Norton Internet Security logo

Types of virus definitions available for Norton Internet Security

Jan 29, 2012

Virus definitions, also known as signature file updates, ensure that your personal computer is protected from the most recently viruses, vulnerabilities, spyware, malware and other security threats. It is very important to make sure that you have the latest virus definitions on your personal computer. As new security threats emerge, Symantec immediately builds new Virus Definitions Updates and makes them available for download.

So, to stay secure you should be running the most recent version of your Norton Internet Security product and have the most up-to-date security content. Now let’s see what types of virus definitions are available for Norton Internet Security:

  • Network Threat Protection Attack Signatures
    Symantec security products include an extensive database of attack signatures. An attack signature is a unique arrangement of information that can be used to identify an attacker’s attempt to exploit a known operating system or application vulnerability. Attack Signature updates are exclusive to LiveUpdate.

  • TruScan Proactive Threat Protection Updates
    Behavioral-based protection that protects against zero-day threats and threats not seen before. Unlike other heuristic-based technologies, TruScan™ Proactive Threat Scan scores both the good and bad behavior of unknown applications, providing a more accurate malware detection. Proactive Threat Protection updates are exclusive to LiveUpdate.

  • Virus Definitions
    Unlike types of virus definitions mentioned above, depending on the frequency of release and type of installation Virus Definitions are of several types:
    • Certified Multiple Daily LiveUpdate
      LiveUpdate is the most trusted way of updating virus definitions. Each set is fully tested and certified by Quality Assurance. Certified Multiple Daily LiveUpdate is published several times a day and is the best protection from fast moving threats. Users with the newest versions of Norton Internet Security can have Multiple Daily LiveUpdate definitions delivered automatically.

    • Certified Daily LiveUpdate
      LiveUpdate is the most trusted way of updating virus definitions. Each set is fully tested and certified by Quality Assurance. Certified Daily LiveUpdate is normally published once daily, but may be published several times in a single day in response to emerging threats. Users with the older versions of Norton Internet Security are limited to Daily LiveUpdate definitions.

    • Certified Weekly LiveUpdate
      LiveUpdate is the most trusted way of updating virus definitions. Each set is fully tested and certified by Quality Assurance. Certified Weekly LiveUpdate definitions are usually published on Wednesday, but may be published several times in a single week in response to emerging threats. All versions of Norton Internet Security products use either Daily LiveUpdate or Multiple Daily LiveUpdate.

    • Certified Daily Intelligent Updater
      Intelligent Updater virus definitions are fully tested and certified by Quality Assurance. The Intelligent Updater is an alternate delivery method for certified daily definitions, which consists of an executable file that can be downloaded and run manually. Intelligent Updater Definitions can be obtained here.

    • Rapid Release
      Rapid release virus definitions have undergone basic quality assurance testing by Symantec Security Response. The primary focus of these detection signatures is the rapid detection of newly emerging threats. While Symantec Security Response makes every effort to ensure that all virus definitions function correctly, you should understand that Rapid Release virus definitions may pose some risks such as a higher potential for false positives. Rapid release definitions are most useful for perimeter defenses or for all protection tiers as a means of mitigating fast-spreading virus outbreaks. These signatures are released once or twice per hour and can be downloaded here.

Here are the technologies used by Norton Internet Security that need constant updates to ensure the best possible protection:
  • File-Based Protection — Traditional signature and heuristic file scanning engines form the backbone of Symantec’s security solutions; these engines use dozens of techniques to scan files for both known as well as unknown threats.

  • Network-Based Protection — Technologies designed to block attacks just as they transition from the network cable or wireless network to the computer, before they have a chance to establish residency in a physical file on a user’s computer. Also called Network Threat Protection.

  • Behavior-Based Protection — Behavioral-based protection technology observes actively running threats on your computer and can terminate running programs if they exhibit malicious behaviors; this technology provides proactive protection from entirely new, previously unseen attacks. Also called Proactive Threat Protection.

  • Reputation-Based Protection — Also known as Insight, blocks access to malicious files and websites based on the “crowd-based” wisdom of over 175M+ million customers.

The type of definition updates that each of the Symantec products receive are as follows, can founded by reading the article Program and Definition Updates.

0 comments: (+add yours?)

Post a Comment