Client-Server Antivirus versus Client-Only
November 21, 2008 6:41 AM Subscribe
What is the major advantage to using one of the large server-based anti-virus solutions over putting individual anti-virus software on all the client computers?
I am currently looking for a new anti-virus software package to use at my workplace. We have about 40 systems, mostly laptops, and the anti-virus up until now has involved a stand-alone program on each computer. When trying to determine what software to go with, I need to determine if I want to follow the same route or of I want to go with a client-server setup. The main problem is that I'm not sure what the benefits of a client-server anti-virus solution would be for us. Any advice would be welcome.
I am currently looking for a new anti-virus software package to use at my workplace. We have about 40 systems, mostly laptops, and the anti-virus up until now has involved a stand-alone program on each computer. When trying to determine what software to go with, I need to determine if I want to follow the same route or of I want to go with a client-server setup. The main problem is that I'm not sure what the benefits of a client-server anti-virus solution would be for us. Any advice would be welcome.
Best answer: Generally in a client-server anti-virus solution, the server pulls the updates and distributes it to the clients. This reduces the bandwidth that you use connecting to the Internet for updates by keeping most of the update traffic local.
Also, you might be able to use policies to deny client systems access to things depending on their anti-virus status. For example, you might want people to be up-to-date before letting them access the Internet and the client-server solution can enforce that.
posted by doomtop at 7:09 AM on November 21, 2008 [1 favorite]
Also, you might be able to use policies to deny client systems access to things depending on their anti-virus status. For example, you might want people to be up-to-date before letting them access the Internet and the client-server solution can enforce that.
posted by doomtop at 7:09 AM on November 21, 2008 [1 favorite]
Best answer: Updates. That's one of the issues - when you install AV software as a standalone solution you're relying on the individual to ensure that (even automatic) updates get installed, and that the individual hasn't disabled the AV software to speed up Counter-Strike or something. And if your standalone software happens to be a Norton product, it's likely that some users will have uninstalled or disabled it for the sake of their sanity.
Also accountability. Server-based solutions generally keep a log of scans and updates; you can much more easily ensure that company-wide AV policies are being followed.
posted by le morte de bea arthur at 7:10 AM on November 21, 2008 [1 favorite]
Also accountability. Server-based solutions generally keep a log of scans and updates; you can much more easily ensure that company-wide AV policies are being followed.
posted by le morte de bea arthur at 7:10 AM on November 21, 2008 [1 favorite]
Best answer: 1. Centralized updates.
2. Centralized management.
3. Push deployment.
4. Easier managing of licenses.
5. Centralized quarantine.
6. Network-wide rules (make this folder exempt, run the scan at this time, etc)
7. Centralized logging.
posted by damn dirty ape at 7:31 AM on November 21, 2008 [1 favorite]
2. Centralized management.
3. Push deployment.
4. Easier managing of licenses.
5. Centralized quarantine.
6. Network-wide rules (make this folder exempt, run the scan at this time, etc)
7. Centralized logging.
posted by damn dirty ape at 7:31 AM on November 21, 2008 [1 favorite]
Best answer: Updates and push deployment are managed through you. You don't have to worry if computer 23 has AV software of it's been disabled- just look in the management console.
On top of that, it makes it much easier to see issues with computer. Was a virus found? When? Issues can be immediately e-mailed to an admin.
Centralized AV programs I've dealt with also have program restrictions, so you can say computer group A cannot play solitaire (mine has categories. These computers, on our program, can be imported straight from AD allowing for management of one database instead of 2.
Less bandwidth. If there's an update, it is much easier on the network to update every computer on a 100/1000 connection than trying to squeeze everyone through an Internet pipe. Not too big of an issue with 40 employees, but it absolutely becomes one with larger organizations.
Tech support. Generally speaking, using a server gets you the enterprise level software, which also comes with tech support access to people who actually know how to fix problems.
posted by jmd82 at 9:48 AM on November 21, 2008 [1 favorite]
On top of that, it makes it much easier to see issues with computer. Was a virus found? When? Issues can be immediately e-mailed to an admin.
Centralized AV programs I've dealt with also have program restrictions, so you can say computer group A cannot play solitaire (mine has categories. These computers, on our program, can be imported straight from AD allowing for management of one database instead of 2.
Less bandwidth. If there's an update, it is much easier on the network to update every computer on a 100/1000 connection than trying to squeeze everyone through an Internet pipe. Not too big of an issue with 40 employees, but it absolutely becomes one with larger organizations.
Tech support. Generally speaking, using a server gets you the enterprise level software, which also comes with tech support access to people who actually know how to fix problems.
posted by jmd82 at 9:48 AM on November 21, 2008 [1 favorite]
Other people have covered the same ground, but a centralized management console has the following advantages.
* Reporting - You can see at a glance whether or not all of your clients have been updated.
* Client install - New a/v clients can be installed with a couple of clicks from the management console, instead of sticking CDs into each PC.
* Alerts - You can set the management console to notify you any time a virus is detected. This can help you address these issues proactively, before they wreck one of your PCs and force you to reformat.
* Manage settings - For example, you can make sure that "Clean" is the default action on all of your installs, that no one has disabled e-mail scanning, that certain types of attachments are blocked and so on.
* Licensing - You don't have to buy and keep track of individual A/V licenses. This is especially true if you're currently renewing subscriptions at different times of the year or keeping track of 40 serial numbers. AVG Free is actually NOT free for commercial use, so if you have it now, you're using it outside the license agreement.
I've used Symantec, Sophos and Trend in the last several years. They all have their quirks- - Symantec required (requires?) you to uninstall the management console to upgrade to the new version, which I always worried would force me to redeploy all my a/v clients. Sophos couldn't (can't?) deploy to Vista clients and Trend sent out an update that caused all clients to scan network drives, bringing people's file servers down. They all worked reasonably well, but had their quirks. Symantec's corporate products are infinitely better than its consumer products, but their support couldn't possibly be worse.
posted by cnc at 10:21 PM on November 21, 2008
* Reporting - You can see at a glance whether or not all of your clients have been updated.
* Client install - New a/v clients can be installed with a couple of clicks from the management console, instead of sticking CDs into each PC.
* Alerts - You can set the management console to notify you any time a virus is detected. This can help you address these issues proactively, before they wreck one of your PCs and force you to reformat.
* Manage settings - For example, you can make sure that "Clean" is the default action on all of your installs, that no one has disabled e-mail scanning, that certain types of attachments are blocked and so on.
* Licensing - You don't have to buy and keep track of individual A/V licenses. This is especially true if you're currently renewing subscriptions at different times of the year or keeping track of 40 serial numbers. AVG Free is actually NOT free for commercial use, so if you have it now, you're using it outside the license agreement.
I've used Symantec, Sophos and Trend in the last several years. They all have their quirks- - Symantec required (requires?) you to uninstall the management console to upgrade to the new version, which I always worried would force me to redeploy all my a/v clients. Sophos couldn't (can't?) deploy to Vista clients and Trend sent out an update that caused all clients to scan network drives, bringing people's file servers down. They all worked reasonably well, but had their quirks. Symantec's corporate products are infinitely better than its consumer products, but their support couldn't possibly be worse.
posted by cnc at 10:21 PM on November 21, 2008
This thread is closed to new comments.
posted by mkultra at 7:02 AM on November 21, 2008