Windows Foundation

Top Third-Party Tools

Sysadmins can't live by Windows 2000 alone. Check out these handy antivirus protection and backup/restore programs that can help you get through the day.

As high-priced management consultants like to say (and to charge you for saying it), there comes a time when you have to think outside the box. In this case, I'm referring specifically to Windows 2000 and its native toolset. Now that you've worked with Win2K for some time, you've probably discovered its strengths and weaknesses. I want to share my discoveries with you this month as I present a couple of third-party tools that are a necessary part of your Win2K installation.

Basically, I'm presenting two products that perform functions not included in Win2K or functions that Win2K doesn't perform as well—namely, virus protection and backup and restore.

Virus Protection
With the spread of the Sircam and Code Red viruses, Win2K novices and gurus learned something new about virus protection. As an MCSE consultant, I've worked with several virus-detection applications and have settled on Trend Micro's OfficeScan as my top choice. I've found that OfficeScan is a simple install, and it operates in a cohesive client/server manner. That is, both the server and client computers are protected as a whole system (you don't install the client-side components separate from the server-side protection).

OfficeScan is a bundle of Trend Micro products that's priced significantly lower than if you purchased these components individually. Another point is the integrated installation routine that basically works well. But what really stand out for me are the OfficeScan management tools and the use of the logon script to update the network clients at each logon.

For managing the basic input/output scanning operation, you use the OfficeScan Management Console (see Figure 1).

OfficeScan Workstation Admin
Figure 1. The Workstation Administration view allows you to assess the current virus protection status of network clients. (Click image to view larger version.)

Note that the Workstation Administration view allows you to configure the network clients with options on the left side, including the ability to force a scan at the workstation with the "Scan Now" button. The Server Administration view (Figure 2) lets allows you to observe and configure various server-side options.

OfficeScan Server Administration
Figure 2. The Server Administration view gives you the opportunity to observe and configure various server-side options. (Click image to view larger version.)

Another critical configuration screen with OfficeScan is the Update and Upgrade screen (Figure 3). You'll note that important update information is displayed, allowing you to access how current the virus protection on your network is.

OfficeScan Update/Upgrade
Figure 3. You can access update information via the Update and Upgrade screen, which allows you to see how current your network virus protection is. (Click image to view larger version.)

Best Practice: I wasn't entirely clear how to use the update OfficeScan via the Internet. That is to say, I was initially baffled by the auto-update if you add ISA Server 2000 to the picture, which is a typical setup when you're working with Small Business Server 2000 and BackOffice Server 2000. It was clear enough that you'd click the Auto Update button under the Update and Upgrade listing on the left side of the OfficeScan Management Console; but instead of putting in the server name (e.g. NHM1) or the server's IP address (either internal or external) in the HTTP Proxy field, I had to manually type localhost. This undocumented step is shown in Figure 4.

OfficeScan Proxy Config
Figure 4. Configuring the Internet Proxy for Trend's OfficeScan. (Click image to view larger version.)

And then there's the ScanMail component of OfficeScan (Figure 5), which provides both scheduled and real-time scans against Exchange 2000 Server-based e-mails. While I don't want to distract you by going into excruciating detail here, ScanMail can be richly configured (e.g. attachment blocking).

OfficeScan ScanMail for Exchange
Figure 5. The ScanMail component provides scheduled and real-time scans against Exchange 2000 Server-based e-mails. (Click image to view larger version.)

Best Practice: Assuming you run Exchange 2000 Server, which is a reasonably safe bet for many MCSEs, the following applies to you: Trend and other virus-detection application vendors are eagerly awaiting the release of Exchange 2000 Server Service Pack 1 (SP1). Why? Because Exchange 2000 SP1 corrects a few things in the application programming interface (API) that allow third-party virus-protection programs to scan incoming and outgoing e-mail in real time. Note that these Exchange 2000 Server virus-detection applications can already perform scheduled scans against the storage group (where the e-mail is stored), just not in real time. This will be fixed in SP1. Note that, if you used Trend Micro's OfficeScan 5.0 for Small Business Server 2000, you need to download ScanMail version 5.1 to correctly interact with the new Exchange 2000 Server service pack.

Oh, and I must mention that Trend Micro's products, more than any other virus-detection application I've used, is minimally invasive. Compare that to the Symantec's Norton anti-virus offering. It has been my experience that the Norton virus-detection application likes to come to dinner and never leave—that is, once Norton is installed on a Win2K system, it's amazingly difficult to remove it, and even then some applications get upset along the way. Trend Micro's products such as OfficeScan are good neighbors on a Win2K box.

Backup and Restore
Close to or equal in importance to virus detection is backup and restore. The question is: Should you use improved native Win2K backup application in lieu of a third-party solution? I respectively submit that no, the native application likely won't meet your mission-critical backup and restore needs in the long run. I say this for a couple of reasons:

  • Application agents—Third-party backup applications truly differentiate themselves by adding application agents. That is, the native Win2K tape backup application doesn't have agents for SQL Server and, arguably, the Exchange agent is a tad feature-light.
  • Logs and reporting—Maybe I'm just in a fussy mood, but the darn reporting in the native Win2K backup application is inconclusive. It doesn't report "success" or "failure." Rather, the logs are detailed reports of backup activity and require a fair amount of study to understand them. A full featured backup program's strengths are often in the numerous reporting functions it provides.

