Product Reviews

Vacating Viruses from the Enterprise Space

Trend Micro’s OfficeScan Corporate Edition offers scalable, centrally controlled antivirus protection.

For a desktop antivirus solution to function in the enterprise space, it needs to be scalable, centrally controlled and monitored, easily updated and deployed, and strictly enforced. Trend Micro claims to deliver this via its OfficeScan Corporate Edition server, desktop and centralized management antivirus solution. Let’s take the software on a test drive and see what shakes out.

At the server level, OfficeScan is an antivirus product that runs on Windows 2000 and NT 3.51/4.0 or Novell Netware 3.12/4.10/4.11/5.0. Desktops can be Win2K/NT, Win95/98, Win3.x or DOS; the client software can be centrally deployed by an Active X-embedded Web page, NT remote installation, Microsoft SMS, traditional system login scripts, or hard disk cloning techniques. While at first I found the number of deployment techniques impressive, after further investigation I realized that only login scripts are a likely delivery option, as all-SMS-enabled or all-NT homogeneous networks aren’t likely to exist in most enterprises.

To function as a centralized console for multiple servers, OfficeScan includes the Trend Virus Control System (TVCS). Individual servers, using a Win32 Management Console application, can set virus protection levels, review virus activity logs and schedule scans. With the TVCS, however, administrators can group and manage multiple servers from a centralized HTTP interface. This interface is a great idea, but it seems a bit sluggish and isn’t nearly as polished as the native Management Console.

OfficeScan handles virus alerts via SMNP, pager or e-mail, and they can be centrally administered. But it would be nice if Trend would expand on them a bit, allowing for more detailed messages. I’d also like the option to launch my own custom executables.

For system administrators, virus signature updates are a key area of concern. OfficeScan is designed to download virus pattern updates from Trend’s Web site every two weeks. In addition, with OfficeScan, you can effectively enforce policies so that end users can’t change settings or uninstall antivirus protection. Enforcement settings are easily configured and represent one of OfficeScan’s most impressive capabilities, as users love to disable antivirus packages (Figure 1).

Trend Micro OfficeScan
Antivirus enforcement is one of OfficeScan’s most impressive features. Note the capability to control what users can and can’t do with the software. (Click image to view larger version.)

If you’d like to take OfficeScan for a spin, you can download an evaluation copy at www.antivirus.com/vlab. There’s a reason that you may want to review this product from a distance. The README.HTM file that comes with OfficeScan states the following: “Installing the Windows NT client might prevent Microsoft Visual C++ 6.0 and Visual Basic from running properly.” This statement alone can send developers in your shop running for the hills, so if you’re thinking of implementing OfficeScan, exercise caution and check with Trend first to make sure you won’t run into compatibility problems.

About the Author

Chip Andrews, MCSE+I, MCDBA is a software security architect at (Clarus Corp.). Chip maintains the (sqlsecurity.com) Web site and speaks at security conferences on SQL Server security issues.

comments powered by Disqus
Upcoming Events

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.