Using Multiple Engines for Fast, Effective Protection of IM Environments

From the Forefront Server Security blog

 

Forefront Security for Office Communications Server integrates multiple antimalware engines from Microsoft and industry-leading partners to provide comprehensive protection against the latest threats. People often ask us what the big deal is about using multiple engines in our Forefront products. Well, multiple engines provide many advantages, which include:

 

- Increasing the chance that any single threat to your instant messaging environment will be caught.

- Providing redundancy against scan failures or defects in individual engines.

- Eliminating downtime during engines updates – if an engine goes offline for updates, the remaining engines continue to scan IM traffic.

 

We continually monitor antimalware engine quality and detection rates using internal and 3rd party independent testing organizations to ensure we are providing comprehensive protection for customers. Recently, we’ve worked with AVTest.org, an independent third-party testing lab, to provide insight into how different response times are between the engine set in Forefront Security for Office Communications Server and leading single-engine products. 

 

AVTest.org tested lab response times for 244 “in the wild” viruses and variants that appeared from October-December 2008. Results were provided for the Forefront Security for Office Communications Server engine set, as well as three leading single-engine vendors. Results showed that while 169 of the viruses were proactively detected by all labs, 75 showed significant variation in detection times. For these, the Forefront Security for Office Communications Server engine set had an average detection time of less than one hour. The three competitive single-engine solutions had average detection times of 34 hours, 32 hours and 124 hours respectively. The results show that Forefront Security for Office Communications Server multi-engine solution provides much faster, more effective protection against the latest threats than single-engine vendors. Detailed data about the test is shown in the chart below:

 

multienginetable

 

Brita Jenquin

Sr. Product Manager

Forefront Security Products