Security

Lock IT Down: Use top-notch antivirus resources

The benefits of top-notch antivirus software are explored

Virus protection is no longer a secondhand issue. Many administrators learned this in 1999 with the onslaught of macro viruses attacking via e-mail, and those who didn’t probably learned their lesson last month when ILOVEYOU hit.

Of course, with commonplace desktop-level Internet access, your network has many routes for a virus to enter beyond e-mail and removable disk storage. As a result, antivirus protection should rank at the top of your priority list.

However, it takes more than making sure antivirus software is installed on servers and end-user workstations. Updating your antivirus signatures regularly is a critical step you should already be scheduling routinely.

In numerous LAN and WAN environments, I have seen installations of reputable antivirus applications, only to discover definition files outdated by more than 120 days. I’ve also found outdated application versions. Such sloppiness ultimately defeats the purpose of antivirus installations. Diligent attention should be given to maintaining both application updates and virus file definitions.

To our good fortune, there are several excellent A/V tools on the market strong enough for the most demanding network. Three such products offer expansive network administration features, virus research centers, and excellent application and virus definitions updates, including strong macro virus protection.

F-Secure Corp.
F-Secure Corporation (formerly Data Fellows) offers a network-ready antivirus application available for several platforms, including the infamous Linux OS. The organization promotes protection on three levels.

F-Secure for Windows 95/98 is one of the more commonly used installations. A network administrator can install and configure F-Secure and create a common network folder for distribution of desktop installations, virus definition updates, and application updates. As network users log in, the application is initially installed and then updated at each network login on all desktops. If a virus is detected, F-Secure alerts the administrator via an e-mail message.

An added perk is the company’s second “home use” license. Each user on the network can also carry home and install a licensed version of the A/V. F-Secure also offers server-level A/V and installations for firewalls, preventing viruses and malicious code from making it to the desktop level from HTTP, FTP, and SMTP traffic (including support for Checkpoint 1).

Sophos
Sophos Sweep by far claims the widest platform support, covering just about everything from AIX, Linux, Macintosh, SCO, and Sun to Windows. Sophos also offers central network administration and installation features, including single-point configuration for both server- and desktop-level installations, automated installs, and software/definitions updates.

Sweep includes one unique offering. The software improves the speed of the application while preserving network performance. The advantage is obtained using the company’s proprietary Intercheck technology. This feature utilizes a mix of scanning and checksums to reduce the number of times files need to be scanned, while not compromising the integrity of the virus protection.

Symantec
Symantec’s Norton Anti-Virus Corporate Edition has several key features to benefit the system administrator, in addition to preserving support for scalability. Norton A/V provides server- and desktop-level support for all Windows platforms, including the existing DOS workstation and the new Windows 2000. Taking their claim to premium protection seriously, Norton offers both a quarantine server to secure infected files with a visual interface for repairs and a real-time link to the Symantec AntiVirus Research Center (SARC) for virus detection solutions and even repairs to your infected files not handled within your network. (The latter feature includes admin controls to either automate delivery to SARC or handle them manually as needed.)

Other resources
There are several additional resources that administrators can use to stay abreast of virus news and for evaluating third-party reviews of A/V products. Two are listed below. For more information, check out TechRepublic’s Security Links download.

ICSA
ICSA offers an extensive review of A/V products in a Consumer Reports fashion. It provides a wealth of news from the A/V community.

Virus Bulletin
The Virus Bulletin is an international journal covering computer viruses and antivirus research. It also offers evaluation-style reviews of applications on the market.
If you'd like to share your opinion, please post a comment below or send the editor an e-mail .
0 comments

Editor's Picks