The advantage of multiple anti-virus engines on server products
The Forefront server security products provide several key security capabilities to Exchange and SharePoint customers, including an advanced multiple anti-virus engine manager that allows you to concurrently run up to 5 of the included Microsoft and third-party anti-malware engines. Using multiple scan engines delivers several critical advantages:
- It increases the chances that emerging threats will be quickly caught.
- It provides redundancy to help protect against scan failures or defects in individual engines; if an engine fails, other engines continue scanning messages.
- It gives administrators an effective way to choose the most appropriate level of protection for their environment given their security needs and server performance capabilities.
- It allows engines to be taken offline for updates or reconfiguration without forcing messages to be queued.
A recent set of tests performed by the independent AV-Test.org group found some surprising differences in signature update times from various vendors. The tests compared AV lab response times for eighty-two “in the wild” viruses and variants. Twenty-six of the viruses were quickly detected by all the scan engines, but some engines didn’t detect viruses for more than twenty-four hours. In a few cases (notably 0506 Banwarum.C@mm), some vendors didn’t update their signatures to provide a block until nearly five days had elapsed! Because Forefront Security for Exchange Server and Forefront Security for SharePoint combine multiple engines, the odds that a virus will go unblocked or undetected for long periods are greatly reduced. Organizations benefit from all updates for the set of engines you use, not just from updates to a single engine.
For a larger version of this chart go here
Comments
Anonymous
January 01, 2003
Forefront Security for Office Communications Server has some nice features, including: Multiple antiAnonymous
January 01, 2003
We have updated numbers from last month’s comparison of single-AV engines versus the multi-engine approachAnonymous
January 01, 2003
PingBack from http://antivirus.wpbloggers.com/?p=35Anonymous
January 01, 2003
Today at the Tech Ed IT Professional Conference, Microsoft announced the availability of the first publicAnonymous
January 01, 2003
Thanks for the article was useful to follow your blog I frequentAnonymous
January 01, 2003
was pretty descriptive narrative about the picture was good and I think it is useful for thank you.Anonymous
January 01, 2003
was useful to test thanks.Anonymous
January 01, 2003
The comment has been removedAnonymous
March 18, 2016
The comment has been removed