[NTLUG:Discuss] Re: Virus scanner for Linux server and Windows clients -- different profit model

Bryan J. Smith b.j.smith at ieee.org
Thu Sep 30 22:17:15 CDT 2004 

On Thu, 2004-09-30 at 21:49, Neil Aggarwal wrote:
> Hello:
> I have a Linux file server with many Windows clients.
> I want to implement centralized virus scanning on
> the server.
> I have used Symantec AntiVirus Corporate Edition in
> all-windows environments and it is exactly what I 
> am looking for.  The only problem is that it does
> not run on a Linux server.

Network Associates and Symantec would prefer to sell a "black box"
appliances for permeter, file and other services, than to sell software
for another vendor's platform.

With Windows, Microsoft controls it.  So all they can do is sell
software for atop of it.

But with Linux, Network Associates and Symantec _can_ create their own
Linux-based "black box" appliances.  This is, in fact, what they have
done, so your choice is limited there.  Of course, you'll pay even more
for such solutions.

It's a great markup and profit margin for Symantec and Network
Associates.  Plus they don't have the support headaches of another
vendor changing things on them, they control the platform.

> Is there something similar to use on a Linux server with
> Windows clients?

All major A/V vendors offer solutions for Linux, but very few offer
server-level integration.  So most of them will only offer manual
scanning.  I haven't checked on most of the offerings as of late,
because unless you are an enterprise customer (and get a company's Linux
solutions for no additional charge), it's really not worth it IMHO.

[ FYI, one vendor had a very low-cost, widely adopted solution for Linux
that did real-time scanning, but Microsoft bought them out about 18
months ago.  I can't remember the name of that eastern European company
and their product.  I never used it personally, but most Linux
application and hosting providers did. ]

Today, most people just use the ClamAV GPL Freedomware.  Like other
solutions, it's a solution that is used largely in a batch, manual
scan.  I believe their are some additional components that tie into the
open NetFilter subsystem, but I have not followed their developments.

In any case, you'll probably be doing a bit of manual integration. 
Unless you're running RHEL or common rebuild of it from SRPM (or the
direct equivalent Fedora Core package set, my preferred way so I don't
have to deal with the trademark issues, unlike the SRPM rebuilds) or
SLES.  But then were back to talking either mega-$$$ or being an
existing, enterprise licensee.


-- 
Bryan J. Smith                                  b.j.smith at ieee.org 
------------------------------------------------------------------ 
"Communities don't have rights. Only individuals in the community
 have rights. ... That idea of community rights is firmly rooted
 in the 'Communist Manifesto.'" -- Michael Badnarik

More information about the Discuss mailing list