Enterprise anti-virus software

Any product that claims to be "optimal" has to be treated with scepticism. In this case, it refers to a product range covering Windows workstations, servers and Exchange servers, and includes administration software as well.

There are a number of improvements over the previous release, including a smarter update retrieval system designed to use the least busy servers. Updates can also be stored and redistributed locally, helping to conserve Internet bandwidth. The system can now refer to a list of trusted processes that will not be monitored, and client-independent e-mail scanning has been added, along with the ability to examine and disinfect Outlook and Outlook Express databases.

The Administration Kit provides the means to control and administer the anti-virus scanning software across networked computers. It needs either Microsoft SQL Server 2000 or MSDE 2000 database management systems with Service Pack 3 applied in both cases. We ran our tests using the supplied MSDE software installed on a Windows XP system with Service Pack 2 and chose to install both the administration console and server components on the same machine, but they can be installed on separate systems if required.

The entire process went smoothly, and we were pleased to see that it not only installed the management software but also tracked down all the computers on the network and installed agent software on each of them, leaving us with a system ready to download the latest scanning software and signature files.

The network agents provide an interactive capability, so that systems administrators can initiate certain functions such as system scans on individual systems without leaving their desks. They can monitor the status of any workstation or server in the system and obtain details of any running and completed scanning tasks.

Instead of a stand-alone application, Kaspersky has implemented the administration interface software as a plug-in for the Microsoft Management Console (MMC). The system can send alert notifications via email, and this information, along with all other related events is logged and reported at the management interface.

There is also a comprehensive report generation feature that can produce detailed analyses of errors and scan results, virus detection and details of workstations' anti-virus status, and this can produce either HTML pages or hard copy as required. A wizard is available that helps to produce new reports based on the existing templates, allowing additional refinements to be made.

During testing the software not only detected and reported our attempts to load our viruses but it also - impressively - detected our remote administration software, classifying it as "Riskware". It was the only product in the test to do so. The system continued to report it until we added it to the list of software to be excluded from further scanning. Suspicious items that are quarantined on the local computer can be accessed from the management console and dealt with as required.

All in all Kaspersky's system is comprehensive one. It has decent management features that allow administrators to be proactive as well as reactive, and was the only product on test to catch our remote control intrusion test. That "optimal" tag might be justified after all.

Verdict

A comprehensive and effective system for current Windows networks

Reqirements:

Windows NT/2000/2003/XP, and MSDE or SQL Server 2000 for the administration software