On February 9th we will be releasing our version 3.0 with some notable changes and improvements.
Before I detail what's new from a feature perspective I should also note that we are changing the name of the product with this release, the new name is going to be Immunet Protect 3.0 - Powered by ClamAV. The new product will look like this screenshot here
In addition to our name change, you will also note a change in the icon we use in your tray. The new icon is the 'star burst' in white and blue, it should like like this in your tray:
The name change is the result of the acquisition of Immunet Corp by Sourcefire Inc. This acquisition has brought both the Immunet and ClamAV teams under the same roof to deliver our 3.0 release and future products.
New Features
Our 3.0 release was primarily intended to sharpen our focus on malware detection and to provide comprehensive protection to users who are not always connected to the cloud. Some of the features we have added are cutting edge and allow both advanced and basic users of our software to benefit from much higher detection rates. Our new features are detailed below.
Complete Offline Protection
The 3.0 release will now ship with an 'Offline' engine. This engine (which is ClamAV .97) once enabled will automatically pull down our latest detection sets and allow for complete detection coverage, even when you are not connected to the Internet. We are creating detections for 'hot' threats, prevalent on the net, so that you will be protected from current 'in the wild' threats and their variants. With our Offline protection we now also have several complex engines for detection native to the desktop and have support for file formats such as .DOC, .XLS, HTML etc. as well as strong unpacking support.
If you are installing fresh, you will have the option to install this engine turned 'On' by default. If you are upgrading from ClamAV for Windows this engine will be turned off be default. The screenshot here shows how to enable it from the 'Settings' feature on the front the User Interface.
Cloud Recall
One of the advantages of a Cloud model for hunting and identifying threats is that we are able to retain and analyze vast amounts of data about what our community is seeing at any given time. Unlike traditional Anti-Virus, or even other Cloud Anti-Virus we constantly reconsider all the data we see or have seen in our community. This allows us to evaluate every decision we have made about a file in our community and see if we still agree with that decision as time advances. If we find that our position has changed about the security of a file in our community because of new information on that file we can now seamlessly act on it. To put this in practical terms if you look up a file today and we do not know it's malicious yet and tonight or tomorrow we discover it is malicious we will alert your system to find the file and remove it, all without you needing to download a single definition update. This 'Cloud Recall' ensures that your security is advanced with every new piece of information we become aware of. You will always know as much as we do, when we do.
Custom Signature Creation
Something which has been missing in modern Windows Anti-Virus products is a feature which allows advanced users to craft and deploy their own signatures or detection capabilities. With 3.0 we now offer the first Windows Anti-Virus product which allows our users to write their own detections with our engines just as we would.
Users can now hunt threats (or Advanced Persistent Threats if you like) by creating signatures which range from simplistic (straight MD5 matches) to complex (logically chained expressive signatures w/ offset support and wild carding). Signature management is done with the new SigUI tool which is available in Start -> All Programs -> Immunet 3.0 and looks like this:
Documentation for the SigUI may be found here
Zaloguj lub Zarejestruj się aby zobaczyć!
and our manual for creation of signatures can be found here.
Zaloguj lub Zarejestruj się aby zobaczyć!
We encourage you to write your signatures and post them to our online Forum.
Zaloguj lub Zarejestruj się aby zobaczyć!
All in and all this represents the most ambitious release we have ever done. The beta program for this version has been full of very positive feedback and we are excited by it's general release.
If you have any feedback about this release or questions, please do not hesitate to email me at ahuger @ sourcefire.com .
* Fixes for issues with iTunes, Netflix, Rhapsody, Thunderbird, Adobe CS3 and Photoshop and Framemaker
* Fixes for issues with various installers
* Rootkit scan support fixes 64bit Vista and Windows7
* "Allow Definition Updates" is now broken into two separate options for Clam and Tetra.
* Improved Clam engine performance & reliability, especially when scanning archived files
* Passwords are no longer required to create scheduled scans
* Fixed blank Immunet detection window sometimes appearing on start up
* Various fixes to the History dialog and Summary graph
* Various fixes for Retrospective restores.
* Links in installer fixed.
* Restoring files from Quarantine automatically adds an exclusion for them.
* Cleaner uninstall
* Archive scanning is now disabled by default
* Better migration of users settings when upgrading
*TCP Cloud Query Support
-We've upgraded our cloud servers and added a new protocol!
-On the client side this offers improved communication times when querying multiple items in a row.
-We've also added more Cloud servers to keep up with the nearly half a million new users that have installed Immunet in the past 6 months.
*Improved Database handling
-We now prune the databases so they don't get much bigger than 15MBs.
-This improves the speed of the UI and Scan agent, especially over the long term.
-Also fixes several bugs in the history pages.
*New exclusions for Avast compatibility
-We've added the necessary exclusions for Immunet to run safely in companion mode with Avast6.
*Bug fixes
-Issue where Last Updated time appeared as out of date or never updated when it was in fact up to date.
-Support for upgrading from Immunet Protect V1.x.
-Stability fixes & agent updates to decrease disk hashing.
Changes in 3.0.3 include:
-We've made a bunch of changes to the way data is corrolated in our Cloud Servers and added a new Telemetry setting to Immunet clients. In the next few months we expect these two features to help us make big strides towards detecting, preventing false positives (cases where Immunet accidentally detects a safe file as a virus).
-We've removed the ClamAV install option from the installer. Don't worry though, ClamAV protection is still available to all Immunet users in both the free Cloud and paid Plus modes - and can be turned on through the Immunet settings dialog.
*Bug fixes
-Fixed a bug where new versions retrieved through "Update Now" would always install the 32bit version of Immunet, even if you were running on a 64bit platform.
-Tuned the timing of queries to the Immunet Cloud to decrease file lock and disk hashing issues.
Panda Cloud jest leciutka, cichutka ( automat ) i szybciutka , znajomym poinstalowałem i nie narzekają.zbyt dużo procesów wyraźne spowolnienie