When it Comes to Security, What is Good Enough?
Ben Franklin once said that an ounce of prevention is better than a pound of cure. We couldn’t agree more when it comes to network security. From both time and financial standpoints, it is much more cost effective to prevent infections than deal with their aftermath. Infection cleanup is very costly to businesses. The latest estimates indicate that every lost identity record costs a business $188. While that doesn’t sound like a lot, multiply it by anywhere from 100,000 to several million records, which are typically what is lost in a single incident, and the costs add up quickly.
In Check Point’s Zero Second Test, four vendors were evaluated to see how quickly they could respond to a malware infected email. Each vendor has its own threat emulation process and some make trade-offs between speed and security. Some let potentially infected email attachments onto your network while they evaluate their safety. It only takes one person clicking on an infected email to launch its payload.
We tested solutions from Check Point, FireEye, Palo Alto Networks, and Fortinet – to see how timely they dealt with threat emulation. Check Point and FireEye both detect and prevent incoming malware before it passes into the network. Check Point has the fastest emulation time at 4 minutes. FireEye takes twice as long as Check Point to emulate and protect.
Because they take as long as an hour to propagate a protection, the Palo Alto Network’s WildFire and Fortinet’s FortiGuard solutions allow uninspected files to enter the organization’s network during the emulation and signature updating process. Allowing uninspected files into a network during emulation exposes the network to possible damage if the virus is inadvertently launched during that time.
How fast is fast enough? How good is good enough? When it comes to security it has always been our belief that only the best is good enough. We encourage you to read the results for yourself and see what security features different vendors are willing to trade. Visit the Zero Second page. Visit the Zero Second page.