Windows IT Pro is the authoritative and independent resource for windows nt, windows 2000, windows 2003, windows xp. Features a collection of resources and magazines for windows IT professionals.
  
  
  Advanced Search 


May 2008

Enterprise Antivirus Software

Protect your network
From the May 2008 Edition
of Windows IT Pro
Gayle Rodcay
Buyer's Guide
InstantDoc #98441
Windows IT Pro
Email this Article
Printer Friendly
Reader Comments
Digg This
Del.icio.us
RSS
Subscribe to Windows IT Pro | See More Antivirus Articles Here | Reprints | Or get the Monthly Online Pass—only $5.95 a month!

I would venture to guess that virtually every computer network has had to deal with the downtime and expense of recovering from some type of malware infection. According to AV-Test (www.av-test.org), an independent antivirus software testing lab, 2007 saw record numbers of computer viruses, worms, and other malware, and 2008 is continuing that trend. Naturally, prevention is less costly than recovery—but how do you choose from the myriad of antivirus or anti-malware solutions on the market? Let’s look at some things you should consider when choosing an enterprise antivirus product, and then you can check out the product comparison table to find the best one for your organization.

Choices, Choices
Today’s antivirus market includes products that protect file servers, email gateways, Web browsers, and desktops. They may be standalone products or part of an integrated security suite that might include a firewall, intrusion detection system (IDS), intrusion prevention system (IPS), Network Access Control (NAC), and spam filtering. You can choose from desktop solutions or server-side solutions that offer centralized control for deploying, configuring, and updating the software and that eradicate malware threats before they infiltrate your network. Security appliances as well as hosted and managed security solutions that outsource the management details of your security strategy are also gaining in popularity. Because of the wide array of solution types, we’ve limited the scope of this Buyer’s Guide to server-side enterprise antivirus products.

Features and Functionality
At a minimum, your antivirus solution needs to be compatible with your enterprise OSs and be able to scale and grow with your organization’s needs. It should provide frequent automatic signature updates and alert generation when an event is detected. In addition to detection, your solution should provide quarantine or removal functionality and perhaps healing capabilities for suspicious content. Antivirus technology is continuously evolving, so here are some additional features and functionality you should keep in mind.

Scanning engines—the more the merrier. Many antivirus solutions use more than one engine to scan for security threats. No antivirus scanning engine catches 100 percent of viruses. Therefore, using a product with multiple scanning engines can usually pick up the occasional virus or worm that might sneak by a single-engine product.

Detection types—keeping up with new viruses and variants. Most antivirus products detect viruses by using signature-matching technology, which identifies a virus by a specific code sequence. But in today’s fast-evolving security environment, when new virus variants crop up by the minute, signature matching isn’t enough. Many products now use heuristic scanning and behavior monitoring to identify typical infection methods and suspicious behavior that might indicate virus variants before a signature is available. Unfortunately, these methods can also provide a high number of false positives.

Scanning options—what, where, when. Antivirus products should scan memory, all drives, and the registry. Many now offer scanning of removable devices such as USB drives. They should offer scheduled scans and on-demand scans, and many offer continuous background scanning. Another useful feature is the ability to whitelist items to be ignored or excluded during scans. Reports of the scan log files should be available or portable to your desired format. Reports are important tools for letting you see how many and which viruses have been blocked and where the most popular sources of infection are.

Viruses, worms, and Trojans, oh my. Simply detecting and blocking a virus in an email is no longer sufficient. An antivirus program should detect viruses, worms, Trojan horses, Web threats, rootkits, and other forms of malware that threaten your network security. Your solution should also give you the ability to block certain file types such as .exe, .bat, or .asp files.

Do the Legwork
Of course the most important evaluation criterion for an antivirus solution is performance: high threat detection rates, with few false positives and low impact on business operations. However, performance is beyond the scope of this Buyer’s Guide, so we’ll leave that part of the evaluation to you. But fear not, there’s help. Antivirus testing labs such as AV-Test, ICSA Labs (www.icsalabs.com), and AV-Comparatives.org (www.av-comparatives.org) have done the performance testing for you. So after you have your short list of products that best meet the needs and wants of your organization, visit one or more of these sites for help in determining how the products stack up against one another performance-wise. And don’t forget, most vendors (including all those listed in the product table) offer fully functional trial versions so you can try before you buy.

