Print
Discuss
Send to friend
RSS feeds
Protecting business infrastructures against digital attack is now an everyday necessity. In 2003, an average of seven new security vulnerabilities were identified every day.
While figures suggest this number may have stabilised, the threat that businesses face from viruses shows no sign of abating.
Viruses and worms are becoming more sophisticated, and when it comes to working out the best strategy and, indeed, tools to protect your business, it can be a veritable minefield.
According to Ben Brierley, campaigns operations manager at supplier body Intellect, one of the hardest steps for businesses is working out what you need.
"Carry out risk assessment and choose a product that is most suitable for your needs," he says. "Businesses will have different needs. If a company has loads of users who want to use loads of software, some solutions may be more suitable than others."
Brierley also advises businesses to speak to the antivirus vendors - they know what they're talking about.
Computing, in conjunction with its sister title Personal Computer World, takes a look at five of the corporate antivirus offerings on the market.
F-SECURE ANTI-VIRUS TOTAL SUITE
There are many F-Secure products available, and it can take a while to work out what you require.
As far as the desktop is concerned, however, F-Secure Anti-Virus for Workstations is the main solution, supporting Windows (95 up) and Linux workstations.
Alternatively, on-demand and real-time scanning facilities are provided, and compressed files can be scanned along with network file shares.
There's no automatic reporting of new infections, but offline reports are possible and a distributed research team operates 24 hours a day to generate at least daily updates, with local access and support in the UK.
The company also offers a bulletin service (F-Secure Radar) to advise customers of new threats as they're discovered.
The comprehensive policies can be distributed across multiple Policy Manager servers on large networks, with alert options to indicate when policies are in danger and when possible security breaches have been thwarted.
Policy Manager is easy to install and the key components are easy enough to get to grips with, although the huge amount of functionality makes remote management complicated.
The extra security beyond virus protection is another bonus, but this does add to the price.
SOPHOS ANTI-VIRUS
Unlike other antivirus developers, Sophos concentrates on business and offers no specific consumer products.
Its main product, Sophos Anti-Virus (SAV), can be implemented on workstations, notebooks and servers.
Third-party developers of email and other applications can use SAV to check for viruses through calls to the published API (SAVI), and a developers' toolkit is available for this purpose.
Sophos also offers a custom application called Mail Monitor, which can be used with Microsoft Exchange (2000 and 2003), Lotus Notes/Domino and generic SMTP mail servers on a variety of Windows and Linux/Unix host platforms. Pure Message checks SMTP mail for viruses and to screen out spam.
Installation is straightforward, but SAVAdmin isn't particularly easy to configure, especially on networks that don't have a Windows domain server. However, once configured, the software works smoothly and requires minimal intervention.
Prices depend on the number of users and the level and length of support you require. Scan times are a little slower than in some other software, but Sophos has a good record of identifying new and unknown viruses.
ESET NOD32 ENTERPRISE EDITION
Windows is a key platform for NOD32, which supports all versions from 95 upwards.
The same software is installed on workstations and servers, and a memory-resident monitor intercepts file requests in real time and prevents infected files being opened.
Infected files can be cleaned, quarantined or deleted, and you can handle compressed and archived files, and scan for viruses in encrypted and password-protected databases and documents.
The Windows scanner can examine mapped network drives and local Outlook or Outlook Express email databases.
Facilities to update virus signatures and the antivirus software are also available, with the ability to schedule updates as often as needed.
Eset claims never to have missed an unidentified virus since NOD32 was introduced. It also boasts one of the fastest scanner technologies around.
We can't vouch for the first of these claims, but the Windows scanner was certainly one of the quickest in our tests.
Updates were completed quickly, too, and Eset was very much on the ball during the recent Netsky and Bagle outbreaks, but there's no automatic reporting of new viruses.
Fast and with a light footprint, this is a good corporate solution, but needs beefing up on the management front.
KASPERSKY LABS ANTI-VIRUS BUSINESS OPTIMAL
Kaspersky Labs markets a range of antivirus and anti-spam solutions for home and business users. The Anti-Virus Business Optimal suite is aimed at companies with networks of up to 500 users.
Business Optimal is a pick-and-mix solution, consisting of a number of components split into three groups.
The first provides protection for desktops, with a choice of Kaspersky Anti-Virus modules for Windows (98 up) and Linux workstations.
The second covers file servers with modules for Windows (NT/2000/2003) and Linux deployments, and the third provides antivirus protection for email.
The same antivirus engine is used throughout, with flexible options to check for and either delete or quarantine any suspect files.
Management is straightforward, and involves ensuring that updates are obtained according to the correct schedule and appropriate scanning and detection options are selected.
Standard policy files can be created and used to enforce compliance, and a separate administration kit is provided to install and manage the software remotely over a TCP/IP network.
This software has a lot to offer, with fast scanning times minimising the effect on other applications. However, you can't send viruses back to the developers for identification automatically, and the administration kit isn't very effective.
SYMANTEC ANTIVIRUS CORPORATE EDITION
Symantec AntiVirus Corporate Edition is targeted at companies with Windows and NetWare networks. Symantec makes much of its Digital Immune System, developed with IBM and included in all its antivirus products.
It offers closed-loop automation, which allows for hands-free detection, analysis and removal of new virus strains as they appear.
In practice, you get automatic quarantine for offending files and secure transmission to Symantec for analysis.
Automated response systems at the Symantec AntiVirus Research Centre (Sarc) then develop cures and transmit them back without any need for operator involvement, allowing new viruses to be identified and dealt with in just a few hours.
This is a very comprehensive offering, which can be something of a drawback. With so many installation options, it's not immediately obvious how best to deploy the client Symantec AntiVirus software, and the interface can be baffling in places.
Another problem is the need to call up other tools with different interfaces to complete many of the initial set-up tasks. There's good supporting documentation, but it does take a while to get to grips with it.
This well-respected product addresses core network antivirus requirements, but is complicated to configure and requires additional components for total cover.
See also:
The latest wave of cyber-crimes and acts of vandalism have demonstrated once again that many systems are still vulnerable to attack. 15 Apr 2004All Enterprise Security Technology
del.icio.us
Digg this
reddit!
