Johannesburg, 15 Mar 2005
While security purchases are likely to be the most crucial decisions an organisation will make, anti-virus (AV) software remains AV software whichever way you choose to look at it. The job of the software is simple; it`s to ensure that PCs and laptops remain free from new or existing virus-borne threats, and to do so in a timely and capable way.
Brett Myroff, CEO of Sophos distributor, NetXactics, says all AV software, to a lesser or greater degree, performs this function adequately, and that you basically get what you pay for.
He believes a number of other criteria should figure into the AV purchasing equation, particularly where the playing field has been levelled in terms of cost and essential functionality.
"While the software might offer the same functionality at base level, vendors differ significantly in their product and sales methodology. Where a vendor is looking at a sustainable licensing model for revenue generation, chances are that they will put that much more back into their R&D spend.
"To make and keep this model working, these vendors will need to keep their technology up to date, both in terms of speedily and effectively addressing threats as they emerge, and in terms of the product`s easy of use and management, if they are to ensure ongoing business from licence renewals," Myroff says.
He adds that a niche focus on a chosen market also places a vendor in a far more certain position to address the entire threat lifecycle, which boils down to the speed and quality of virus table updates.
"The speed of update delivery is inextricably linked to a provider`s R&D and market focus, and is also the key component of the solution and service offering that will differentiate one AV company from the next."
While most, if not all, AV software companies offer support, there is little to sustain the idea of having to pay for this support. Again a differentiating component, Myroff says organisations should ask themselves why they should, or are paying for support on applications that have essentially become mission-critical.
"Support should figure into the licence cost of any mission-critical application today," he says.
For small business and enterprise requirements, a good judgment call can be made on the simple assessment of whether an AV vendor`s product is designed, at core, with standalone application or network centricity in mind.
"This is significant for a number of reasons," says Myroff. "While the size of an update will determine the speed with which it can be delivered, and the impact it will make on network performance, the ultimate point is to get the update to all network users as quickly as possible."
Bandwidth and servers can easily be overloaded by large updates, but of equal significance is the software`s ability to use a single engine, and thus the same update, for a wide variety of operating systems found on most enterprise level networks.
"Centralised updates over multi-platform networks, whether that`s a mix of Linux, Novell, Unix, Windows or DOS, will ensure speedier delivery of the update regardless of the platform mix. Multiple updates for multi-platform networks, however, introduce added complexity in terms of managing a virus threat as well as the speed with which it can be resolved."
The performance of any AV solutions is also directly related to the vendor`s ability to control downloading of its updates. "Where a vendor is supporting a large and essentially unknown number of users, the extent of the access to servers at any given point in time is not easily defined. Bandwidth constraints and over-burdened servers can only restrict the efficiency of update delivery," says Myroff.
"Having a clear idea of the number of users you`re dealing with is the only way to guarantee a fail-safe service, and vendors with a stringent focus on providing a service to businesses are perhaps in a better position to manage their own performance around the clock."
Share