End of Article

Reader Comments

You must log on before posting a comment.

If you don't have a username & password, please register now.




Learning Path Windows IT Pro Resources
"Forefront: Safety Belts for Windows"

"Policy-Based Management of Desktop Antivirus Products"

"Rise of the Rootkits"

"The Pitfalls of Antivirus Solutions"
Top Viewed ArticlesView all articles
Microsoft: Save Money ... By Paying for Software

Microsoft this week adopted an interesting tactic in its long-running battle with open source software: Businesses looking to save money over the long haul should simply pay for software instead of moving to free, open source solutions. The rationale? ...

PsExec

This freeware utility lets you execute processes on a remote system and redirect output to the local system. ...

Reader Challenge for December 2008 and November Winner

An IT consultant's customer asked if he could change the default login process to eliminate the Ctrl-Alt-Del sequence. The catch was, it was in Vista. ...
Related Articles Rise of The Rootkits

Policy-Based Management of Desktop Antivirus Products

Forefront: Safety Belts for Windows

The Pitfalls of Antivirus Solutions
Security Whitepapers The Impact of Messaging and Web Threats

Why SaaS is the Right Solution for Log Management

Protecting (You and) Your Data with Exchange Server 2007
Related Events SQL Server 2008 – Can You Wait? | Philadelphia

SQL Server 2008 – Can You Wait? | Atlanta

How IE7 & The New Extended Validation SSL Certificates Impact Your Site

Check out our list of Free Email Newsletters!
Security eBooks Spam Fighting and Email Security for the 21st Century

Understanding and Leveraging Code Signing Technologies

A Guide to Windows Certification and Public Keys
Related Security Resources Become a VIP member of the Windows IT Pro community!
Get it all with the VIP CD and VIP access. A $500+ value for only $279!

Subscribe to Windows IT Pro!
Solve your toughest technical problems with our experts and access 10,000 + articles online. 30% off

Monthly Online Pass - Only $5.95!
Get instant access to 10,000+ articles from Windows IT Pro Magazine!

TechNet Virtual Labs
Evaluate and test Microsoft's newest products.



ADS BY GOOGLE

Job Openings in IT SPONSORED LINKS FEATURED LINKS
Register for Orion NPM v9 - Evaluation
Affordable, easy-to-use network performance management with SolarWinds Orion – Free Trial!

Want a Hardware-Independent Image?
Binary Research, the Ghost people, shows you how to clone with 1!

Maximize speed, performance and reliablity of your PCs and servers—automatically!
Speed Up Your PC! Try Diskeeper 2008 with InvisiTasking Free Now!

Order Your Fundamentals CD Today!
Register today for your in-depth copy of one of three Fundamental CDs on the following topics – Exchange, SQL, and SharePoint.

Implement a Successful Archiving Solution
View this web seminar to learn the best practices for creating an email archive that is secure, compliant, and searchable.
Protect Your Company’s Digital Assets
Do you know the risks of sending important files over email or FTP? Read this white paper to learn what you can do to safeguard your company’s data.

Prepare Yourself for Exchange Catastrophe
Read this white paper to learn how you can keep Exchange server healthy, as well as predict and respond to server failure.

Boost Customer Confidence and Satisfaction
Read this eBook to learn how faxing can ease communication with less computer-savvy customers while reducing your security, compliance and support woes.
Windows IT Pro Home Register FAQ for Windows WinInfo News
Europe Edition About Us Contact Us/Customer Service Media Kit Affiliates / Licensing  
SQL Server Magazine Office & SharePoint Pro Windows Dev Pro IT Job Hound ITTV
IT Library Technology Resource Directory Connected Home Windows Excavator Windows SuperSite 
 
 Windows IT Pro is a Division of Penton Media Inc.
 Copyright © 2008 Penton Media, Inc., All rights reserved. Terms and Use | Privacy Statement | Reprints and Licensing