Malware

Apply the D.I.C.E. framework to determine your best antivirus solution


This blog post is also available in PDF form as a TechRepublic download.

If you use PCs for work, you must deal with the constant threat of viruses. Not only can they take an individual computer down, but they can also wreak havoc on your network. They can delete files from your network shares, infect other computers, and take up all of your bandwidth.

You must have some sort of antivirus solution, but there are many options. To make the best decision, you need to consider dozens of parameters and answer specific questions about your needs for antivirus protection.

To help you apply the D.I.C.E framework, we've created a sample Excel worksheet that incorporates the framework described. The worksheet is available in the download version of this document. Enter your weighting for each of the categories in the worksheet, and then rate the importance of each category for each product to get an indication of what antivirus solution you should acquire. To make the D.I.C.E framework spreadsheet available to the most users, we have included an Excel 2003 and an Excel 2007 version of the worksheet in the download.

Difficulty

Few antivirus products come without some type of difficulty. If you're just standardizing on one certain client, you'll have to manually check each PC or laptop to verify the client. You'll also probably need to install the client on some computers and uninstall what they currently have. You'll also need to train those users that had different clients on how to make sure the new client is updated and what they should do in the event of a virus.

If you're rolling out a corporate antivirus server, you can generally push the new client from the back-end console. Many newer products even allow you to automatically uninstall any old antivirus products on the PC. You'll also need to set your configuration so that all clients are updated and have procedures in place when a virus occurs. While configuring antivirus software globally is easier than doing it for every client, you'll need to be more careful in what you configure because the settings will affect everyone.

Investment

If you're using antivirus for your business, you'll most likely need to pay for it. While there are several good free antivirus solutions available, they generally are for personal use only.

Costs can vary. You can pick up an antivirus client at almost any store now for around $20, or you can buy a corporate server, which will probably run you more than $1,000.

Part of the cost you must consider, though, is not just the initial purchase price, but the fact that most antivirus solutions also require an annual renewal fee to continue receiving updates. You must pay for these updates, or you risk exposing your computers to the new viruses you don't have protection from.

These fees vary by vendor. Generally, if you buy a corporate solution, your vendor will tell you what your annual renewal fee will be upfront. If you're using off-the-rack solutions, you may have to wait until the software is installed (and paid for) before you know what your annual renewal will be.

Capability

While every antivirus solution offers you the same base capability (protection from viruses), many offer additional abilities you may be interested in. With a corporate server solution, you'll automatically be offered the ability to configure and monitor all of your system's antivirus software from a central location. Also, you can distribute the regular updates to your clients from the server and verify that they're being installed. If you use local antivirus software, you'll either need to manually update each PC or train your users to do so -- and trust that they do.

You must also consider your e-mail solutions. Can the antivirus scanner you're looking at integrate into Outlook, Thunderbird, or Eudora clients? What about your PDAs and smartphones? Do you need antivirus protection for them?

Another factor to consider is which server products you're running. Do you need antivirus protection on your Microsoft Exchange Server or perhaps your NetWare file server?

Finding a unified solution from one vendor that can provide protection to all of your systems is a great benefit. Usually, you can even control your server antivirus products from the same console as your desktop clients.

Also, there may be other applications that come with your antivirus solution. Commonly, a form of anti-spyware protection is included, but there are many other options. Everything from firewalls, password protectors, and even anti-spam solutions can be found packaged with antivirus software now.

Expandiblity

You want a solution that will grow along with your business. While you may not have a large server infrastructure yet, are you planning on adding a couple in the next year? Can your antivirus solution handle the additional load? Will it be able to protect the operating system of the servers where you're implementing the antivirus software?

What about applications on those servers? Will you be adding new PDAs or smartphones to your environment? If you're using local antivirus software, at what level will you need to change to a corporate solution? How soon are you planning to be at that level? How long will the local clients serve you? Is the investment worth it now?

Final thoughts

There are many considerations involved in choosing your antivirus solution. Your business is worth putting the time and effort into choosing the right one for you.

While antivirus software may seem like a no-brainer, it can be so critical to your business (especially if you aren't using any) that you need to be sure to assign it an appropriate priority. Losing one important file can more than justify the time, money, and effort you need to put into finding and implementing an antivirus solution.

D.I.C.E. framework

One thing you will notice when going through the above D.I.C.E. framework is that I have put no weighting on any of the categories. This is because it's up to you to determine what your primary concerns and needs are. This is something you should decide before even beginning your search for a antivirus solution. Once you have that, you can apply the framework in whatever weighted manner you wish.

2 comments
BALTHOR
BALTHOR

How is anybody going to hack the Internet?They would have to circumnavigate the BIOS basic screen name and password system.The Internet itself would have to be confounded.So,there are many computers loaded with virus commands confounding the Federal Internet system,possibly even stolen United Nation telephone equipment.The hacking system reroutes the Federal Internet through its computers.The Federal system defenses are blocked or confounded by virus.I do not think that the Federal system even senses the hacker system as a computer.It could be the hacker system looks for the Federal Internet Telephone number and reroutes it.Anyways---the general effect is a greatly reduced Internet with metered out improvements,and never ending problems.