Comments on: Comparing NOD32 2.7 to Trend Client-Server 3.6 http://www.mcbsys.com/techblog/2008/03/comparing-nod32-2-7-to-trend-client-server-3-6/ Custom Software and I.T. Services Mon, 06 Feb 2012 18:05:46 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Rob Pelletier http://www.mcbsys.com/techblog/2008/03/comparing-nod32-2-7-to-trend-client-server-3-6/comment-page-1/#comment-48 Rob Pelletier Fri, 10 Oct 2008 20:39:40 +0000 /mark/post/Comparing-NOD32-27-to-Trend-Client-Server-36.aspx#comment-48 At least with Version 3x, you can configure file and folder exclusions. This can't be done with 2.7 (at least not for on-deman/scheduled scans), and that is a serious feature to be lacking. Also, for those wishing to provide Exchange server protection, V 2.7 is the only option - that's not offered with V 3x yet. Frankly, I'd take a performance hit in exchange for the ability to exlcude ket folders from scheduled scans. I have been using V 2.7 for MS Exchange on SBS servers and V 3 for other servers and workstations. Other than my pet peeve (the aforementioned inability to exclude fodlers from scheduled scans) I am happy with the product. However, that inability is astounding to me - I can't believe they even released such a version. At least with Version 3x, you can configure file and folder exclusions. This can’t be done with 2.7 (at least not for on-deman/scheduled scans), and that is a serious feature to be lacking. Also, for those wishing to provide Exchange server protection, V 2.7 is the only option – that’s not offered with V 3x yet. Frankly, I’d take a performance hit in exchange for the ability to exlcude ket folders from scheduled scans.
I have been using V 2.7 for MS Exchange on SBS servers and V 3 for other servers and workstations. Other than my pet peeve (the aforementioned inability to exclude fodlers from scheduled scans) I am happy with the product. However, that inability is astounding to me – I can’t believe they even released such a version.

]]> By: intersys.co.uk http://www.mcbsys.com/techblog/2008/03/comparing-nod32-2-7-to-trend-client-server-3-6/comment-page-1/#comment-47 intersys.co.uk Fri, 10 Oct 2008 17:33:17 +0000 /mark/post/Comparing-NOD32-27-to-Trend-Client-Server-36.aspx#comment-47 We find v2.7 SO much easier to install on servers due to the low footprint and lean memory useage. It's a great, tight system. v3 is OK but not quite as fast .. I'm sticking with 2.7 for the mo! We find v2.7 SO much easier to install on servers due to the low footprint and lean memory useage. It’s a great, tight system. v3 is OK but not quite as fast .. I’m sticking with 2.7 for the mo!

]]> By: Rob Pelletier http://www.mcbsys.com/techblog/2008/03/comparing-nod32-2-7-to-trend-client-server-3-6/comment-page-1/#comment-46 Rob Pelletier Mon, 15 Sep 2008 05:16:01 +0000 /mark/post/Comparing-NOD32-27-to-Trend-Client-Server-36.aspx#comment-46 I figure that on-demand scanning and real-time scanning offer differing issues when it comes to interfering with certain critical processes, and I may be making something out of nothing. And, by selecting to scan only certain extensions, and making sure the extensions for the Exchange data files aren't in the list, you can help be sure not to screw up your Exchange server. However, this logic has some flaws -- from Microsoft's 822158: "Do not scan the following files and folders. These files are not at risk of infection. If you scan these files, serious performance problems may occur because of file locking. Where a specific set of files is identified by name, exclude only those files instead of the whole folder. Sometimes, the whole folder must be excluded. Do not exclude any one of these based on the file name extension. For example, do not exclude all files that have a .dit extension. Microsoft has no control over other files that may use the same extensions as the following files." I talked to a support rep from Symantec last week, and they demand that the entire folder for their BackuExec product be excluded from virus scanning. There are many filetypes in there that one wouldn't otherwise exclude, like .exe files. However, scheduling a scan when backups aren't running would probably alleviate that concern. This is not so easy with files relating to IIS or Active Directory. Your extensive list of recommended exclusions (posted elsewhere here and at the Wilders site) shows that there are potential issues with scanning everything on an SBS server, and, since being selective is possible ONLY by file extension, one must be pretty careful of either what is scanned or when scheduled scans are run. In general, I like the NOD32 products. I found it took a few installations to get a feel for its setup, but have confidence in it now. I understand that the on-demand exclusions are possible with version 3, but am not sure when Version 3 for Exchange will be available or when it will be tested long enough to trust it on an SBS server. It makes no sense to me that ESET would ever have released a version that didn't allow for on-demand exclusions, and also find it surprising that I have found little or no discussion around the topic. I figure that on-demand scanning and real-time scanning offer differing issues when it comes to interfering with certain critical processes, and I may be making something out of nothing. And, by selecting to scan only certain extensions, and making sure the extensions for the Exchange data files aren’t in the list, you can help be sure not to screw up your Exchange server.

