Network Protection | AntiVirus
Thursday, 09 February 2012 11:15
Network security technology de-facto implies that one should use antivirus software in the pursuit of safe networking. Even if you have chosen wisely and established layers of network protection via a firewall, setting proper permissions, enforcing password security for user accounts there are still many ways for intrusion: virus delivery via email, mobile data carrier like a CD or memory stick, web-download.

Popular question is: "What is the best antivirus?" You see, options greatly vary in
  • efficiency at protecting network security
  • impact on the system (overhead)
  • ease of management
  • cost

These are the four major parameters and the combination of those determines which antivirus option is just right. We'll consider small business server security with regards to each of the prime criteria.

Network Protection: Efficiency

This is the main criteria of course. The product must do its job well: intercepting viruses, repelling suspicious activity, providing preventive medicine against intrusions, etc. Various organizations tackle an nontrivial task of benchmarking antivirus products. It should narrow down our search and help us establish that we should only use antivirus software of such and such kind and stay away from this and that. If we look at the current state of antivirus affairs (late 2011): 

Detection efficiency for known threats from AVcomparatives.org
Detection efficiency for unknown threats from AVcomparatives.org

we'd find a dozen providers with high ratings on network security technology
G DATA ESET
AVIRA AVAST
PANDA McAFEE
F-SECURE TRENDMICRO
BITDEFENDER AVG
KASPERSKY NORTON
MICROSOFT PANDA

Updated charts as of 2013: http://chart.av-comparatives.org/chart2.php

When it comes to business email security it's a whole world in its own. It's expected that one would need to use AntiVirus software accompanied by AntiSpam content filtering system, Exchange integration, Outlook add-ons, etc.

Impact on the system (overhead)

When we use AntiVirus software it inevitably slows down daily operations for any computer, regardless of how powerful it might be. Real-Time protection shields take their time to complete a scan on files you access (read, write, execute). Scheduled scans can take a considerable amount of time to complete the task. Some AntiVirus programs become memory hogs leaving a user without much spare memory for an adequate work environment. However these days most computers come with lots of memory and this factor is not as critical as it used to be.

We'd use this resource on raymmond.cc to see which products behave respectfully and don't subdue computer resources to their own needs, at times slowing it down to a turtle pace. We'd learn that a computer running TrendMicro takes 50% longer to boot compared to AVG; a scan by Kaspersky antivirus takes 3 times longer than Avast; ESET or Microsoft consume ~50MB of RAM when idling vs 10MB by Norton; peak memory usage can reach ~250MB by BitDefender whereas Avast consumes 50MB at the most.

This illustrates that there is no universal solution. If a company runs a fair amount of budget / aged computers we'd want to choose AntiVirus software with a small foot-print. If there is plenty of memory, idling CPU cores and we're running on SSD drives then we should choose the most powerful product without thinking too much about how much resources the network security technology would consume.

Ease of management

We find that user interfaces of AntiVirus products on individual computers are intuitive and easy to understand. However in the small business server environment a network administrator wouldn't want to handle AntiVirus tasks on a per-computer basis. A centralized management console is a must-have; such application typically tackles these tasks:

  1. computer discovery and automated deployment of antivirus software
  2. controlling antivirus options for Real-Time network protection
  3. scheduling of scans for viruses
  4. updates of AntiVirus definitions and program itself
  5. reports, email notifications
  6. defining policies in case a threat is detected

Apparently it's not a trivial tasks to build a central console that would be user-friendly and yet versatile in its functionality. Over the years we've seen some coherent products as well as very raw or messy interfaces. Allora has been slightly involved in the development process for Avast's recent product - Business Protection, we are glad that our comments were heard and very pleased to see implementations of a couple suggestions. That shows how challenging it is to satisfy various network technicians with radically different philosophies and preferences.

TrendMicro is probably a leader in the category of user-friendly interfaces. Avira boasts well-written documentation making most tasks a breeze. BitDefender offers additional functionality for general purpose network administration aside from just AntiVirus options.

Cost

This is naturally the most important question for the owner of a business. Most companies provide a Small Business package and it's priced remarkably similar these days: 10 devices with 1-year coverage would cost $400. 3-year license would run about $800-900. Some companies like Avira charge noticeably more.

One player that stands out here is Microsoft and its Security Essentials solution that covers up to 10 computer for free.

Conclusion

As it's illustrated by our front-page Allora's choice fell on Avast for the purpose of small business server security due to its historically small impact on client computers, embedded support for business email security and affordable pricing compared to competition a few years ago. We are also supporting Kaspersky, Norton, ESET and Microsoft products.

 
Hover for comments:
Allora Consulting (Fri, 23 Mar 2012 13:34:26 -0400): Tom Emmerling ยท University of Notre Dame. Great! I know you are a business that supports businesses, but would the same recommendations hold true for home use? Allora Consulting Tom, typically free home editions (if applicable) just have certain features disabled compared to their business-level counterparts. Commercial products for home computers are very similar to their corporate versions. So, you can certainly trust AVcomparatives.org reports for home products and choose protection that fits your needs balancing [ cost , protection strength , system impact , interface ].