Microsoft's Antigen Securely Automates Antivirus Protection
The software giant's antivirus foray is stirring waves in the security arena, so the CRN Test Center took a look under Antigen's hood to give VARs a snapshot of the level of protection and functionality offered by the product, which is due to ship next month.
Outright, Microsoft Antigen kills three birds with one stone by providing e-mail, collaboration and antispam protection. The product comes with five antivirus engines, and customers can buy up to nine engines. However, Microsoft recommends only using five engines at a time.
Under the Test Center's lab conditions, Antigen performed admirably. Antigen was tested on a Windows 2003 server running Exchange 2003 with an Outlook client installed.
Antigen was designed to simplify administration, and that's apparent when launched. A Scan Job tab displays Antigen's scanning capabilities, which include SMTP Scan Job, Storage Group for realtime and manual jobs, and MTA Scan Job.
Antigen's SMTP scanning scrutinizes inbound and outbound messages. The tool doesn't scan internally by default, therefore, the SMTP actually involves messages being routed between mailbox servers. Antigen's realtime scanning is used when working on the same server.
Antigen uses tag keywords to insert alerts on deletion messages. The tag keywords are available by right-clicking the mouse over default messages. Typically, most administrators will just use the default file name and virus name to alert end users But when collecting statistics or sending general alerts, administrators also can add the names of the server, folder and virus engine—including senders' and recipients' names—to warning messages.
Antigen supports separate deletion text for each scan job in the tool. It also can add tags to spam messages for which administrators can enter anything on the subject line.
In a realtime scan job, Antigen provides mailbox selection. In general, it's not a good practice to leave mailboxes unchecked, but when running a quick job, it certainly helps to speed up scanning. The default setting will execute an automatic scan on each of the mailboxes. Administrators can pick and choose antivirus engines depending on the type of scans needed. Administrators also have the option to quarantine viruses or delete them.
Overall, Antigen does a bang-up job automating most of the security tasks dreaded by administrators. Its heuristic rules cover most insidious keywords plaguing e-mail nowadays. And from the Test Center's early tests, Antigen seems to perform extremely well.