SmartScan 2 – smarter and faster than ever!

In the third of our series of pre-Outpost 2009 improvements, we’ll take a look at the revamped SmartScan technology. Even if you’ve never delved below the surface of Outpost’s functionality, you will have noticed that a quick malware scan is performed in no time and even a full scan is pretty quick; well, that’s all thanks to Outpost’s SmartScan option. First implemented in Outpost Security Suite Pro 2007, this function (optional but highly recommended) worked on the principle of storing the details of previous scans in cached files in every folder on your PC; this avoided the need to recheck data that had already been scanned and had not changed since the last scan.

While this option was a great time-saver, in its original form it also caused anti-rootkit software to false-alarm on these cached files. Of course, these files were quite benign and not rootkits at all. They were protected by Outpost’s self-protection, so that no malware could subvert them (i.e., edit or delete them). Outpost 2009, to everyone’s relief, will no longer cause these false alarms to occur.

In the new version, all data about previously scanned items and folders is stored in a single file in the Windows/System32/ folder. Not only is gathering information from one source faster and easier for the scanner, but it also helps to avoid the abovementioned ‘false positive’ issue. This technology change goes hand-in-hand with some GUI tweaks, such as:

- During the installation, the ‘Enable SmartScan’ option is checked by default, regardless of which operating system is in use
- You won’t see any more program requests for clearing cache files on uninstall.

In summary: malware scans will be even faster and the program will require less user interaction while still preserving the ability to customize.


According to our estimations, the new SmartScan should operate 10 times faster! Of course, the best way for you to check and understand the benefits of these changes is to experience them yourself, so why not download the latest beta at http://www.agnitum.com/products/outpost/betatest.php. For more 2009-related Monday blog-notes, please check http://agnitumblog.blogspot.com/search/label/monday%20update%202009 or subscribe to the RSS feed. Next Monday – another new feature!

Take care online,

Alexey Belkin,
Chief Software Architect, Agnitum

Revamped Event Viewer

The second in our series of Outpost 2009-related updates covers the newly-redesigned log display. Interestingly, this is a rare example of reverse development - in Outpost 2009, we are implementing the same logs structure as we had in Outpost Firewall Pro 4.0, though on a new platform and with some significant improvements.

Current users of Outpost 2008, either the firewall or the suite, can track events in text format. This approach has its pluses and minuses – while it enables users to do more with the data, it’s also more complicated for users to do that extra work. You’ve told us in no uncertain terms that you prefer the old approach, displaying events in chart form.

Here’s the events viewer in Outpost 2008:



And here’s what the new viewer looks like:



We hope you agree that we’ve made the right decision!

We have made the new viewer more flexible, too. Whereas Outpost 2008 groups information which might affect usability, the new version shows all parameters separately in columns, with transparent details on, for example, sent and received traffic, IPs or ports. Outpost 2009 will provide more options for filtering and sorting data within the various sections, like Firewall and Anti-Leak Control. A convenient “show” bar helps you to filter events by type and period, for example: “Allowed”, “Allowed during last 10 minutes”, “Allowed today”, “Blocked”, etc.


Outpost 2009 also lets you set up a filter by value for every column and row by right-clicking and selecting Exclude/Include commands; the “Show all” command disables the filter. One additional improvement is the subdivision of the Web Control menu in the Events Viewer to show two parameters: history of downloads and history of blocked connections.

A short summary of what Outpost 2009 will offer in terms of logs:

- Detailed charts
- Easier filtering and sorting
- Better configuration with new menus

Plus we’ve included some neat design tweaks, placed “refresh” and “clear” buttons in the toolbar and some other small improvements.

In summary, the new event viewer offers greater usability for advanced users and, more importantly, more control over the product.

With the new events structure, it’s easier to analyze logs quickly and in detail to draw the right conclusions and customize your protection appropriately for your current conditions (and common sense).

