Vacating Viruses from the Enterprise Space
Trend Micro’s OfficeScan Corporate Edition offers
scalable, centrally controlled antivirus protection.
- By Chip Andrews
For a desktop antivirus solution to function in the enterprise
space, it needs to be scalable, centrally controlled and monitored, easily
updated and deployed, and strictly enforced. Trend Micro claims to deliver
this via its OfficeScan Corporate Edition server, desktop and centralized
management antivirus solution. Let’s take the software on a test drive
and see what shakes out.
At the server level, OfficeScan is an antivirus product that
runs on Windows 2000 and NT 3.51/4.0 or Novell Netware 3.12/4.10/4.11/5.0.
Desktops can be Win2K/NT, Win95/98, Win3.x or DOS; the client software
can be centrally deployed by an Active X-embedded Web page, NT remote
installation, Microsoft SMS, traditional system login scripts, or hard
disk cloning techniques. While at first I found the number of deployment
techniques impressive, after further investigation I realized that only
login scripts are a likely delivery option, as all-SMS-enabled or all-NT
homogeneous networks aren’t likely to exist in most enterprises.
To function as a centralized console for multiple servers,
OfficeScan includes the Trend Virus Control System (TVCS). Individual
servers, using a Win32 Management Console application, can set virus protection
levels, review virus activity logs and schedule scans. With the TVCS,
however, administrators can group and manage multiple servers from a centralized
HTTP interface. This interface is a great idea, but it seems a bit sluggish
and isn’t nearly as polished as the native Management Console.
OfficeScan handles virus alerts via SMNP, pager or e-mail,
and they can be centrally administered. But it would be nice if Trend
would expand on them a bit, allowing for more detailed messages. I’d also
like the option to launch my own custom executables.
For system administrators, virus signature updates are a
key area of concern. OfficeScan is designed to download virus pattern
updates from Trend’s Web site every two weeks. In addition, with OfficeScan,
you can effectively enforce policies so that end users can’t change settings
or uninstall antivirus protection. Enforcement settings are easily configured
and represent one of OfficeScan’s most impressive capabilities, as users
love to disable antivirus packages (Figure 1).
|Antivirus enforcement is one
of OfficeScan’s most impressive features. Note the capability
to control what users can and can’t do with the software. (Click
image to view larger version.)
If you’d like to take OfficeScan for a spin, you can download
an evaluation copy at www.antivirus.com/vlab.
There’s a reason that you may want to review this product from a distance.
The README.HTM file that comes with OfficeScan states the following: “Installing
the Windows NT client might prevent Microsoft Visual C++ 6.0 and Visual
Basic from running properly.” This statement alone can send developers
in your shop running for the hills, so if you’re thinking of implementing
OfficeScan, exercise caution and check with Trend first to make sure you
won’t run into compatibility problems.
Chip Andrews, MCSE+I, MCDBA is a software security architect at (Clarus Corp.). Chip maintains the (sqlsecurity.com) Web site and speaks at security conferences on SQL Server security issues.