Sophos makes anti-virus protection more manageable

The recent high-profile outbreaks of the "Melissa" and "ExploreZip" viruses underscore the need for vigilant virus protection on every machine on an enterprise network. Vigilance is more than simply slapping a virus-protection package on a machine as it comes through the door and then forgetting about it; it means installing virus protection and ensuring that it is up-to-date and functioning properly.

Sophos Inc. offers a virus-protection solution with that requirement in mind in its Sophos Anti-Virus (SAV) product. SAV can be configured to meet a variety of needs in a variety of situations, including use on servers, clients and stand-alone machines.

SAV consists of two components—InterCheck and Sweep—that work together to provide virus protection. InterCheck ensures that every file accessed on a system is scanned for viruses by maintaining a list of virus-scanned files. If a system attempts to access a new file or one that has changed since it was scanned, InterCheck uses Sweep to scan the file for problems and then allows or denies access to the file. Administrators have a choice of three basic configurations:

* Deploying Sweep and the InterCheck server on a server and the InterCheck client on the clients. (Once installed on a server, the software can be deployed via log-in scripts to clients.)

* Deploying Sweep and InterCheck on the clients.

* Deploying SWEEP by itself to provide scanning only.

By offering this flexibility, Sophos allows administrators to pick the best configurations for their environments. You can maintain a central list of scanned files so that additional scanning on other workstations is minimized. You can offload scanning to servers to ease the burden on workstations, or vice versa. You also can deploy a stand-alone Sophos installation for machines that are not on a network.

SAV supports a wide variety of server platforms, including Microsoft Corp.'s Windows 3.1, Windows 95/98 and Windows NT, as well as Novell Inc.'s NetWare, several flavors of Unix, Compaq Computer Corp.'s OpenVMS and IBM Corp.'s OS/2. The Unix and OpenVMS versions of Sophos scan PC files stored on these systems for viruses. SAV client platforms include Windows 3.1, 95/98 and NT and Apple Computer Inc.'s Macintosh.

We configured SAV on a Windows NT server. We were able to set up SAV and get it running quickly. Although the multiple configurations of SAV can make setting it up a bit confusing, the excellent documentation and informative installer made the process simple.

After we loaded the software, Inter-Check scanned a new or changed file the first time it was accessed. After that, it would check files when they were opened again to see if the files had been changed and needed to be scanned again.

Sophos includes many options for alerting administrators to the presence of a virus. On Windows NT, these include the Event Log, Simple Mail Transfer Protocol mail and network communications. The options enable an administrator to track which viruses are found on the network and what paths the viruses are taking to get on to the network.

As new updates to Sophos become available, they can be deployed automatically to the clients on the network. This is a nice feature, but we would like to see more functionality for ensuring that clients are running Sophos. As it is, only the Windows NT version of the server will tell you which clients are running the software.If the recent outbreak of viruses has you rethinking your virus-protection strategy, Sophos' combination of ease of use and centralized management and reporting of virus protection make it worthy of your consideration.

-- Hammond is a Denver-based free-lance writer. He can be reached at ehammond@earthlink.net.

***

Sophos Anti-VirusSophos Inc.(781) 932-0222www.sophos.com

Price and Availability: The Sophos Anti-Virus server license is available on the open market starting at $595.

Remarks: If you're looking for an enterprise virus protection package with centralized reporting and management features, Sophos should be on your short list.

Featured

  • FCW Perspectives
    human machine interface

    Your agency isn’t ready for AI

    To truly take advantage, government must retool both its data and its infrastructure.

  • Cybersecurity
    secure network (bluebay/Shutterstock.com)

    Federal CISO floats potential for new supply chain regs

    The federal government's top IT security chief and canvassed industry for feedback on how to shape new rules of the road for federal acquisition and procurement.

  • People
    DHS Secretary Kirstjen Nielsen, shown here at her Nov. 8, 2017, confirmation hearing. DHS Photo by Jetta Disco

    DHS chief Nielsen resigns

    Kirstjen Nielsen, the first Homeland Security secretary with a background in cybersecurity, is being replaced on an acting basis by the Customs and Border Protection chief. Her last day is April 10.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.