24.12.1999, 07:07

NAV Enterprise eases your load

Patrick Marshall

Norton AntiVirus Enterprise kaitseb arvutivõrke viiruste eest ja muudab lihtsamaks võrguadministraatori töö.

YOU'VE TESTED your systems and made your network year-2000 compliant. You can sit back and enjoy the most stupendous New Year's party ever -- or can you? If you haven't also locked down your e-mail servers and deployed the latest anti-virus updates, you may be leaving your enterprise vulnerable to the greatest onslaught of viruses ever attempted. According to some estimates, more than 30,000 threats of new year-2000 viruses have been noted by law enforcement agencies. Imagine what could happen if just one or two of them found their way into your network.

The Gartner Group calls this threat "a clear and present danger" -- all the more reason to intensify your efforts in protecting your enterprise from virus attacks on Jan. 1, 2000. An effective enterprise-scale anti-virus tool must do more than just recognize and deal with viruses -- it must also offer easy-to-use management tools that will ensure the software is deployed and ready to catch viruses at every potential point of entry.

That's the goal of Symantec's Norton AntiVirus (NAV) Enterprise Solution 4.0 . Thanks to the new centralized management tool, Symantec System Center, it succeeds. Other products -- most notably Network Associates Total Virus Solution and Computer Associates InoculateIT -- offer similar integrated enterprise-level anti-virus tools, but I haven't seen a package that's easier to set up and configure than NAV Enterprise.

It can save your business money by protecting your system against data loss and the expense of recovering from virus attacks. And its ease of administration offers that protection with a relatively low cost in terms of staff time.

Symantec System Center, a snap-in to Microsoft Management Console, offers centralized control of NAV components plus other Symantec products. It lets you manage multiple anti-virus servers, both NetWare and Windows NT, as well as all attached clients from a single interface. You can set anti-virus policies, as well as launch, schedule, and configure scans on servers and clients. You can either examine and scan clients individually or launch a mass scan of all clients and servers on the system.

It also comes in handy for centralized updating and reporting chores. You can use it to distribute program updates, virus definitions, and configuration files to network servers and clients. System Center provides thorough, centralized event logging, complete with query and sorting tools that make tracking down virus threats in the enterprise easy.

But bear in mind that these reports are server-group based. If you want to generate reports that cover multiple server groups, you'll need to export them to comma-delimited files and bring them into a third-party reporting application.

Most importantly, System Center lets you lock down client configurations to prevent users from disabling the protection or modifying settings. And, just in case users delete NAV's program files in a last-ditch effort to get around the program, you can set the program to automatically install new files the next time the user logs in.

Symantec's anti-virus credentials are well-proven, so it's no surprise that Norton AntiVirus Corporate Edition 7.0 -- the main anti-virus engine in NAV Enterprise -- snagged each of the viruses in my batch of nasty test critters, including the Jerusalem, Anthrax, and Empire Monkey viruses.

This package includes all you need to protect all of the entry points to your network. In addition to the Corporate Edition for Windows, the suite includes NAV Corporate Edition 7.0 for NetWare, NAV for OS/2 servers and clients, NAV for Macintosh clients, NAV for Notes (running on NT and OS/2), NAV for Microsoft Exchange, NAV for Internet E-mail Gateways, and NAV for Firewalls.

I also tested NAV's virus-recognition capabilities by attaching files to e-mails that contained a couple of dozen different viruses including boot viruses, macro viruses, and viruses embedded in executables. NAV Enterprise caught them all, including those in compressed attachments.

Although NAV Enterprise depends primarily on definition files to recognize viruses, it provides for heuristic detection of unknown viruses. When it detects suspect behavior in a file, such as changes in file size, the program sets up a virtual computer and runs the suspect program there to look for signs of viruses.

NAV Enterprise gives you full control over what happens when it snags a real or suspected virus. By default, it will attempt to repair any infected file. If that fails, the file will be moved to a quarantine folder on the local system. You can adjust these procedures to suit your needs. You might, for example, have all infected files sent to a centralized quarantine server on the network to isolate and examine them. You might also have NAV automatically repair macro viruses and only alert you if boot viruses or viruses attached to executables are found.

This release needs work in only two areas. I'd like to see a single installation routine for setting up NAV and the Symantec System Center. Also, although the program provides a utility for remotely installing software to NT and NetWare servers, it does not yet provide remote installation to clients.

These quibbles aside, the inclusion of the new Symantec System Center definitely gives the Norton suite of anti-virus products a new appeal to enterprise administrators. Other products provide anti-virus tools at least as good as NAV Enterprise Solution 4.0, including Dr. Solomon and InoculateIT, but they certainly are not easier to implement and administer.

Kommenteeri Loe kommentaare