By now it should go without saying that companies without a coherent anti-virus strategy are asking for trouble. The bottom line is that network-wide infections cost businesses money – big money – so there is no excuse for failing to protect your assets. There are certainly plenty of software choices and the latest eTrust Antivirus 7.0 from Computer Associates delivers enterprise level anti-virus protection for servers and workstations along with quality management features.
The new version aims to provide a complete safety net for the entire network and now offers virus scanning for PDAs, workstations, servers, MS Exchange and Lotus Notes. With viruses proliferating at an alarming rate it pays to keep your signatures bang up to date and Antivirus now allows clients to search for a secondary server if the main signature server fails.
Trend Micro started a handbag fight earlier this year by offering a service to remove any competitor’s antivirus software and Computer Associates now joins in by including a utility to wipe out any existing antivirus software prior to its own installation.
The eTrust package consists of three main components – an administration console, a real-time scanner and on-demand scanner. A remote install utility is provided for deployment to other systems which uses an ICF (installation command file) to ensure the same settings are applied to multiple systems. It displays all networked systems for easy selection and you add those that are to receive the software to a list and decide which ICF file to apply. However, this only supports Windows NT4, 2000, XP and 2003 and a login script linked to a shared directory must be used to deploy to Windows 9x and ME workstations.
The administration console can be accessed from the central server or remotely from another workstation. It provides a simple interface that hasn’t seen too many changes over the past couple of years. Nevertheless, it keeps everything neat and tidy under an Explorer-style tree menu. A discovery routine on selected subnets gets things under way as this displays all systems that have the antivirus software installed. The routine can be scheduled to run at regular intervals. You can then create various containers to represent, for example, offices, departments or logical networks and drag and drop each system into the relevant group.
Antivirus measures are easily deployed across the network by assigning policies to the various container groups. For the real-time scanner you can determine what files are to be scanned or excluded from the process and how the software reacts to an infection. You can block specific file extensions, even if they aren’t infected, as well as choose from two different scanning engines – CA offers the standard InnoculateIT version plus the less well-endowed Vet engine from its EZ Antivirus personal software. Obviously, you don’t want users mucking about with local settings on the real-time scanner so you can lock them out by denying them access.
Email options are extensive, with specific policies for both Exchange and Notes capable of being used to determine whether to scan incoming and outgoing messages, the level of scanning and how infected attachments are to be treated. Notes policies also offer a range of notification options so you can advise the sender and administrator if an infection is spotted. Overall, the policies were simple to create and easy to assign. You merely right-click on a policy and choose a container, or an individual system, from the list displayed.
Alerting options are better than most of the competition as an Alert Manager service allows you to send warnings to a wide range of destinations including a pager, MS Exchange, Lotus Notes, SNMP trap and the NT Event Log. Users also get to play with the software, if you let them, as they can access their own local copy of Antivirus for on-demand scans on drives or folders of their choice.
This latest version doesn’t see any radical improvements although the Exchange and Notes protection options are welcome additions. Our only real criticism is that the supplied help files and documentations could be improved considerably. Otherwise this is a powerful network antivirus product that is comparatively easy to install and configure and offers an impressive range of administrative and alerting features.