Deployment and management
Deploying an antivirus product is "one huge problem" according to Eugene Dozortsev, assistant vice president of R&D at Computer Associates (CA), who added, not surprisingly, "we believe we have solved these issues".
There are four aspects to the problem. Firstly, antivirus software works at a very low level and often needs administrative privileges.
Secondly, systems managers need a way of checking that the software hasn't been disabled by users hoping to "speed things up a little bit".
Thirdly, antivirus updates must be applied regularly, but large installations face bandwidth issues if all users try to download the updates directly from the vendor. Finally, the antivirus software itself will require upgrading from time to time, and this presents the same problems as the initial installation.
CA circumvents these problems by designing its eTrust Antivirus products for large corporate environments. One of its customers--Microsoft--has a network of around 140,000 desktop PCs, according to Dozortsev.
The basic approach is to have a master server that is capable of automatically discovering the entire corporate network and installing a software agent on each computer.
This step requires a one-time grant of administrative access to each of the client systems, but that can be revoked as soon as the agent is installed. The eTrust Antivirus server can then push the antivirus software and any future update or upgrade files to individual PCs without human intervention.
Client settings are password protected, and the Policy Compliance Monitor can raise an alert if they are changed, or propagate new settings across the network. "We can create separate policies with arbitrary granularity," says Dozortsev. Policies can be applied to individual users or systems, or to groups or departments with drag-and-drop ease.
Although IT professionals are aware of the importance of keeping antivirus software up to date, it is also important for vendors to make ongoing management as quick and easy as possible.
Otherwise, there is a risk of infection occurring between the release of an update and its application to every PC within the organisation. For example, AAPT suffered a major Nimda infection because the antivirus update process was too time-consuming to carry out on a regular basis. Senior technical specialist Jan Chrbolka says this was one reason why the company switched to Sophos antivirus products.
Now, updates are handled automatically through a multi-stage process: an antivirus server collects updates from Sophos via the Internet and distributes them to file servers around the company. Then the antivirus software on each PC regularly polls its local server and pulls down any new updates.
Although some customisation was required, the setup process was "quite painless" according to Chrbolka.
Network Associates' McAfee operation has come up with an interesting variation on this theme using peer-to-peer technology for its managed antivirus service. When the client starts up, it polls a McAfee server to find out whether the definition file is still current.
If not, it tries to obtain the new file from another PC on the same LAN, and only if that fails does it download the update from McAfee. While the initial installation and update distribution can be handled by the same software (as in the case of CA's product), this is not essential. AAPT uses Novell ZENworks for the remote installation of new software coupled with the update-distribution feature built into Sophos.
Similarly, Antigen has its own centralised deployment and management features, but it can also be managed from NetIQ Security Manager, Biviano says.
Hello, I have to you very odd request. My name is Jiri Kurka and I'm from Czech Republic. You writed in your article about some specialist name's Jan Chrbolka. I'm looking forward my forepast classmate and friend from school and his family emigrate from CZ. I suppose that this Jan Chrbolka is he. Do you have some contact to this man? Can you help me please?
Thank you very much for you answer.
Jiri Kurka, Czech Republic