|
MacEnterprise List Topics - AntiVirus |
|
|
Written by Helen McLean
|
|
Friday, 10 March 2006 |
Recent events have placed a new spotlight on antivirus solutions for Mac OS X. Mac admins have had the luxury of not having to worry too much about viruses, trojan horses, and other malware, but that is changing.
The MacEnterprise.org mailing list is a great resource for first-hand experience with various products available for Mac OS X. Following is a summary of some of the recent anitvirus discussion topics. Caveat: It's always important to remind folks using computers to be sure of the source of files they download, inspect downloaded files and installers they try to run, and to be cautious when entering admin credentials, before they do so.
In the recent thread about antivirus, people discussed their successes and frustrations about antivirus management for the Mac. The applications that people mentioned most are CA eTrust, ClamXav, McAfee Virex, Symantec AntiVirus (SAV) and Sophos. Virex and SAV were mentioned most often.
CA
http://www.ca.com/smb/etrust/osx.htm
CA can handle antivirus for multiple platforms and can even use servers on any of the platforms to handle clients on all platforms. But the only real world experience mentioned on the list was difficulty configuring the Mac client: "if not configured correctly it can bring a system to it's knees."
Michael Perbix 22 Feb 2006
ClamXav
http://www.clamxav.com
ClamXav is a free product based on the open source ClamAV antivirus engine. Does not clean files (quarantine only).
McAfee
http://www.mcafee.com/us/products/mcafee/antivirus/desktop/virex.htm
Virex can handle virus for many platforms, but the ePO central managment can only be run from a Windows server.
Symantec
http://www.symantec.com/Products/enterprise?c=prodinfo&refId=825&cid=1008
Symantec seemd the most widely discussed and most flexible, at least from the experience of those speaking up. A couple of knowledge base articles discuss working with the LiveUpdate on the server, and both Josh Wisenbaker and Dan Ball discussed their own methods of managing the updates.
Scheduling LiveUpdate for all users using UNIX commands
http://service1.symantec.com/support/num.nsf/docid/2004052015282311
How to set up an internal LiveUpdate server for Symantec AntiVirus 10 for Macintosh clients
http://service1.symantec.com/support/num.nsf/docid/2005100616145511
Build Your Own Norton LiveUpdate Server
http://www.afp548.com/article.php?story=20050809090918558&query=virus
Josh Wisenbaker, 24 Feb 2006
Using wget
Basically what I did was compiled wget on the server......moved /usr/sbin/ftp to /usr/sbin/ftp_old. Set the proxy server to use in the /usr/local/bin/wgetrc file and told it to use the proxy. Then created a symlink from wget to /usr/sbin/ftp and /Library/Application\ Support/Symantec/ftp. Now when it updates it uses wget and works flawlessly! Just hope it stays that way...I don't wanna mess with it again!
Dan Ball, 27 Feb 2006
Sophos
http://www.sophos.com/products/es/endpoint-server/sav-mac.html
Designed for all-Mac networks, Sophos Update Manager allows updating and configuration from a single Mac computer. It enables you to set automatic updating, and to determine how scanning will be implemented on desktops and laptops.
The Enterprise Console runs only on Windows.
General Notes
Actually, you could set this [central management of AV software] up yourself with Apple Remote Desktop. Just create an "AV Update List" and whenever there's an update, you just select every client in that list, and drop the installer package on them, and install.
John Welch, 23 Feb 2006
 Add as favourites (82) |  Quote this article on your site | E-mail
Only registered users can write comments.
Please login or register. Powered by AkoComment Tweaked Special Edition v.1.4.4 |
|
Last Updated ( Friday, 14 July 2006 )
|
