F-Secure Ultralight Anti-Virus

2456

Answers


  • @Simon wrote:

    @Petrovic - How did you manage to create that screenshot?  When I try to do it, I get the screen underneath, but not the FS overlay. 

     

    F-Secure Ultralight Anti-Virus installed on a virtual machine. I use ashampoo snap.

    -----------------------------------------------------

     How to completely delete history / records in the GUI?

     

    Simon
  • AndyPAndyP Posts: 45

    @Petrovic 

    Currently we don't have a UI element designed to delete all records.

     

    Some records are intentionally non-deleteable, since they are associated with configurable settings. For instance, if a file is stored in quarantine, the event associated with that is non-deleteable to avoid preventing the user from restoring the file later. The same applies for decisions made by web traffic scanning (such as blocked URLs, etc.)

     

    All other events can be deleted by clicking the trash can icon associated with the event. We also provided various filters to make it easier to search for relevant events - the idea being that you don't really deal with those too often anyway.

     

    If you amass a huge number of events during testing and want to simply clear them all, the easiest way is to uninstall and then re-install the product (which is also a fairly fast thing to do).

    UkkoPetrovic
  • up and running, it's amazing and a bit hard to believe I have the same protection level as in the standard F-S av

  • up and running ! gee I'm all lost, can't help wondering what the level of protection is...
  • what kind of customers are you aiming at ? hose who were happy with panda cloud free ? Webroot fans ?

  • it's well beyond a surpise !
  • SimonSimon Posts: 2,583
    It's certainly different. Were it any other antivirus, and not from a company I trust, I too would have serious doubts about the level of protection. As it stands, I'm not quite confident enough to replace FSP with Ultralight on my main machine, but hopefully as it develops, that confidence will grow.
  • Ultralight Anti-Virus - paid product  after the release?

    ------------------------------------------------------

    I noticed that DeepGuard does not work without an active internet connection. Will it be changed?

     

  • SimonSimon Posts: 2,583
    @Petrovic - thanks for the recommendation re screenshots. :)
    Petrovic
  • Hello is this antivirus is available in a 32-bit?

  • AndyPAndyP Posts: 45

    Time to respond to a few more comments here!

     

    As far as our plans for this product go, it's still open. This beta is targetted as a concept and technology validation. There are no current plans to bring this particular product into our portfolio, and therefore no plans to make this a paid product. The underlying technologies will likely find their way into our existing Windows products and, if the UI concepts are well-received, they may affect future UX design.

     

    We are working on a 32-bit version of Windows Ultralight. The project was initially scoped as 64-bit Win7 and up. This allowed us to use many of the new features provided only by the newer versions of Windows to improve performance and security. However, in order to support our other product lines in the future, we are porting everything to 32-bit. No ETA on that one yet.

     

    I understand that many of you are finding it hard to believe that such a lightweight product can provide security similar to existing "heavy" AV products. I'd like to address that.

     

    Over the years, AV products have evolved. Back in the old days, when the number of malware in the wild could be counted in the thousands, simple methods, such as pattern checks and full-file signatures could be used to blacklist those specific files. As the numbers grew and grew, and with the addition of things like server-side polymorphic malware, these methods were no longer sufficient. Generic detections that analyzed the structure of files and looked for specific patterns of attributes were created. A single generic detection can catch hundreds of thousands of malware from a single family and variant.

     

    Protection is slowly moving forward from this file-detection based paradigm. We now have technologies that can analyze the execution of files and detect malicious behaviour. Technologies also exist to detect when a malicious file attempts an exploit. We can analyze network traffic and block malicious files from even arriving, as well as block malicious sites from being accessed. Many features in modern operating systems render old malware unuseable.

     

    Cloud-based scanning technologies give us the ability to send files for deep analysis on our backend. Once we've seen a file and analyzed it, that information is available to every user of this technology.

     

    Bringing all this together means that we can drop the heavy local databases of old, make the product lighter, and more importantly, respond a lot quicker to threats that our customers are seeing. As the user base grows, so does the protection level. Putting all these new technologies together ultimately provides a superior level of protection, and with the backends at our disposal, there's a lot more innovative ways we are going to be able to protect systems in the future.

    UkkoPetrovic
  • I would have liked to be able to read it BEFORE I had a peek at this app, the direction taken is very promissing but, as fas I am concerned, I can difficultly think of beta testing a fully cloud based AV, depending on a narrow bes of beta testers, on my main rig... Am I right thinking there is no offline protection. Anyway congrats for the the dev team, you really rock :)

  • SimonSimon Posts: 2,583
    Hi Andy,

    Thanks for that reassurance.

    One question - does the product rely on users having the upload to cloud feature switched On?

    Also, how do we know when the product has updated, or does it no longer do that in the conventional sense?
  • TahvoTahvo Posts: 44

    Seems to work fine on Windows 8.1

  • AndyPAndyP Posts: 45

    Yes, this product does heavily rely on having the upload file feature turned on. Our thinking is that if you're not online, you're probably not going to get owned. Of course there is the exception if you are not on the internet and plug in a USB stick, and that's something we'd like to address in a future update. Many of the protection components do not fully rely on an internet connection and there is a lightweight local scanner.

     

    All components are updated frequently, and there are local databases for some of the components. To see updates click the filter shown here:

    ultralight_02.png

    You can get that menu to appear by hovering over the "Important" button.

    Ukko
  • just installed, unfortunately I had to uninstall the fs protection, see if it was worth it Smiley Wink


  • @AndyP wrote:

    Time to respond to a few more comments here!

