We reviewed the workgroup edition of InoculateIT. It comes with a server version for Win NT 4 Server and clients for Win NT Workstation, Win 9x/3.x, DOS, and Macintosh. The workgroup edition supports only one NT server. So, if you have a large network with multiple NT servers, then you have to go for the Enterprise edition. InoculateIT has optional agents for Lotus Notes and MS Exchange mail servers.
Implementing the software is fairly simple. You just have to install InoculateIT on the server and clients, and you’re ready to go. It’ll reboot after installation after which it adds a real-time monitor that runs in the background, scanning files as they’re executed or written to and from the disk. It lets you choose the direction of files to scan (incoming, outgoing or both), and define the action to be taken upon virus detection (no action, deletion, cure, move, rename, etc). Further, you can choose the areas to protect and to leave alone, such as floppy drive, CD-ROM, hard drive, etc.
It has three main scanning modes—Fast, Secure, and Reviewer scan. Fast scan is the quickest, and checks only the beginning and end of each file—the location where a virus is most likely to be hidden. Secure scan scans complete files. And, Reviewer scan detects inactive viruses or those that have been deliberately modified. You also have a fourth option—Heuristic scan. This is an artificial intelligence technique used to scan for unknown viruses, that is, those whose signatures haven’t been identified. In this method, rather than using fixed algorithms to scan for specific virus signatures, it uses several alternative methods to detect unknown viruses. For example, it can look for virus-like patterns to detect a potential virus. If it detects an unknown virus, a message is displayed asking you to send the virus sample to Computer Associates for further analysis.
The manageability features in InoculateIT are very good. You have the InoculateIT domain manager that groups all servers on a network into domains and scans them together. It reorganizes all Win NT domains and computers on your network. You can include or exclude any machine from scanning. This makes it very easy for the administrator to efficiently scan the network. Through the domain manager, you can also scan shared drives on networked computers. But for this, you’ll have to enable sharing on all drives, which is not a very good idea. You can also schedule scans so that scanning takes place automatically.
InoculateIT 4.5 Workgroup Edition
|Anti-virus software. Rs
(base price for five users);
Rs 2,200 per additional user
Pros: Good auto update and scheduling; extensive alert features; integration with UnicenterTNG framework.
Source: Datapro Infoworld
Off Karve Road
InoculateIT covers all possible virus entry pointsfloppies, network, e-mail attachments, or Internet downloads. There is a feature called virus quarantine, which automatically blocks an infected file from being copied onto the server by a user. The name of the user is inserted into a quarantine list for a specified amount of time, and he is denied access to the server. Furthermore, a notice is sent out automatically to the user. Each client has an alert manager that can be configured to route virus alerts to specific users on the network. However, Win Popup has to be installed and running on Win 9x clients for this.
InoculateIT also has an auto-download manager to automatically download the latest virus signatures. The server can be scheduled to download the latest virus signature files via FTP. These new virus signatures are kept in an update directory, from where the clients can pick them up. You can also schedule the clients to update themselves using FTP or from a directory on the InoculateIT server. InoculateIT has an event log, which stores each message thats generated by the alert manager, and also stores the time and date of the last scan.
It can be integrated with CAs UnicenterTNG network management framework. Selecting the Unicenter TNG framework option makes it possible to use the frameworks reporting, central alert, and event management features.