1. Technical Field
The present invention relates generally to protection of computer systems from malware and, more particularly, but not by way of limitation, to protection of computers in a network-computing environment from malware using a multi-tiered approach.
2. History of Related Art
The term malware is generally understood to refer to various forms of malicious, hostile, intrusive, or annoying software or program code that may cause harm to a computer by, for example, destroying or corrupting data, affecting performance, or assuming control of the computer to perform illegal or unwanted activities. The use of malware-protection technologies, such as, for example, software offering features such as, for example, detection, quarantine, removal, and immunization, and the like, is one way to mitigate the potential damage malware may cause to a computer. However, conventional malware-protection technologies fail to address malware-protection concerns for computers functioning in a network-computing environment.
One of the drawbacks of conventional malware protection is the need to install malware-protection software on each computer in the network-computing environment, which may, for example, greatly increase the logistical support needed to ensure that a consistent version of the malware-protection software is installed and maintained on every computer in the network-computing environment. With the increasing size, complexity, and importance of computer networks, the logistical requirements associated with the use of conventional malware-protection technologies are increasing at an unsustainable rate.
Another consequence of the use of conventional malware-protection technologies in a network-computing environment is the inability of all computers in the network-computing environment to be able to quickly identify and respond to a malware threat that may have previously been identified and responded to by another computer in the same network-computing environment. Conventional network malware-protection strategies require that every computer in the network-computing environment protect itself without coordinated communication with the other computers in the network as to any threat detected and the subsequent response to that threat.
This lack of communication among networked computers may, for example, increase the time to respond to an identified malware threat and allow the malware threat to spread to other computers in the network-computing environment before the malware threat can be detected and responded to by the malware-protection technologies. This lack of communication, may also result in duplicative computational effort as each individual computer in the network-computing environment works to detect and respond to potential malware threats. This duplicative effort often causes degraded computer performance and an unnecessary waste of computing resources that could be put to more productive uses.