Information Technology Reference
In-Depth Information
management, software costs may continually escalate without need. Con-
current licensing application virtualization services allow the automatic
release of package-bound licensing when software sessions are terminated,
but many products including antimalware defenses and service applica-
tions may require manual interaction in order to expire or release legacy
software licenses when no longer in use or when storage media is securely
wiped for disposal.
Malware Defense
Many forms of malware continue to evolve with the rapidity of their bio-
logical namesakes. Early self-replicating programs led to the creation of
viruses, which evolved in turn to self-propagating worms and automated
malware defenses necessary to defend against the growing flood of Trojan
horses, keystroke loggers, browser redirects, and the many other forms of
malware that can flourish in an unprotected environment.
Application of patches and hotfixes can harden the network against
automated attacks, but social engineering practices can still introduce
malware into the enterprise though many channels. Active defenses lay-
ered atop a hardened network can help to identify emerging threats, iso-
late infections from other network elements, and automatically remove
many threats to the enterprise.
Note:
Although many types of malware can be removed automatically,
others will insert copies of their application functions into well-used files
or hide within protected system restore points. Manual cleansing using
protected operating modes may be required to restore function, but noth-
ing short of a total system wipe and reload can ever ensure absolute elimi-
nation of compromise.
The use of central management software is very helpful in mid-to-
large-scale networks, allowing identification of systems that have not
updated recently, those that fail to update properly, and those that have
been or are currently infected. Regular review of malware defense log files
is critical for the identification of emerging threats and failing updates,
which can provide a false sense of security to users who assume that their
systems are “once secure, always secure.”
