Viruses and spam both pose an increasing threat these days, and not just to your data or productivity. Rather than hackers trying to break security systems for their own amusement, most current threats are financially motivated and can cost a company millions. And with viruses and phishing attacks growing increasingly more criminal in intention every day, securing financial, customer, and other critical data requires a rock-solid system of defense.

With all of the 'virus and 'spam vendors out there, many administrators may not be aware that Microsoft has its own product in this space: Antigen for SMTP Gateways Version 9.0, with Antigen Spam Manager (an optional module). (Microsoft picked up the Antigen technology when it acquired Sybari Software in 2005.)

Antigen's 'virus component proved effective in my testing, stopping all live and test viruses received. And the product allows for flexibility, as admins are free to decide whether to cover their bases thoroughly by activating all nine included filters or to speed up processing by enabling only one or two.

The 'spam component, however, was a disappointment, identifying only 82 percent of spam. Worse, it misidentified far too many legitimate messages as spam.

Installation of Antigen requires only Windows 2000 or 2003 Server for the SMTP version; the Exchange version can be installed on an Exchange 2000 or 2003 server. The latter offers additional functionality, such as allowing users to create and maintain their own 'spam whitelists rather than requiring the administrator to intervene and add addresses to the allowed-senders list.

Installation is easy and well documented. You may need to equip your system with additional Microsoft components -- such as the Microsoft SQL Server Desktop Engine, Microsoft MSXML Parser, or the SMTP server components -- before installing Antigen. Luckily, that's easy to do, and the manual walks you through the process well. Antigen uses the Microsoft SQL Desktop Engine (based on Access) rather than the full SQL Server, which may cause performance issues with large installations. It does offer a separate administration utility that can manage all Antigen instances running in the enterprise, however.

One issue I had with default installation is that it sets the 'virus component to update once a day, and in the case of the 'spam filter, only once and never again, unless you manually change the settings. If you don't set this to once an hour or once every 15 minutes, you may very well find your network infected with a new virus or barraged by a new spamming method.

You can create multiple rule sets and set each to filter using different 'virus engines or different 'spam rules. The 'virus engines are Antigen Worm, CA InoculateIT, CA Vet, Command, Kaspersky, Microsoft Anti-Virus, Norman Data Defense, Sophos Anti-Virus, and VirusBuster. Using all of them increases the odds of catching a new virus, although at the cost of boosting scan times and latency considerably.