I'm looking at moving away from our 'Enterprise' Symantec virus protection which runs on a Windows server and controls the definition distribution and so on to our client PCs running Windows.

It makes more sense to me to run the protection server on Linux so that it's not affected by any of the nasties and can remain uncompromised while the Windows boxes fail left right and centre.

Anybody know of any products that support remote management running on a Linux server?

Cheers

look at clamav.

It's not straightforward, because you need to think about where your virus protection is wanted. Incoming Mail? easy. Browsing? different matter.

The way the Symantec stuff works is that each desktop PC has the client installed which does all the scanning for each PC, and the server deals with the reporting and definition updates etc.

I'm open to non-free suggestions as well, by the way.

Several of the traditional Anti-virus companies have Linux solutions. Type Linux in the search box on each website. I have seen Linux solutions at AVG and Avast.

You will need to ensure that they include the ability to manage Windows workstations.
Most have trial software you can download.

Let us know how it turns out.

ClamAV is great at detecting BUT it dose not remove viruses
in the past it has found things on Windows xp that Norton missed .BUT you need to remove them by hand


now the ClamAV-miter email scanning is great for a "mail server" to keep ms viruses out of the very virus friendly MS outlook

F-Secure is my current solution for work, it is not free but I have found it reliable and much more effective than Symantec . . . . I long ago threw the Symantec trash where it belonged (literally in the garbage). F-Secure has been great for me and the "Policy Manager" has both M$ Windoze and Linux versions.

At home and for one off clients I recommend and use Avast (Free).

Clam is good for email scanning. However, it does not do real time scanning on Windows workstations.

Excellent! Thanks for your responses. Out 'sister company' uses F-Secure, so perhaps I'll see what they say about it.

I'll try to make sure I reply here with my results.

I agree with what's been said above. When you need to scan incoming / outgoing email via a mail gateway, you want ClamAV hands down. If you have companies workstations that need protection on the most attacked / vulnerable O.S. know to man, I recommend Symantec End Point server. Each client connects to the parent SEP server and protects the end user. I wish there was a better OSS / Linux solution but I don't think there is.

Not to hijack this thread but has anyone here who recommended a specific product actually tested it and found it to be a better product than others in terms of engine quality, heuristics, detection rate vs false positives, speed of updated signatures?..

Versus what? ClamAV or Symantec End Point?

As in ClamAV versus any Brand X. Because in my perception (I've tested a few times) ClamAV basically loses always.

How did you test this? Are you testing it on incoming / outgoing email or some other method? I have never had any issues with ClamAV but have never tested it against any other one. ClamAV was always the suggested AV tool for mail gateways so I assumed it was the best.

While it has been a few years since I did the testing I found F-Secure superior to Symantec. The engine was (probably still is) smaller and faster, updates were more frequent than Symantec, and during testing F-Secure found many things missed by Symantec and Clam. Just as important as performance, the price was much more reasonable. When I did my testing I used both solutions to scan drives, emails and websites with known malware for testing.

I do use Clam AV on my mail gateway, and it is backed up by F-Secure. For a non-corporate solution I find Avast Free to be the best all around option. It doesn't seem to cause trouble like other free scanners I have used.

^
I think we're all talking about different things. There are desktop AV scanners used for Microsoft desktops like Symantec, AVG, McAfee, etc etc etc and then there are mail gateway scanners that require ClamAV and such. I was asking 'unSpawn' what he didn't like about ClamAV as a mail gateway scanner.