     

    As far as our plans for this product go, it's still open. This beta is targetted as a concept and technology validation. There are no current plans to bring this particular product into our portfolio, and therefore no plans to make this a paid product. The underlying technologies will likely find their way into our existing Windows products and, if the UI concepts are well-received, they may affect future UX design.

     


    I hope the F-Secure Anti-virus Ultralight will as a standalone product. This is a great development.

    Thanks for your work

     

     

  • SimonSimon Posts: 2,583

    With regards one of Andy's previous comments, I would certainly suggest looking again at the branding. Something like Internet Security Light, or IS Ultralight might be better.

    I would also suggest that maybe the current FSP product could be redisigned with a 'Light' option, keeping all the security features, but removing the Firewall and Parental Control components, which are largely given over to Windows anyway.

  • still not sure this can replace  the current protection on my rig... I know this is a beta, but FS 2015 beta had a sufficient level of protection in its time, could anyone from FS be explicit on that ?

  • yeoldfart@  Also I think about it

  • SimonSimon Posts: 2,583
    From what I understand, YOF, it has the same protection levels as the current security products, except for isolating the connection to banks and other secure sites (so, no Banking Protection), and it doesn't currently have offline protection, ie, for if you're offline and plug in a USB stick, for example.

    So, in short, it is missing some of the features of the current security products. Personally, I'm keeping it on a spare machine at the moment, as I don't want to compromise security on my main machine for banking, etc, but I am eager to see how Ultralight evolves. :)
  • I'm considering using it o my main rig (my wife won't accept any change on her laptop Smiley LOL ) after a fresh windows 8 history and backup as I am very interested in this unique AV concept.

  • SimonSimon Posts: 2,583
    Bear in mind it is a very early concept beta product. Perhaps Andy could advise as to whether it's a good idea to use it on a main machine?
  • AndyPAndyP Posts: 45

    I have been using this product on my main rig for the good part of a month already. I'm happy with the protection level if offers. However, in my line of work, I know very well what to look out for, where the product has shortcomings, etc. I'm also sitting with the guys developing it, malware analysts and a large number of experts in the field :)

     

    Bear in mind that this is a beta product. That means that you will be receiving more cutting-edge changes than a production product. I would advise against using any beta product on any system you would consider mission-critical.

    Ukko
  • UkkoUkko Posts: 2,960

    ---------------------

    and it doesn't currently have offline protection, ie, for if you're offline and plug in a USB stick, for example.

    ---------------------

     

    How I can to understand......

     

     

    Spoiler

    In fact... there have offline protection during USB/CD/DVD connection or other variants of malicious files transferring to system (when network disabled).

     

    There just will be basic, low.... and not full meanings of protection.

     

    Will be work just "offline core". Such as.... OK... it can be Hydra -engine as example;

    Or just "core" with signatures (or patterns, hashes or other) about MOST of critical (?! but outdated), engine-depended or important known files/signatures/patterns/hashes.

     

    Such as .... will be detection for most of related files for current engine as main F-Secure's basic core.

    Will be normal detection about some of files (it's can be malware, spyware or suspicious files), but it should be known for "offline"-engine (which same with basic-core... about default level of checking around. Such as known viruses maybe). Such as... it's F-Secure ULAV - small and ultralight. It's of course.. not really biggest collection can be. But maybe about most important. There I can just create a suggestion... that current basic-core should be also with updates for "last three days" new discovered malware/spyware/suspicious files as "offline". After that... goes be "just under cloud" and offline version with "next last three days".

    It's probably will be still around "small size", but with protection against NEW and modern malicious things EACH day... with offline-protection too. If it's on current time.. same things - good. Such as "basic-core" of detections and "some of last days around all new known malicious files" (which after day goes be just under cloud and offline-protection based on basic-core and "new-fresh detections").

     

    And during offline-protection.... will be dropped a lot of advanced things. Maybe it's will be include: aquarius-core under cloud, advanced-scanning patterns under cloud, Security-Cloud as protection behavior-based for "known files" and other variants of "static/dynamic/virtual analysis" under Cloud during launch or "trying to launch" files.  Also maybe it's related with hooks... such as... not available to re-get "result" of checks during launch.

     

    So... such as... there still have offline-protection, but around "default one" with dropped all of advanced-mechanism-detection-steps, which comes just by Cloud.

    In fact.... it's also can be same with FS Protection (about some of things), but FS Protection also have a lot of cache-history and more local database... which enough for most of "visible" advanced detection. And it's required to get more space.... more perfomance-usage... and all of other things, which certainly not related with ultralight :)

    But FS Protection/F-Secure IS close to be friendly with system too (for me).

     

     

  • all  I can It's freaking fresh looking, no competitors in sght, extremely light on ressources, running it as sole AV on my main rig (W8 x64) with episodic MBAM scans to make sure, no problems so far.

    One questio: is the gui in Java ?

  • just added webroot: neither F-S nor WR complained, work alongside together well

  • how long is this beta supposed to last ?

  • UkkoUkko Posts: 2,960

    About GUI question:

    UI maybe HTML/Javascript as Qt-based.  .... or maybe Java... as around OpenGL points..

     

     Anyway....

    Here also can be question.... does F-Secure ULAV planned also for some of other platforms? :)

  • I manually added a taskbar icon this way  C:\Program Files\F-Secure\Ultralight\ului\1417618500 then right clicked on Spclient_gui.exe to create icon the usaual way in windows 8

This discussion has been closed.