Antivirus and Malware protection on WES based clients

To install an antivirus or malware protection product on a WES based client has always been a hot topic. But why?

Nobody would discuss the need of such a solution on a standard Windows PCs or even Linux or Mac. But for many companies WES is somehow special.
What makes WES so special on this case? It is a feature called Write Filter. WES has implemented this since the beginning. The very first version was designed by Wyse and from that point adapted and enhanced by Microsoft.
A Write Filter prevents writing any files or configurations to a client. If your client now gets infected by any malware, you can simply reboot the client to clean it up.
What works perfectly fine with one or only a few clients, does not work if you have to support hundreds or even thousands of clients. You would have to make sure that all clients are shut down at the same time to prevent re-infection from running clients.
One solution in the past was to install an antivirus solution. The culprit was that you would have to make sure that the new pattern files are stored on the client. Although there are ways to do this, it is not trivial, needs a lot of work and much space on the clients flash drive. Second issue is, that a typical AV solution consumes a lot of CPU cylces.

Dell  has now announced a brand new solution to these problems. It is called Dell Data Protection | Threat Defense.
This is not yet another AV solution but a complete different way to prevent infection. The solution is based on a small programm that consumes nearly no CPU cycle and does not even need pattern files.

“While other vendors depend on a ‘detect and remediate’ approach that alerts IT staff to an attack after the damage has been done,” said Jeff McNaught, executive director and chief strategy officer, Dell Cloud Client-Computing. “Dell employs a ‘prevent and protect’ approach that prevents these attacks from succeeding, and has been shown to be 99 percent effective against even zero-day and polymorphic malware attacks, well above the catch rate of traditional anti-virus products based on malware signature recognition.”

And all this is done with “simple” mathmatics.

Dell will include this solution in their WES7 and Win10 IoT image mid June 2016.
You will see a big announcement during the Citrix Synergy next week. If you are attending, don’t miss to check this out.
I was really impressed when I first saw this solution.

With the most secure OS ThinOS and now Thread Protection on WES, Dell really made a huge step in security.