Home / server / Questions / 111484
In Process
Adam
Asked: 2010-02-11 02:36:37 +0800 CST

Enterprise desktop antivirus without a Windows server

  • 772

Are there any desktop antivirus products suitable for use in an enterprise environment without a Windows server?

We're currently using McAfee for our Windows desktops but to get updates and alerts with the latest version it looks like you need to be running their EPO server software. I'd like to avoid the cost of hardware and Windows licensing, and if possible to run just client-based antivirus.

Ideally it would support:

  1. Updates from an internal copy of the definitions (e.g. a wget mirror)
  2. Automated configuration of the install
  3. Alerts from the client via email
windows anti-virus deployment desktop

6 Answers

  1. It almost sounds like you're after a P2P kind of deployment. I've never seen something like that, but it could be an interesting idea.

    We use ESET NOD32, which can run just fine without connection to a central server. Of course, then you miss out on centralized monitoring and alerting, as well as automated deployment. I believe it uses HTTP as the update method, so with a bit of hacking you could get all of the clients to update from a local HTTP server.

    • 3

  2. Do you have a caching proxy server, or do you have the ability to add one?

    If you do, then any AV that gets its updates over the internet should be fine. If you were to set very aggressive caching for their update site (should be easy to track down with some basic logging), then the updates only need to be downloaded once, and can then be grabbed from the cache of the proxy server.

    • 2

  3. Trend Micro's Worry-Free Business Security does not require a Windows Server. Any machine you wish can become "the server" as it installs an apache based management console. From there you can push updates or push a virus scan to any or all computers. You can also place machines in groups and have them utilize different parameters such as scan frequency, blocked URLs, etc. It also sends emails when a virus is detected or removed, or when it can't be removed. Installation on each machine can be done via command line or web browser.

    http://us.trendmicro.com/us/products/sb/worry-free-business-security/

    • 1

  4. CA ETrust Enterprise AV you can purchase and run as few as one individual clients that download from the vendor's servers over the internet. Cost is about $40 per client per year.

    Internal updates/redistribution mechanism is very simple. Configuration is also customizable and very simple. They have a free 30-day eval you can download.

    http://www.ca.com/us/products/product.aspx?id=156

    • 0

  5. I think it may be worth you while to grab eval copies of some likely looking AV products and install them on a test (virtual?) machine. Then have a look to see if they can be configured to grab the updates from a specific source. If they can, it should be easy enough to determine where their default downloads come from, along with whatever connection strings are sent to the source. Once you've found one you can work with, set one machine up to download the updates and configure the rest to get them from that machine. In all likelihood the download source settings will be stored in the registry, making it simply to use GPO or a script to propagate that information. It's a fair bit of fiddling about but the end result may be worth it.

    • 0

  6. I have been using Symantec Corporate edition for years, and finally just updated to the latest version of Endpoint Protection, and I'm loving it. Its reasonably priced, and does very well, and isn't a resource hog either.

    • -2