Protecting your network from viruses and Trojans isn’t cheap, but it’s significantly cheaper than losing employee productivity or mission-critical data due to a virus outbreak. One option to help trim your security costs is to use one of the low-cost alternatives. Many organizations are reluctant to try these alternatives because they consider them to be less reliable and less secure than the name-brand products. Nonetheless, there are low-cost solutions that might work well enough for you to consider, depending on the size of your shop and your security needs.

One such alternative is Grisoft Inc’s AVG AntiVirus. Grisoft was founded in 1998 as a holding company for Czech Republic-based Grisoft, s.r.o., a company that specializes in antivirus software. Grisoft makes its AVG antivirus solution available free to home users. The question is, is it an effective enterprise substitute for products from Symantec, McAfee, and the like? My experience with the product shows that it performs as advertised, but enterprises will still probably miss what they’re not paying for.

Product overview
The enterprise version of AVG is split into two different versions—one for servers, the other for workstations—and includes an admin module to make it easy to deploy the program to the network and to manage virus updating and other features. Performing the network install for the admin module can be a little complicated because it requires manually creating some directories on the server and copying required setup and other files to those directories. The manual work is a little annoying, but it’s not overly difficult.

One of the steps involves creating the folder that workstation installs of AVG will use to communicate with the server and to obtain updates. You can use this folder, for example, to automatically deploy the latest definition files to the network. You can then configure the server edition to automatically connect to the AVG Web site on a regular basis to check for updates and download them to the communication folder. The workstation component will then communicate at regular intervals with the server to obtain updates. If you’d prefer, you can also configure the workstations to go directly to the AVG site for updates.

Setting up AVG for network use requires creating the communication folder and connecting to it in the interface from the workstation installs, so it’s a critical component for interaction between the different pieces of the program. You’ll also use the network connections between the workstations and server to schedule scans on network drives. These can also be scheduled locally, but if you want to have more control over network scans, AVG allows you to manage them centrally via the admin module.

Figure A

A wizard in the admin module walks you through creating a network install script for AVG, and after you install the product itself, another wizard launches to step you through setting up basic program options. After that, you’re on your own as far as configuring the Update Manager (see Figure A) and Scheduler (see Figure B) features, which automate the definition updates and scanning.

Figure B

Once the installation finished, the first thing I noticed was AVG’s outdated and rather unattractive GUI. The interface looks like a throwback to the Windows 3.1 days, and you’ll encounter some occasional misspellings. In the manual I downloaded with the program in PDF format, I noticed the screen captures displayed were actually taken from the Czech version of the program. This isn’t a big issue compared to actual performance, but I think it reflects the level of polish you might expect to get out of a budget product. After all, that’s what budget alternatives are all about—fulfilling a certain promise without a lot of bells and whistles.

Test file
For a quick test and comparison of how AVG performs, I downloaded an antivirus test file from the European Institute for Computer Antivirus Research (EICAR). The file is actually not a virus, but antivirus programs react to it as such. For additional information about the test file, you can read the full details on the EICAR Web site. The program is a DOS file that displays the message “EICAR-standard-antivirus-test-file” when run.

EICAR offers the test file in four different types to more thoroughly test an antivirus program’s detection ability. These are:

  • In a Web link containing the ASCII text
  • In a text file
  • In a Zip file
  • In a nested Zip file

The nested Zip file, EICAR said, tests how deeply your scanner checks archives. If it just looks inside the first archive, it will miss the virus file, but if it looks inside the Zip file within the Zip file, it should locate it.

The enterprise antivirus program TechRepublic uses detected three of the four files immediately and quarantined them. I wasn’t even able to save them to my hard drive. I was, however, allowed to save the nested file to my local drive, but TechRepublic’s program did detect the test virus when I manually scanned the nested file.

AVG was also able to detect all four versions of the file. It did not, however, automatically quarantine them as the TechRepublic’s antivirus program had done. Instead, it allowed me to save the files to my local drive. When I ran the manual AVG scan on the files, it identified the EICAR file as a virus but could not delete it. I had to manually remove the file. AVG also features a Virus Vault in which it quarantined the file when I extracted it. I ran AVG once on the archive file to see if AVG would detect the test file, which it did. I then extracted the file and reran AVG to see how it would respond, and it sent the file directly to the Virus Vault.

Inside the Virus Vault you can attempt to heal the infected files or remove them altogether. If a file can be healed, you can restore it to its original location once it’s been repaired.

Tests and recommendations performed thorough tests of a large number of antivirus programs earlier this year and found AVG lagging behind most in terms of the number of viruses it detected. It’s hard to tell if those tests accurately reflect how well AVG currently performs, however, or if they were conducted before the program was fully updated. In contrast, in response to a previous article on low-cost antivirus solutions, many TechRepublic members recommended AVG as one of the best budget options available.

Overall thoughts
It appears the primary difference in performance between AVG and the brand-name product is that AVG didn’t automatically quarantine the test files upon detection. This is probably indicative of the overall differences between a bargain product like AVG and the mainstream products for which you pay a premium. Like an economy car, AVG gets you from point A to point B without a lot of luxury features. If you’re looking to save some money on your commute and don’t care about luxury features like heated leather seats, then the economy model is just what you need.

AVG is a good fit for smaller organizations or SOHO users who want no-frills antivirus protection. Enterprises however should probably choose a more robust product with a more streamlined installation, a friendlier user interface, and better product support.

For those who think AVG is right for them or their organization: AVG Server starts at $38 for up to two licenses and costs $300 for 30 licenses. AVG Server runs on Windows NT/2000 servers and MS Exchange 5.0/5.5/2000, Lotus Domino, Tiny Mail, and Mail602 e-mail servers. AVG Professional Multilicense, which runs on Windows 95/98/Me/NT/2000/XP, starts at $63 for up to two licenses and costs $370 for 20 licenses. This is roughly half what you’d pay for the big-name antivirus suites, and with AVG, the updates are free.