IT security firm Sophos is recommending that system
administrators ask their security vendors if they are capable of
properly protecting them on the forthcoming 64-bit version of
Vista, as arguments continue regarding access to Microsoft's
operating system code (kernel). Sophos has reassured its customers
that Sophos Anti-Virus will offer full protection against malware
threats on Vista, and suggests that some security vendors may not
have given sufficient thought to the new operating system when
developing their products.
Anti-virus firms Symantec and McAfee have recently made
high-profile complaints that they are being "locked out" of the
Vista operating system kernel by Microsoft's PatchGuard prevention
system (also known as Kernel Patch Protection). They argue that
this is preventing them from continuing to develop pro-active
protection against new malware, sometimes referred to as 'host
intrusion prevention' or 'HIPS'. They claim this action is
anti-competitive.
However, Sophos argues that its approach to HIPS
technology has met with no problems on both the low-spec and
high-spec versions of Windows Vista. In addition, Sophos claims
that Microsoft has so far provided all the interfaces that Sophos
needs for providing this form of protection.
"Symantec and McAfee may be struggling with HIPS because they
haven't coded their solutions with high-spec Vista in mind," said
Richard
Jacobs, CTO of Sophos. "We've taken a different approach, by
focusing on catching bad behaviour before it has a chance to occur.
Additionally, we are building our technology by making use of
supported Microsoft interfaces rather than by trying to subvert
them. That's why we're ready for 64-bit Vista, and others
aren't."
Sophos Anti-Virus, including its HIPS
functionality, has been designed for 64-bit Windows
Vista.
Sophos believes that PatchGuard is a positive step by Microsoft
to improve security in Windows Vista, and is not in itself
anti-competitive, provided that Microsoft delivers on its
commitment to provide the same level of kernel support and
integration to third party security vendors as it does to its own
security product team.
"It's clearly the case that we and other vendors will now have
some dependency on Microsoft to deliver kernel interfaces for new
security innovations, which could slow us all down," continued
Jacobs. "However this is more than compensated for by the
additional security offered by Vista. PatchGuard is a step in the
right direction for customers, and we believe that security vendors
should embrace and work with PatchGuard rather than fight it."
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.