Enterprise anti-virus software

Symantec's Corporate Edition offering is a real heavyweight, capable of supporting thousands of clients running a mix of operating systems. Clients are available for Windows, Linux and Novell NetWare, although the core system components, comprising a System Management Centre, an AntiVirus Management Server, a Reporting Server and a Quarantine Server, are all Windows-based.

The software can be configured with several instances of Management Servers and Management Centres deployed across the network, and careful planning of a complex installation beforehand will be time well spent, building in load distribution and resilience factors right from the start.

Administering software in a large network environment can be a complicated business, and Symantec has addressed this with a management system that can divide a network into groups, with each group having a primary management server, several clients, and secondary servers for resilience. Symantec advises having at least one secondary server.

Clients retrieve their updates from the group management servers, which in turn retrieve their updates from either the primary server or from Symantec's own LiveUpdate servers. This minimises Internet traffic while spreading the load on the LAN. Updates can be scheduled to occur at different times to distribute the load still further if required. This worked well during testing.

Remote deployment is essential in larger networks. Once the initial installation is completed almost everything else can be deployed from the Management Centre, including any secondary management servers. The system offers standard options that should suit most purposes, but also provides the means to tailor Windows client installations to any specific needs. Although the majority of systems are still running 32-bit Windows software, the inclusion of clients for 64-bit Windows systems is an important future-proofing factor. These systems are appearing on corporate networks in larger numbers, and there are specific viruses around that target them.

During testing the system detected and reported our viruses, although it did not comment on our remote control software. In fact, only Kaspersky's software detected it. The system offers a wide range of alerting options including e-mail messages, broadcast messages and SNMP traps. User programs can also be set to run when specific alerts occur, allowing an increased range of responses to meet particular needs.

All management systems need reporting and logging facilities and the larger the network the more important it becomes to be able to home in on the important items. Symantec's software uses separate servers for the reporting functions to cope with the volume of information generated by large networks. This also allows routine report generation to be a separate activity that can be delegated to less technically skilled support staff. A number of predefined reports are available, and customised reports can be set up using combinations of filters and rules to cater for specific needs.

With its ability to handle thousands of clients and management software that can cope with a huge volume of data, Symantec's system is ideal for larger networks and one of the most impressive products on test. It also offers future-proofing in the form of 64-bit Windows client support plus the option of installing reporting functions on separate servers. A well-deserving award winner.

Verdict

A mature and flexible system for the corporate network