Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


network virus scan suggestions?

Posted on 2004-04-06
Medium Priority
Last Modified: 2012-06-21
we're looking at changing our current "virus protection solution" to a norton product, however are not sure if it will be able to function under the restrictions we'd like to set:

we want to change all users to user only permissions on their xp workstations(currently local administrators) and still be able to have them receive and update their virus definitions automatically. we do have a running win 2003 AD network server setup, however are currently not using profiles or groups. also to keep in mind is that we have 7 remote sites with about 15 PCs each and a total of ~170 workstations, so the initial install needs to be as streamlined as possible (heh yeah right).

any suggestions or pointing in the right direction would be greatly appreciated.
Question by:daya88
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 24

Expert Comment

ID: 10770165
> we want to change all users to user only permissions on their xp workstations(currently local administrators)

OK, that worked for us (business). I didn't do it.

I think you need admin priv for initial install, but once that is going you can simply have the desktop request its periodic updates, pattern or program, from your own servers, without user intervention or need, or need of rebooting. It should also take less bandwidth than earlier versions, by only downloading the latest changes to virus files, not the entire system. (someone clue MS plz).

>  keep in mind is that we have 7 remote sites with about 15 PCs

we have many more. Lately, the trend is to have a 'standard build', which is a CD (or similar web_based file) which contains our base minimum configuration for the OS, its rules, and a handful of apps such as AV.

Expert Comment

ID: 10775527
Symantec Anti-Virus Corporate Edition allows you to install the SAV Server on your server, and then centrally administer your workstations regardless of what security policies you have on them (provided you are logged into AD as an Administrator). You can remote deploy the SAV Remote Managed Client to your workstations. The central SAV server also downloads the virus definitions once and pushes them to your clients, saving network bandwidth.. You have quite a few options with this product, including having the SAV Remote Managed Client installed and running without it appearing in the system tray, so your users wont even know its there.

If you are getting really serious about AV, consider this. Approx 95% of viruses are spread through email these days. MailGuard ( have a solution that 'tripple checks' all inbound and outbound email, pretty much guaranteeing its clean. Their solution also includes anti-spam and content filtering capabilities. Well worth checking out. All that is required is redirecting your MX records to their 'towers' so that mail goes through their servers first, and they are quite competatively priced. You would use their service in conjunction with an on-site AV solution to ensure that all points of vulnerability are secured.

Author Comment

ID: 10782929

coorporate edition 8.1 is what we're looking at. could you clarify a few points for me please?

when we install the software on one (or even a few of our servers?) do they need to be AD integrated or just on the domain?

the install can or is done remotely to the client stations, even though the user is logged in on the station as a regular user or does the station at the install time need to be logged in as a local administrator, or does it need to be logged in at all?

follow up administration and virus dat updates can all be run remotely without needing certain permissions set on the client pc as long as a domain administrator is doing the remote administration?

is the user at any time able to run a manual scan? or the only way a client machine is scanned is through a regularly scheduled scan set up by the administratrator or a local administrator on the client?

thanks again for all the help!
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.


Expert Comment

ID: 10821603

I use McAfee for a network with around 400 PC's and 20 servers. All the users are restricted (no run command, no registry access, cannot install software...) and It all updates with no problems. I use ePolicy Orchastrator to manage the domain and get updates automatically from the net. The clients get the update from the local server and it is simple to set up, you don't have to visit each PC. It will even manage PC's with Norton on.

In general I don't think you will have a problem with any major AV product as far as auto updates go if you lock down the users access as you are not 'installing' software just replacing a couple of files.


Expert Comment

ID: 11065692
Try to refer to Sophos Anti Virus at Their support shall help you in getting a better solution.

Expert Comment

ID: 11066222
Any news?

I have just implimented an upgrade across our network. I updated the client management software (frameworkservice) and the AV software (VirusScan Enterprise 7.1.0) it took 10 minutes to set up and around 4 hours for the clients to  update themselves, I just sit back and watch.

When a new DAT file comes out the server gets it and the clients update themselves. By lunch time on the day the DAT is released I have around 90% coverage, the remaing 10% are usually unused PC's.

This is all done with McAfee's ePolicy Orchastrator. It really is this good. You can set up remote repositories so that your satalite offices can update locally and still report back to you so you can track infections, updates, problems.

My sPO serverchecks for updates hourly and distributes them stright away so we're always up to date.

No, I'm not on commission, I just like the product. It's simple to use and does what it claimes to.


Author Comment

ID: 11067785
as a matter of fact i do have some news.

we went ahead and installed norton coorporate edition 8.0 on one of our servers and slowly started adding workstations. the only 2 "problems" we have run into so far are minor ones:

for one the console shows a workstation's AV status as enabled when the workstation itself shows errors that real time protection is not enabled. the station had an old norton install and it seems after following some hints on their website and running an update tool the error was resolved however the console not stating that there was a problem on the client side was confusing at first. also,
when workstations have been turned off and turn back on for the first time after the server received a virus.dat update the workstation pops up with an error stating the virus definitions are out of date. usually just clicking ok waiting for the them to receive the update themselves are enough interaction on the client side. by the time they reboot the issue is resolved.

the other issue is that as nice as the network wide installation/deployment is, one has to have a working network browsing service. ours seems to be broken and we cannot see 2 of our 7 remote sites to deploy the client to and therefore can;t install it currently.

but overall we are very pleased with this virus protection solution. the instillation and maintenance seems very easy and intuitive. the only wish we have now is for it to scan/protect for ad-ware ;)

Expert Comment

ID: 11067809
Glad it's working out. i hope you get your 'browsing' issue sorted out soon.

It would be nice to get rid of spyware with your AV.  McAfee reports it but won't get rid of it. I'm playing around with SpyBot Search and Destroy at present to see if I can use it remotely to zap infected PC's


Accepted Solution

modulo earned 0 total points
ID: 11808139
PAQed, with points refunded (250)

Community Support Moderator

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (, the Zone Advisor for the Virus and …
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question