Photos: Symantec's Security Response labs

Photos: Symantec's Security Response labs

Summary: takes a peek behind the scenes at the security specialist's European anti-malware operation in Dublin.

TOPICS: Symantec, Security, EU

 |  Image 4 of 5

  • Thumbnail 1
  • Thumbnail 2
  • Thumbnail 3
  • Thumbnail 4
  • Thumbnail 5
  • The clean machines the antivirus staff work on are physically located inside the blue zone, pictured, while the researchers sit in the red zone, which contains infected machines. The analysts use thin-client terminals linked via cables to the clean "Definition, Build and Certification" systems to compile antivirus signatures.

    Hogan said there was "nothing cloak and dagger" about infected machines being physically separate from employees' personal work machines, and that it was simply "to prevent accidents". Hogan added that the antivirus researchers would prefer to work in physical proximity to their personal machines. "It's more of an annoyance, as they can't [easily] access their production [personal] machines," said Hogan.

  • The green zone is a mixed server room that separates systems requiring access to both the viral network and the clean network. The green-zone servers also maintain firewalls between the blue and red zones.

  • Pictured here is the red zone, where Symantec researchers work, and which contains infected machines.

    The Dublin response team is part of a global network: there are Symantec security response units in Calgary, San Francisco, Mountain View, Culver City, Pune, Taipei, Chengdu and Tokyo. Analysts monitor the Internet and customer submissions, on rolling eight-hour shifts for possible pieces of malware.

    Symantec receives approximately 60,000 submissions per month, leading to 2,000 manually coded antivirus definitions per month, produced by approximately 135 analysts globally. A network of anti-malware companies also collaborate to produce a "zoo" of 150,000 to 200,000 pieces of possible malware for which Symantec builds signatures, mostly automatically.

Topics: Symantec, Security, EU

Tom Espiner

About Tom Espiner

Tom is a technology reporter for He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories


Log in or register to start the discussion