However, this logic has some flaws — from Microsoft’s 822158:
“Do not scan the following files and folders. These files are not at risk of infection. If you scan these files, serious performance problems may occur because of file locking. Where a specific set of files is identified by name, exclude only those files instead of the whole folder. Sometimes, the whole folder must be excluded. Do not exclude any one of these based on the file name extension. For example, do not exclude all files that have a .dit extension. Microsoft has no control over other files that may use the same extensions as the following files.”

I talked to a support rep from Symantec last week, and they demand that the entire folder for their BackuExec product be excluded from virus scanning. There are many filetypes in there that one wouldn’t otherwise exclude, like .exe files. However, scheduling a scan when backups aren’t running would probably alleviate that concern. This is not so easy with files relating to IIS or Active Directory.

Your extensive list of recommended exclusions (posted elsewhere here and at the Wilders site) shows that there are potential issues with scanning everything on an SBS server, and, since being selective is possible ONLY by file extension, one must be pretty careful of either what is scanned or when scheduled scans are run.

In general, I like the NOD32 products. I found it took a few installations to get a feel for its setup, but have confidence in it now. I understand that the on-demand exclusions are possible with version 3, but am not sure when Version 3 for Exchange will be available or when it will be tested long enough to trust it on an SBS server. It makes no sense to me that ESET would ever have released a version that didn’t allow for on-demand exclusions, and also find it surprising that I have found little or no discussion around the topic.

]]> By: Mark Berry http://www.mcbsys.com/techblog/2008/03/comparing-nod32-2-7-to-trend-client-server-3-6/comment-page-1/#comment-45 Mark Berry Sun, 14 Sep 2008 23:39:33 +0000 /mark/post/Comparing-NOD32-27-to-Trend-Client-Server-36.aspx#comment-45 I've not had a problem with NOD32 2.7 on-demand scans causing problems. I did set up exclusions on extensions related to dBASE and SQL database files. You could also exclude Exchange database extensions. I’ve not had a problem with NOD32 2.7 on-demand scans causing problems. I did set up exclusions on extensions related to dBASE and SQL database files. You could also exclude Exchange database extensions.

]]> By: Rob Pelletier http://www.mcbsys.com/techblog/2008/03/comparing-nod32-2-7-to-trend-client-server-3-6/comment-page-1/#comment-44 Rob Pelletier Sat, 13 Sep 2008 06:48:29 +0000 /mark/post/Comparing-NOD32-27-to-Trend-Client-Server-36.aspx#comment-44 I only tried Trend once. After spending all afternoon trying (using some remote desktop tool) the Trend support tech agreed that the product wouldn't install on this machine. It was a clean install of XP Pro, but the Trend wouldn't install. Sent it back, got a refund, but there's an afternoon of my life I won't get back (or paid for). Currently, I am promoting NOD32. I am concerned that, for Exchange servers (and therefore SBS servers) you can't do on-demand scans unless you are willing to let it scan everything. That's right, you can't define exclusions for on-demand scans - only for real-time scanning. I am talking about Version 2.7 here, which is the only version that offers Exchange protection so far. So, what would you do? Trust that the real-time scanning is sufficient for your server, or go ahead and scan the entire thing, including the forbidden Exchange folders (and others)? I only tried Trend once. After spending all afternoon trying (using some remote desktop tool) the Trend support tech agreed that the product wouldn’t install on this machine. It was a clean install of XP Pro, but the Trend wouldn’t install. Sent it back, got a refund, but there’s an afternoon of my life I won’t get back (or paid for).

Currently, I am promoting NOD32. I am concerned that, for Exchange servers (and therefore SBS servers) you can’t do on-demand scans unless you are willing to let it scan everything. That’s right, you can’t define exclusions for on-demand scans – only for real-time scanning. I am talking about Version 2.7 here, which is the only version that offers Exchange protection so far.

So, what would you do? Trust that the real-time scanning is sufficient for your server, or go ahead and scan the entire thing, including the forbidden Exchange folders (and others)?

]]>