Share via

The advantage of multiple anti-virus engines on server products

  • Article

The Forefront server security products provide several key security capabilities to Exchange and SharePoint customers, including an advanced multiple anti-virus engine manager that allows you to concurrently run up to 5 of the included Microsoft and third-party anti-malware engines. Using multiple scan engines delivers several critical advantages:

  • It increases the chances that emerging threats will be quickly caught.
  • It provides redundancy to help protect against scan failures or defects in individual engines; if an engine fails, other engines continue scanning messages.
  • It gives administrators an effective way to choose the most appropriate level of protection for their environment given their security needs and server performance capabilities.
  • It allows engines to be taken offline for updates or reconfiguration without forcing messages to be queued.

A recent set of tests performed by the independent AV-Test.org group found some surprising differences in signature update times from various vendors. The tests compared AV lab response times for eighty-two “in the wild” viruses and variants. Twenty-six of the viruses were quickly detected by all the scan engines, but some engines didn’t detect viruses for more than twenty-four hours. In a few cases (notably 0506 Banwarum.C@mm), some vendors didn’t update their signatures to provide a block until nearly five days had elapsed! Because Forefront Security for Exchange Server and Forefront Security for SharePoint combine multiple engines, the odds that a virus will go unblocked or undetected for long periods are greatly reduced. Organizations benefit from all updates for the set of engines you use, not just from updates to a single engine.

For a larger version of this chart go here

Comments

  • Anonymous
    January 01, 2003
    Forefront Security for Office Communications Server has some nice features, including: Multiple anti

  • Anonymous
    January 01, 2003
    We have updated numbers from last month’s comparison of single-AV engines versus the multi-engine approach

  • Anonymous
    January 01, 2003
    PingBack from http://antivirus.wpbloggers.com/?p=35

  • Anonymous
    January 01, 2003
    Today at the Tech Ed IT Professional Conference, Microsoft announced the availability of the first public

  • Anonymous
    January 01, 2003
    Thanks for the article was useful to follow your blog I frequent

  • Anonymous
    January 01, 2003
    was pretty descriptive narrative about the picture was good and I think it is useful for thank you.

  • Anonymous
    January 01, 2003
    was useful to test thanks.

  • Anonymous
    January 01, 2003
    The comment has been removed

  • Anonymous
    March 18, 2016
    The comment has been removed