti-malware protection.
3. Really sorry, we didn’t think it was going to be as much of an issue and wanted to get started with testing the cloud and client architecture asap. We’re now re-defining our priorities and 64bits is one of them.
To use Cloud do I really have to uninstall my Norton 360 first? I paid a lot of money for 360 and don’t fancy losing it!
Hi Pedro, this is a truly great idea and looks like really good software. You have hit the nail on the head, I use, recommend and sell AV software that consumes the least possible resources. Good luck with the Beta, I look forward to installing on my PC as soon as beta testing is complete. – Daniel
Dear Pedro,
I’m not a techie but I appreciate this Av program because it doesn’t have all the geegaws. I can download specific programs for specific issues. Keeping this purely anti-viral is the way to go, not adding a firewall or other tools. Andrew
Trend Micro and other AV vendors are working on this same scheme. I’m a trend beta tester and have tested their “cloud” implementation of their server/client suite and have to admit, I like this better. I’m not a fan of Panda’s other products/suites, though. I find them to be a bit bulky. It’s nice to see a change of pace from an antivirus vendor – less bloat, more to the point.
@Daniel, @Andrew Knutson, @jcpham Thanks for your comments guys.
Pedro, I can’t stop yapping about Cloud AV. Do you have free duct tape available so I can shut myself up? ;D
@Tim hehe, thanks man 🙂
Wait, we’re going to need a lot of duct tape. It seems people I’ve told have told others. Don’t you just *hate* when that happens? 😉
It would be great if this protection model really took off and replaced the older model. I have to admit, however, that this client has a long way to go. I am switching to panda internet security in a few weeks for my everyday antivirus, since if I understand it correctly, it also has access to the collective intelligence.
@Sam Smoker exactly with Panda Internet Security you’ll also be connected to Collective Intelligence and benefit from its detection capabilities. Keep an eye open as Panda Internet Security 2010 is just around the corner.
hello, i used this av. but scan speed is really slow,but ya detection capabilities are awesome. keep up the good work[:)]. I hope scan speed increases.
Thanks
@baidwan we just published Beta2 which fixes this slowness of scans in certain situations. You can read more about Beta2
here:
http://blog.cloudantivirus.com/2009/06/30/cloud-antivirus-beta2-released/
Panda Cloud AV produces more false positives than I have ever had from any other AV software. What is more, it has a habit of disabling or deleting programs without consultation. It was interesting to read, in answer to another post, “There is a quarantine. It’s called Recycle Bin and you can access it from the folded bottom-right corner of the application”. However, Panda Cloud AV has deleted a program called ipscan.exe, and there is no sign of it in the quarantine. In any case it would have been nice to have had access to the quarantine more visible: I had searched and searched, and failed to find any way of accessing anything of the sort. Why not have a more readily comprehensible user interface, perhaps with a menu bar at the top, and helpful things like that, instead of something completely obscure, such as having to click on a bit at the corner that is supposed to look as though it is folded over. A plain traditional Windows interface would be much more useful: it wouldn’t give some arty type people the pleasure of having designed an eye-catching display, but who cares? I use software to do a job, not to look fancy. Anyway, even now that I know the gimmicky way to access the quarantine, the fact remains that some files have been deleted and are NOT in the quarantine.
@Michael D Most of your suggestions have already been taken into consideration. Beta2 which is recently available from http://www.cloudantivirus.com already gives the option of recovering items which have been deleted. Also some FP problems have been fixed as well. Please read the following for more info on Beta2:
http://blog.cloudantivirus.com/2009/06/30/cloud-antivirus-beta2-released/
I LOVE this AV man, it works gr8, gr8 job!
India.
It sounds great that Panda Cloud Antivirus is the first antivirus based on this innovative protection model which is based on two fundamental principles.
Is there a MAC OS X version available??
Looks like a GREAT product.
@ajcnet Not planned right now…. we’re keeping busy with all the new features and functionalities we need to develop for win32 first.