We welcome your thoughts and impressions of this “new old” feature and, if you haven’t already signed up, join our beta test program at http://www.agnitum.com/products/outpost/betatest.php. That way, you can check the changes as they happen and give us instant feedback to improve the product. In the meantime, keep your eye on this tag link to Monday updates: http://agnitumblog.blogspot.com/search/label/monday%20update%202009 and subscribe to the RSS feed. See you next Monday!

Cheers,

Alexey Belkin,
Chief Software Architect, Agnitum

Monday Update: On the Road to Outpost 2009. Improved Network Activity screen

This blog posting is the first in a series where I’ll describe the new features and improvements we’re making as we develop the Outpost Pro 2009 products, which are now going into beta. We’re encouraging everyone to get to know the new versions gradually, learning all aspects of what’s new and what’s better, so we can get your feedback as we develop the products. Many of the improvements in our products are suggested by our users, so you might find your idea in a future blog posts in this series. Look for new information about Outpost Pro 2009 here every Monday!

Many of the improvements involve the GUI and the overall ease-of-use of the products. The first aspect I’m going to write about is the new Network Activity window, whose goal is to provide you with real-time information about what’s going on inside and outside of your PC. Those of you who have used our products before will recognize the screenshots below.

Here’s how the Network Activity monitor screen looks like in Outpost Security Suite 2008:



And here’s the 2009 version:



We received many requests to implement this feature, so here it is. The driving principle in the new implementation is the grouping of connections for applications, which we were not able to implement in the 2008 products. This enables you to see traffic summaries as well as separate data for each connection. You can also group connections by column.

Another thing we’re planning to do here is enable application properties and rules list pop-ups when you double-click on an item, so you don’t have to choose Settings and then further options to see the details. A small but useful point which should be implemented in an upcoming iteration.

So what’s the benefit of this approach over the corresponding display in Outpost 2008? In a word, consistency. The more convenient display and simple grouping of items makes the information easier to understand and more intuitive, as you would expect in a mature product like Outpost.

If you would like to try the beta-version yourself and help us improve the product, please go to http://www.agnitum.com/products/outpost/betatest.php. We look forward to welcoming you to our beta testing family, and don’t forget to check back here next Monday for another preview. To make it even easier, subscribe to our RSS-feed to receive new information as soon as it’s posted.

Cheers,

Alexey Belkin,
Chief Software Architect, Agnitum

Security Choices, Part 4: Complementary Security Software

In our Security Teacher series of articles we’ve already reviewed the key essentials in security software (firewall, antivirus, proactive tools), it’s now time to take a look at some applications that will enhance those basic security measures with additional security and privacy capabilities.

Read on to see what the antispam can do for you, along with anti-phishing tools and web browsing security, and don't hesitate to share your comments here and in the Security Teacher!

Igor Pankov,

Security Teacher (Insight) author

First Agnitum’s antivirus Outpost Antivirus Pro is available

Yesterday, on March 18, 2008 we launched the standalone antivirus solution – Outpost Antivirus Pro (OAV) with extended functionality including antivirus, antispyware, proactive protection mechanisms and web control elements. By this release we rounded up our security solutions arsenal, and now provide both reactive and proactive defense for those seeking for separates security products and all-in-one protection fans.

What’s included in Outpost Antivirus Pro?

• Fast and efficient virus protection to keep your computer clean of malware
• Comprehensive anti-spyware to safeguard your personal data
• Secure digital safe to store your confidential information
• Host protection to stop zero-day threats
• URL blacklist to block malicious internet sites
• Self-protection to prevent unauthorized termination of your security

As you may judge by the features list, OAV is a proactive antivirus that inherited host protection and self-protection functionality from its big brother – Outpost Security Suite Pro 2008. Two antimalware labs (our partner’s analysts and the in-house team) are working to ensure latest virus and spyware updates, the most valuable factor in the antivirus industry.

What’s also special about Outpost Antivirus Pro is its price or rather the pricing model. Whereas an average AV vendor would set a higher complex price for the initial purchase (around $40) to cover its development and marketing expenses, Agnitum charges its customers just for the updates.

