As we emerge more and more is a Software + Services world, Panda took advantage of this new wave and released the World’s first cloud antivirus solution.

The protection model based on a thin-client agent and server architecture which services malware protection as opposed to locally installed products. By combining local detection technologies with cloud-scanning capabilities and applying non-intrusive interception techniques on the client architecture, Panda Cloud Antivirus provides some of the best protection with a lightweight antivirus thin-client agent that barely consumes any PC resources.

Of course this S+S approach has advantages and drawbacks.

Advantages:

• Always using the latest version of software and protection
• Minimum impact on local resources
• Detection of threats in less than 6 minutes (this is what Panda announced on the official blog)

Drawbacks:

• Need of permanent Internet connection
• Without Internet connection the protection is reduced

Panda Cloud Antivirus takes advantage of the cloud world and combines the information from all users in order to detect and stop malware. Using the so called Panda Collective Intelligence, a cloud-based test lab for malicious software, samples are collected, analyzed, categorized and, if needed, disinfection routines are created. Therefore the community becomes the lab. In this way there is no need for software updates, there is no virus definition database on the client computer and everyone has access to the latest protection.

Compared to other antivirus solutions, Panda categorizes local files from “real security risk” to “minimum security risk” and by this criteria the scanning engine prioritizes it’s tasks. There are three types of automatic scanning (as mentioned on the official blog):

• On-Access Scan. This is the maximum priority resident scan that is applied only to objects which are truly a security risk in a specific point in time: files which are being executed or used. The file is intercepted, prevented from running and disinfected if found to be malicious.
• Prefetch Scan. There are other elements such as files downloaded from the Internet which, while not being executed at a specific point in time, have a much higher risk and probability of being executed at any time. These files should be watched more closely than files which have barely any activity, as we can expect them to be executed, unpacked, copied or moved shortly. A Prefetch Scan basically launches an asynchronous local & cloud query on the file to scan it “as soon as possible” without impacting performance. Of course if any of these files is called to be executed, the file will be intercepted and an on-access scan will be applied to it.
• Background Scan. Lastly a normal PC has hundreds of thousands of files in its hard drive. Most of these files are not executing normally and simply just “sit there” until either the use double-clicks on them or they are called upon by another process. These are considered the least dangerous files from a security perspective. Panda Cloud Antivirus will continuously run Background Scans on these in an asynchronous manner while the PC is idle, without impacting performance at all. Of course if any of these files is called to be executed, the file will be intercepted and an on-access scan will be applied to it.

In my opinion this approach is completely logic and makes sense to scan executing files first because they are the big candidates for infecting the system.

Because it would be impossible to send the entire file in the cloud for analysis, for each file multiple cryptographic hashes are created; among them is a “reverse signature” of the file. This reverse signature is able to identify multiple similar files. The response from the cloud can be “malware”, “goodware” or “unknown”. There are sent also some “behavioral traits” of files to be scanned heuristically remotely by the cloud. These are basically properties and characteristics of each file. In summary, no content and no personal information is ever sent to the cloud.

The following video describes how the Cloud Antivirus works:

The system I used for testing is a Windows Xp Professional with Service Pack 3 that was running in a virtual machine with 512 MB of RAM and single core processor. The results mostly sure were affected by my laptop’s hdd with only 5400 rpm and by the fact that I was running in a VM. However the overall impression was good.

The interface is absolute minimalistic. Window appearance is quite fancy with some flip effects if you click the lower right corner – I think it is inspired by Mac applications. The user has access to some basic settings, scanning options and reports:

I was impressed by the fact that it actually found some threats. Also he detected instantly the “Sub7″ application and deleted all its files.  The only problem is that the computer scanning process (full scan) is extremely slow. It took almost an hour to scan all the files on drive C.

But considering that the resource usage is more that reasonable (see the next image – the CPU graph) I think the previous aspect might be overlooked.

If the previous thoughts were not enough to make you try it then the fact that it is FREE might change your mind. Panda announced that this product will remain free even when going out of the Beta program.

I think this type of solutions are the future but there is still a gap that must be filled in: the permanent Internet connection. However if the connection is available Panda Cloud Antivirus is a viable solution especially for machine with low resources like netbooks or even PDA’s. There are still many problems with Panda Cloud Antivirus that can be seen and discussed on the official blog and there is no 64 bit support but the overall trend is good and I think it might be a future protection solution.

My personal rating would be 8/10 but because it is Beta I’ll give it a 9/10.

You can download the cloud antivirus from the official website.