So my vote for an acceptable third-party tape backup program in the world of Windows 2000? Backup Exec from Veritas gets the nod. Backup Exec uses a console (see Figure 6) to allow you to select different tape backup and restore-related tasks. The current version for Win2K is version 8.6.

Backup Exec
Figure 6. Backup Exec is a reliable program, which uses a console that allows you to select different tape backup and restore-related tasks. (Click image to view larger version.)

Best Practice: I've received e-mails from MCSEs who have asked how can they take their careers to the next level, beyond the Win2K administration skills taught in this column. My response is "look above." Suppose you're an MCSE with Win2K administration skills (along with the majority of Win2K MCSEs).

Additional Info

Trend Micro OfficeScan, $300 for 25 users
Trend Micro
http://www.trendmicro.com

Backup Exec, $795
Veritas Software
http://www.veritas.com

How do you distinguish yourself and increase your compensation at the same time? Simple—choose a niche that's in high demand. Both Trend and Veritas have extensive classes you can take to master the lucrative intricacies of virus protection and disaster recovery (which includes backup and restore).

So there you have it—a couple of third-party tools I consider mandatory for any Win2K site. Don't get caught without some form of virus protection and backup routine-or ye shall suffer the consequences!

comments powered by Disqus

Reader Comments:

Fri, Nov 2, 2001 uwe germany

this is useless because it`s just advertisement. It`s kind of spam.

Tue, Oct 23, 2001 Bob USA

I have been using Veritas Backup-Exec for six years and find the product solid and trouble free. But it's not a load, use it, and forget it type of product. I've also used ArcServe in a Novell environment and hated it. Crashed and burned daily, never new if you were going to get a backup or not, maybe their newer products are better I have just been burned one to many times. I have tried many version of anti-virus software and until they come up with a product that is self relient in finding and eliminating virus attacks none are worth your money. We spend thousands of dollars a year on anti-virus protection and if you are one of the unlucky ones to get hit first you just wasted your money.

Mon, Oct 22, 2001 JCLyow Ottawa, Ontario Canada

No new information here...
I want to see a head to head of Veritas compared to CA ArcServe IT. Come on, any MCSE worth his salt knows whats important, what we want is analysis of the products and true dirt comparisons. Backup times, data recovery issues, analysis of the agents, problems, usefull tools etc.
What about Norton Ghost for complete backup (and fast recovery), or your base load OS, for both servers and workstations. When you build a server, get it just right, then clone it. If it fails, reclone it, no problem.

Sun, Oct 14, 2001 JohnD Dublin,Ireland

As a Field Service engineer firefighting for a lot of companies, I would definitely give a high thumbs up to Norton and to Sophos antivirus packets (a big thumbs down to the troublesome McAfee/Dr Solomons) and Arcserve and Backup Exec for the backups.

Wed, Oct 10, 2001 Steve St. Louis

Could have talked about more options. Does not contrast products.

Tue, Oct 9, 2001 Anonymous Anonymous

Sybari makes a much better email antivirus suite that anything on the market. all the rest of this article was pretty lame

Tue, Oct 9, 2001 David Miami, FL.

just a question... one that is obviously pertinent to "backing up" is, if for whatever reason your system crashes, and you can't even boot to windows, how can Backup Exec help you then? Do you have to first start by re-installing the OS, then the backup software and then do a recovery from tape or whatever you backed up to? or can you do a recovery from a dos prompt (preferred) of the entire thing?

Tue, Oct 2, 2001 Andrew Barcus Davenport, Iowa, USA

Everyone knows that they need a backup package and an antivirus package. I want to learn about other kinds of tools are out there that can help us with tasks we don't know much - perhaps Security Analysis, or alerting the administrator via pager for certain error conditions.. I'll pretend to quote David Letterman in an early staff meeting "A top two list is not very interesting."

Wed, Sep 12, 2001 Jon London

I was expecting a useful analysis of the various Backup and A-V options about, instead I read a corporate brochure.
As good as these solutions might be, the alternatives are viable options. ARCserveIT as a backup product (NT Backup is just a half hearted attempt, and no good for real IT disasters) is almost as good as Backup Exec, and a lot cheaper, I currently use BE but have, on occasions, suggested ARC Serve IT as an option.
I also us Sophos Anti-Virus as an A-V product: Their Techsupport is second to none, they have a viable dounload update size measured in 10's of Kb, rather than than Mb! We all have favorites, what's your's?

Tue, Sep 11, 2001 Anonymous Anonymous

I'm just an MCP at the moment. I think he's got a very good point. Backup Exec is very easy to use, does the job, and once you sit down with it for a few days (hours) you can then put it on your resume (CV) as able to come up with backup solutions and data recovery strategies using various backup programs (Windows Backup and Backup Exec!!) as Backup Exec is good for all makes. For those having trouble getting a job at entry level it's well worth while looking at.

Sat, Sep 1, 2001 Mike Anonymous

Pure advertising hyperbole.

Wed, Aug 29, 2001 Andrew Anonymous

InocuLAN failed to detect and clean SirCAM virus and some others even with the latest virus signatures. I am switching to Norton Anti-Virus.

Wed, Aug 29, 2001 Anonymous Anonymous

What's wrong with InocuLAN?

Wed, Aug 29, 2001 Mr. Anonymous Anonymous

How about a FREEWARE 3rd Party Tools?

Tue, Aug 28, 2001 Anonymous Anonymous

not something extra-ordinary?

Tue, Aug 28, 2001 Anonymous Anonymous

was there a kickback involved with this?

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.