Inoculation with InoculateIT

Total Virus Defence 4.02

Trend ServerProtect

Norton AntiVirus Enterprise Edition

Mail Server Security

We reviewed the workgroup edition of InoculateIT. It comes with a server version for Win NT 4 Server and clients for Win NT Workstation, Win 9x/3.x, DOS, and Macintosh. The workgroup edition supports only one NT server. So, if you have a large network with multiple NT servers, then you have to go for the Enterprise edition. InoculateIT has optional agents for Lotus Notes and MS Exchange mail servers.

Implementing the software is fairly simple. You just have to install InoculateIT on the server and clients, and you’re ready to go. It’ll reboot after installation after which it adds a real-time monitor that runs in the background, scanning files as they’re executed or written to and from the disk. It lets you choose the direction of files to scan (incoming, outgoing or both), and define the action to be taken upon virus detection (no action, deletion, cure, move, rename, etc). Further, you can choose the areas to protect and to leave alone, such as floppy drive, CD-ROM, hard drive, etc.

Main Features

  • Real-time scanning
  • Virus quarantine
  • Heuristic scanning
  • Compressed file scanning
  • Central activity log
  • Automatic signature updates
  • Schedule scanning
  • Central domain management
  • Optional Lotus Notes and MS Exchange protection
  • Internet protection: Java and ActiveX 
  • E-mail scanning
  • Integrates with UnicenterTNG

It has three main scanning modes—Fast, Secure, and Reviewer scan. Fast scan is the quickest, and checks only the beginning and end of each file—the location where a virus is most likely to be hidden. Secure scan scans complete files. And, Reviewer scan detects inactive viruses or those that have been deliberately modified. You also have a fourth option—Heuristic scan. This is an artificial intelligence technique used to scan for unknown viruses, that is, those whose signatures haven’t been identified. In this method, rather than using fixed algorithms to scan for specific virus signatures, it uses several alternative methods to detect unknown viruses. For example, it can look for virus-like patterns to detect a potential virus. If it detects an unknown virus, a message is displayed asking you to send the virus sample to Computer Associates for further analysis.

The manageability features in InoculateIT are very good. You have the InoculateIT domain manager that groups all servers on a network into domains and scans them together. It reorganizes all Win NT domains and computers on your network. You can include or exclude any machine from scanning. This makes it very easy for the administrator to efficiently scan the network. Through the domain manager, you can also scan shared drives on networked computers. But for this, you’ll have to enable sharing on all drives, which is not a very good idea. You can also schedule scans so that scanning takes place automatically.

InoculateIT 4.5 Workgroup Edition

Anti-virus software. Rs 21,290 
(base price for five users); 
Rs 2,200 per additional user
Pros: Good auto update and scheduling; extensive alert features; integration with UnicenterTNG framework.
Cons: None.
Source: Datapro Infoworld
Datapro House
31 Erandawane
Off Karve Road
Pune 411004. 
Tel: 20-5468241/42 
Fax: 5432913 

InoculateIT covers all possible virus entry points—floppies, network, e-mail attachments, or Internet downloads. There is a feature called virus quarantine, which automatically blocks an infected file from being copied onto the server by a user. The name of the user is inserted into a quarantine list for a specified amount of time, and he is denied access to the server. Furthermore, a notice is sent out automatically to the user. Each client has an alert manager that can be configured to route virus alerts to specific users on the network. However, Win Popup has to be installed and running on Win 9x clients for this.

InoculateIT also has an auto-download manager to automatically download the latest virus signatures. The server can be scheduled to download the latest virus signature files via FTP. These new virus signatures are kept in an update directory, from where the clients can pick them up. You can also schedule the clients to update themselves using FTP or from a directory on the InoculateIT server. InoculateIT has an event log, which stores each message that’s generated by the alert manager, and also stores the time and date of the last scan. 

It can be integrated with CA’s UnicenterTNG network management framework. Selecting the Unicenter TNG framework option makes it possible to use the framework’s reporting, central alert, and event management features.

  • Follow PCQuest on
  • become a fan on
  • Stay updated via
  • RSS


Notify me of follow-up comments via e-mail address

Post Comment

Survey Box

Now that Microsoft has finally discontinued support for Windows XP, which OS are you likely to upgrade to?

Send this article by email