That is: with OAV you pay $19.95 at the first buy and for all following updates every year. We are not inclined to increase the price artificially as we didn’t create the product from scratch (but transferred existing functionality from OSS) and are not going to invest huge sums into advertising. Agnitum suggests the user pay for what really matters – daily database updates and support.

You can download the software at: http://www.agnitum.com/products/antivirus/download.php .

There’s an important note for those of you who prefer bundling standalone solutions. Outpost Antivirus should not be installed on a machine that’s already running Outpost Firewall Pro or Outpost Security Suite! Having two products on one machine will cause conflicts, as all the solutions contain host protection mechanisms that would be involved in a fight when used simultaneously. So let us deter you from such experiments.

However, being a user of Outpost Firewall Pro, you can upgrade to Outpost Security Suite that includes antivirus functionally with a 60% discount, click here for details.

Anyway, in case you already have Agnitum’s products installed and would like to somehow take advantage of Outpost Antivirus Pro despite the incompatibilities, there is going to be a special gift for you. You’ll find all the details in Agnitum’s March newsletter, so keep your eyes on: http://www.agnitum.com/news/agnitumnewsletter/index.php page or just subscribe to know the latest news.

Mikhail Penkovsky,

Global VP for Marketing and Sales,

Agnitum

Musings on anti-virus pricing

What do you think about the way anti-virus vendors price their offerings? We’ve been mulling over some ideas on this and would like to share them with you. Hopefully, you’ll have some thoughts to share with us as well.

Antivirus solutions have been on the market for around 20 years now and are pretty much a commodity item. Most people install one, “just to be safe”. Even most security suites seem to be built around anti-virus (although a few of us do build them around the firewall).

So what’s the difference between firewall protection and anti-virus protection? A firewall can function “as is” without any updates, it has preset functionality, a predefined set of measures to defend against intrusions, data leak and other threats. Anti-virus, on the other hand, is more based on the update principle and ensures effective protection as long as the virus definitions are kept up to date. Obviously, I don’t underestimate the value of scanning speed and accuracy, or, a convenient user interface, but the fact remains that it is the constant updates that characterize anti-virus most strongly in contrast with firewalls.

With this in mind, let’s look typical pricing for antivirus protection. When setting prices, vendors of course need to take their own cost basis into account. Those costs can be split into two major categories: development-related and promotion-related. Leaving development aside (we all have to do development, let’s face it), the real differential in spending comes into play with marketing. After all, no-one buys a product they’ve never heard of. So, millions are spent to tell you about these products. Who pays for this? Software manufacturers do, and – yes! – you do, too!

Imagine an equation: development expenses + promotion expenses + updates (antivirus services) = initial software price. If we assume that the typical initial price for an anti-virus product is $39.95, industry averages indicate that number is made up of $10 base development, $10 marketing, and $20 (give or take) on the research, implementation, testing, and distribution costs related to updates. So when you renew your anti-virus subscription, you’re typically paying around $20 a year for that ($30 if the company does *a lot* of marketing).

So my question is – since anti-virus is a commodity and thus most of the initial development costs were amortized years ago, why are vendors still charging as if they wrote the software last week?

Looking forward to your thoughts!

Mikhail Penkovsky,

Global VP for Marketing and Sales,

Agnitum Ltd.

Outpost Pro 2008 - new bug-fixes ready

Yesterday (February 26, 2008) Agnitum Team issued two important bug-fixes for Outpost Firewall Pro and Outpost Security Suite Pro 2008.

The following improvements were introduced:

• Compatibility with Windows Vista SP1
• Compatibility with Windows Server 2008
• Ability to automatically create rules for applications signed by trusted vendors
• Ability to disable content filtering for specific applications
• Ability to block Flash banners and ads by GET request
• Auto-Learn mode improvements

For more details please visit OFP and OSS' history of changes unit.

You can download the new versions at the respective product pages:

http://www.agnitum.com/products/outpost/download.php http://www.agnitum.com/products/security-suite/download.php

Looking forward to your feedback and thoughts.

Alexey Belkin
Chief Software Architect
Agnitum Ltd.