Symantec attacks Microsoft's Forefront Client Security
Published: 09 May 2007 16:32 BST
Symantec has lashed out at Microsoft's business security product, saying that the technology used to run it is not adequate.
Microsoft told ZDNet UK last week that Forefront Client Security (FCS) runs on the same engine as OneCare, Microsoft's consumer product. OneCare failed to reach the Virus Bulletin malware detection benchmark last year, and in March this year incorrectly quarantined and deleted some Outlook and Outlook Express files.
Symantec called into question whether businesses could entrust mission-critical systems to technology that has in the past been proven to be flawed.
Read this
What happened at the Red Hat Summit
All the news, show floor photos and buzz from the Linux leader’s user conferencethis year in San Diego.
"Forefront Client Security is based on the same antivirus and anti-spyware technology as [Microsoft's] OneCare product," said Symantec in a statement. "OneCare has failed multiple third-party antivirus tests, including the latest Virus Bulletin, which is widely considered the benchmark test for AV [antivirus] engines."
Speaking to ZDNet UK at the Infosecurity Europe 2007 conference in April, Microsoft confirmed that FCS runs on the same engine as OneCare, but said that Microsoft was investing in the product.
"Security is not a fixed point in time," said Nick McGrath, Microsoft's UK director of security. "Any customer deploying any technology runs the best signatures and scanners available. Microsoft remains committed to investing in OneCare and Microsoft malware software tools."
Microsoft had previously admitted to ZDNet UK that OneCare should not have been rolled out, due to problems with the core architecture and with how the software interacted with other Microsoft products. Arno Edelman, Microsoft's European business security product manager, said that "bits and pieces" were missing from the code.
However, in a conference call after the Infosecurity event, Margaret Dawson, group product manager for security and access product marketing at Microsoft Corporation, insisted that the common engine for OneCare and FCS was "strong", and that the fact that OneCare had returned false positives for Microsoft's own products did not matter.
"The anti-malware engine in Forefront is a very strong engine," said Dawson. "No software is 100 percent — all [antivirus] software returns false positives."
In a flurry of emails after the conference call, Microsoft said that OneCare held accreditation from both ICSA and West Coast Labs, which benchmark anti-malware products, and that OneCare had only narrowly missed the Virus Bulletin 100 (VB100) test.
"We currently hold ICSA and West Coast Labs accreditation for Windows Live OneCare," Dawson said in an email.
"On the Virus Bulletin 100, we missed the last VB100 award as we were unable to detect one piece of malicious code," Dawson continued. "We are, of course, disappointed to not have gained the VB100 accreditation and are very focused on rectifying this when the VB100 test is next run."
However, senior security analysts have said that Symantec's criticism of FCS is "valid". Andy Buss, senior analyst at Canalys, said that businesses should evaluate any security product before deploying it, and that, as a new product, FCS doesn't have a security track record. This would not overly affect Microsoft sales, said Buss.
"There are numerous technical criticisms of Microsoft code, but that never stopped it winning markets," said Buss. "Microsoft is about throwing resources at strategic areas, and they've won a lot of markets by pushing heavily to get it widely adopted."
Buss added that he expected FCS to improve but that the scope of the product was too narrow, as it does not cater for Apple Macs.
Did you find this article useful?
17 out of 19 people found this useful
- Share this article:
