"Our point of view is that Microsoft's entry into the market is good because with their scale, you can get a lot of consumers to be aware that security is needed [and] that security needs to be taken seriously," Effendy Ibrahim, Symantec's consumer business lead for Asia South, said during the company's Asia-Pacific launch of Norton 2010 security suite here Tuesday.
However, Ibrahim is less convinced that Microsoft's free Security Essentials (MSE) consumer suite measures up in terms of effectiveness.
Officially launched last week, MSE is available as a free download via Microsoft's Web site that includes various security tools including antivirus, anti-spyware and rootkit protection.
Pointing to Microsoft's disastrous OneCare offering, Ibrahim said: "The bad part is that [MSE] is a product that just doesn't work [and] there are reviews that can vouch [this].
"It gives consumer a false sense of security... Basically, Microsoft is protecting you against viruses that are outdated," he said, adding that MSE protects against just 20 percent of threats today.
David Hall, Symantec's regional product manager, noted that signature-based protection is now obsolete "so the question remains whether Microsoft will add new [security] layers to their product".
He explained that traditional antivirus tools are no longer effective today as malware creators have been able to introduce unique threats that bypass traditional security technology. "Cyber criminals want to make unknown malware and threats, and you can't create a virus signature for [a malware] that you're never seen before," he said. This, he added, underscores the need for reputation-based defense that "relies on the wisdom of crowds".
Norton's reputation-based technology
And Symantec is betting that this will be its market differentiator.
Norton 2010 encompasses up-to-date protection using the company's reputation-based technology, dubbed Quorum, Hall said. In development over the past three years, Quorum checks against various information about a file such as its age, download source, digital signature and prevalence, to determine its reputation and potential security risk, he added.
Previous security software rely on signatures of files to detect if they are malicious files. However, malware creators have overcome this by creating unique pieces of malware that will not be easily detected, and at a speed that cannot be identified in time by security tools.
Quorum gathers file information from Symantec's user base of 35 million worldwide and assesses the reputation of files, including unknown malware.
It is this "large global footprint" covering 200 countries worldwide that, Ibrahim said, will provide the critical sample size for Norton 2010 to offer more accurate reading of a file's reputation.
"The more people that join this community, the safer it becomes," said Hall. He added that information retrieved are merely fingerprints, or MD5 hash, of the user's computer and contains "no personal identifiable information".
Quorum servers are currently located outside the Asia-Pacific region, he said, but noted that the systems are supported by a "high level of redundancy" to ensure the servers are "always available".