Etrust antivirus signature version

In Virus Bulletin's tests with live viruses, EZ Antivirus earned the coveted VB percent rating 70 percent of the time in the last 10 Windows tests--a good showing, certainly, but not on a par with Norton AntiVirus, which earned the title on 10 of its last 10 tests.

Then again, these rates are comparable to those of Computer Associates' leading antivirus contenders, including McAfee, Symantec, and ZoneAlarm. Trend Micro, which provides a year of free phone support, is the lone exception here.

The Good Speedy scanning; creates minimal drag on system performance; scans inbound e-mail; support provides fast, free response to e-mail queries. Firewall and spyware detection not included; bare-bones interface; doesn't scan outbound e-mail; not much new for upgraders. EZ Antivirus isn't the most feature-packed virus scanner on the market, but it's certainly one of the fastest. Home and small-business users looking for speed should give it a try, but current users need not upgrade.

Its interface is as drab as they come, but then again, eTrust EZ Antivirus is blazingly fast--in fact, it's one of the speediest antivirus apps we've ever tested. And since it barely draws on your system's resources, it won't slow your work to a crawl during background scans. It was at this point that we experienced some installation problems and had to avail ourselves of CA's tech support.

Initially we were unable to "find" any of the target PCs on the network and had to tweak the settings to extend the timeout period amongst other settings. Then we were unable to push to a client that was a member of the server's domain, although we could easily push to any of the workgroup PCs. This required additional rejigging of some of the settings.

Unfortunately this all occurred close to deadline so we were unable to determine if the problems were specific to our network.

Once the problems had been ironed out it was quite simple to push the AV software to the nominated PC. From the console the target PC's settings can be altered and basic stats obtained. If you wish to have different sets of policies for different groups of users, new "branches" must be added to the organisational tree and the relevant users placed in each group.

Different blanket policies can then be applied to each branch. As can be seen from Figure 1 the tree structure is very easy to navigate and is divided into logical units such as "configuration settings" which includes e-mail polices and enforced policies the latter enables the administrator to setup various Alert policies, Realtime Scan policies, Schedule Jobs, and distribute signature schedules, for example.

In each case, multiple policies or schedules can be created and individually applied to various branches. Alerts can be quite finely customised to not only be sent to various targets but also the level of severity of the alert can be filtered and custom notifications configured for a large number of specific scan engine events--events such as "error scanning memory".

The installation of VirusScan was quick and straightforward on the target server, however the installation of ePolicy Orchestrator ePO while not particularly difficult is quite a long-winded process. Admittedly our target server did not have a resident database so ePO had that little chore as well, but even so there were a total of three system reboots and rather long file copy procedures before it was all over. The AV engine, VirusScan, has a very simple and basic interface--finding your way around it is relatively simple.

Manual scans from the console are not really possible in the strict sense of the word; you must create a "task" and then run it to perform the equivalent of, for example, "quickly scan this folder".

Of course you can simply right click on the target folder or drive and select the "scan for viruses" option from the drop down menu.

All the usual functions can be configured or defined such as actions to carry out upon detection, when and what items are to be scanned and this includes archive files and user-defined file types rather than the time wasting "all files". The scan engine has heuristics to help detect unknown worms and macros and there is a simple but effective Alert configuration that allows the user to define the various alert types, the response and the recipients.

Deployment and administration is handled by ePO and to be blunt, while ePO is very powerful, its ease of use and steep learning curve leave quite a lot to be desired when compared to some of the other packages. Admittedly it did not help that the CD-R version of the software we received was damaged and not all the documentation was accessible.

If you are a small business with, say, a single domain and or fewer PCs there is a small business wizard that takes a lot of the pain out of the configuration in that the downloading of the ePO agent to the PCs and the subsequent push of VirusScan are simplified.

But start talking multiple domains and a substantial number of PCs and the basic configuration tasks are up to the administrator. The basic steps are to first download the relevant packages to the repository using the "check in package" task. Configure ePO to push the ePO agent onto the client PCs in your domain and then run the "deployment" task after you first configure its schedule and the packages to deploy.

Once the whole shebang is initially configured, it's all relatively easy to administer and manage. Indivudual PCs can be targeted and their AV configuration tweaked remotely or a configuration policy can be applied at the Domain level to filter on down to the PCs contained therein. Should an outbreak occur, with ePO you can scan or update your entire Enterprise quickly and define an on the fly outbreak policy to lock everything up tight until you have a chance to suss out ePO's detailed reports and design a gentler policy that only protects the identified points of entry.

Installation of the software is relatively straightforward and certainly not as time-consuming as eTrust , for example. The interface for the AV engine itself is quick and easy and at first glance appears to lack the bells and whistles of some of the flashier interfaces. But when you attempt to configure the scan engine you find that it is actually quite powerful and flexible.

Immediate scans can be performed on selected drives, scans can be scheduled, and live resident memory scanning is handled by InterCheck Server. The executable definition files for scanning can be edited by the user and new file types added if required, although the list is quite extensive. The scanning engine can be configured to run at normal or low priority, it can perform quick or deep scans, it scans archives, and if required, adds the scan results to a checksum file.

However the Sophos scan times on quite a large collection of files was quite consistent regardless of which of the deep or quick scan options were selected. Immediate mode configuration allows the user to select how the scan responds to a virus and can be configured to disinfect Boot Sectors, Documents, and Programs.

Infected files can be renamed, deleted, moved, or copied to another location; there is also an option to irretrievably "shred" the offending file.

Deploying and administering the AV software enterprise wide is the responsibility of the Enterprise Manager, which for the most part has a logical and relatively easy-to-use interface. When the app is launched the user is presented with the "library configuration view". At this point the source of the virus updates for distribution from your server, which on the Sophos parent Web site is called a Databank, is defined and the update frequency scheduled. It was at this point that we became a little unstuck.

We set the download Web site to the Sophos default and could not manage to connect using the supplied username and password. To learn more about security intelligence updates, see Security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware.

If you're looking for a list of Microsoft Defender processes, download the mde-urls workbook , and then select the Microsoft Defender Processes worksheet. The mde-urls workbook also lists the services and their associated URLs that your network must be able to connect to, as described in Enable access to Microsoft Defender for Endpoint service URLs in the proxy server. Important This update is: needed by RS1 devices running lower version of the platform to support SHA2; has a reboot flag for systems that have hanging issues; is re-released in April and will not be superseded by newer updates to keep future availability; is categorized as an update due to the reboot requirement; and is only be offered with Windows Update.

Note If you are manually deploying Microsoft Defender Antivirus Platform Update, or if you are using a script or a non-Microsoft management product to deploy Microsoft Defender Antivirus Platform Update, make sure that version 4. Submit and view feedback for This product This page. View all page feedback.

In this article. Microsoft Defender update for Windows operating system installation images. Manage how protection updates are downloaded and applied.

Manage when protection updates should be downloaded and applied. Manage updates for endpoints that are out of date. If an endpoint misses an update or scheduled scan, you can force an update or scan the next time a user signs in. Manage event-based forced updates. You can set protection updates to be downloaded at startup or after certain cloud-delivered protection events. Here are the latest Insider stories. More Insider Sign Out. Sign In Register. Sign Out Sign In Register.

Latest Insider. Check out the latest Insider stories here. More from the IDG Network.