The InfoWorld Test Center assesses the readiness of 10 anti-spyware operatives for active enterprise duty
Real-time protection for VirusScan stopped all of the viruses cold but did allow a couple of crafty adware pieces through. Much like the real-time protection in Trend Micro Anti-Spyware for Small and Medium Business, VirusScan waits for a write operation to inspect the file. Although it was able to stop most of the attacks, it didn’t stop them all.
To check VirusScan’s cleaning ability, I created an on-demand scan job and launched it from ePO. The scan located and cleaned the pesky programs and returned the system to a clean state. One nice feature in VirusScan’s cleaning utility is its capability to mark a file for removal later; for instance, during an overnight scan. This feature helps eliminate system hangs during a clean operation or a pesky reboot in the middle of a workday.
VirusScan’s resource usage was on par with most other products, chewing up about 62MB of RAM at rest, and 78MB and 98 percent CPU utilization during a scan-and-clean operation. In fact, one time the system became so unresponsive during a scan that the only way I could regain control was to power-cycle the system.
Where VirusScan Enterprise and Anti-Spyware shine is in the reporting capabilities. Rivaling only LANDesk in comprehensiveness, VirusScan uses Crystal Reports and allows administrators numerous ways to view activity on the network, from top infected machines to current outbreaks. Each report has a wide range of filters that can be applied to further create the specific reports needed. Each report is interactive, allowing an admin to click and drill down for more detailed information.
Enterprise administrators are always looking to eliminate or minimize the number of consoles they have to deal with on a daily basis. VirsuScan Enterprise and Anti-Spyware make excellent use of ePolicy Orchestrator, an awesome management platform. Its real-time protection is weaker than that of some others, but its scanning and cleaning abilities are right near the top. Management is inherently cumbersome due to all of the options available, but the excellent reporting engine makes ongoing monitoring much easier.
Sunbelt CounterSpy Enterprise 1.5
CounterSpy Enterprise 1.5 was one of the easiest products to deploy and configure, with all policy options nicely tabbed and logically laid out. Real-time protection was average, and follow-up scans proved to be effective at wiping any existing traces away. I found the Crystal Reports engine to be just as easy to use, but reports didn’t benefit from Crystal’s drill-down feature.
CounterSpy Enterprise is a pure-play anti-spyware solution that does not include client firewall services or anti-virus protection, although they are planned to follow soon. It does coexist well with the Windows XP firewall and Norton AntiVirus. Installation was straightforward and one of the easiest to complete. I installed the management console on a Windows 2003 Server and easily pushed the agent to my Windows XP Professional clients.
Policy creation is very intuitive and allows for quite a bit of flexibility. After a policy is defined, admins can add computers to it by searching the Active Directory or by viewing PCs in the local workgroup. As the policy attempts to update the selected PC, if the agent isn’t already installed, the Agent Deployment Wizard takes over and walks you through the process.