Domino AV Testing Results

Thursday 24th February, 2005
Image:Domino AV Testing Results

A quick explanation of the results above giving reasons for the scorings applied.

Ease of installation

Literally how easy it was to take the product out the box and get it up and running with little or no prior experience.

No criticism on the Symantec and Trend products. The CA product needed the OS level anti-virus solution to be installed as a pre-requisite. This was a little complicated and required juggling between two CD's and a reboot. The McAfee product, whilst similar to the others, requires the typing of Hierarchical names (CN=UKHUB/OU=SERVERS/O=TFSE) when referencing servers which is a pain on foreign keyboards and also the replication of system databases from a central server gives little feedback and can just leave the screen frozen for over an hour on slow setup links.

Cleanliness of uninstallation

Historically, many of these products have left redundant files, notes.ini lines and registry entries after uninstallation. None of these current versions did.

Ease of releasing a message

If a message has been stopped en route to the recipient, due to a content filter how easy it is to release the message at a later date. The McAfee product doesn't allow releasing at all. The CA product emails filtered messages to a central address from where they could be forwarded, but not really very practical. The Symantec product can release message after a simple request from any authorised user. The Trend release mechanism didn't work as well, and requires an administrator.

Integration with Domino

How tightly the product integrates with the domino server. The CA product used a very primitive hook of the message out of the mailbox to use the OS level scanner. The others scored very well in comparision.

Centralised management within Notes

This product will be deployed in areas to which our Win2K Active Directory does not spread and so will need to be managed internally within the Notes infrastructure. How easy is this? The CA product offered no integration with the Notes management side and required a separate management tool. Configs could be viewed centrally in all the other 3 products, but some of the settings within McAfee could only be changed locally on the specific server. This goes against the convenient replication setup in Notes.

Delegated Administration

As some Notes admin tasks are de-centralised to eliminate Muda, the ability to delegate some but not all of the administration would be nice. Only Symantec offer multiple levels of administration allowing localised admin to release quarantined messages with no additional authority.

Learning Curve for new Admin users

How easy it was to pick up the product and use the GUI to make routine changes to settings etc.The Trend product was over complicated and the CA product not very straightforward. The McAfee product was good, but some bits seemed well hidden unnecessarily.

Updates Distributed via Notes infrastructure

All products used the existing Notes infrastructure to deploy updates except CA. The McAfee product was marked down as the update database seemed to store all the old versions which wasted space and caused unnecessary replication traffic.

Industry reputation in sector

CA eTrust is very rarely chosen to be used on Lotus Domino infrastructures and they are feared as an unknown. The Gartner research backs this up. The McAfee product is highly criticised in Notes admin forums and user groups for being un-friendly to use. Trend and Symantec are highly regarded, Symantec a little more so as their AV product was developed by IBM/Lotus engineers.

Content Filtering functionality

How easily the product could be used to block keywords like sexual content, profanity etc. Our winners allowed an easy blocking of messages based on a centrally managed block list.

Attachment Restrictions

Is it possible to block attachments based on type, size, content etc. If so, how easy is it. As above our winners allowed an easy restriction of attachments based on a centrally managed block list.

Quarantine Database

Is a centralised quarantine database in use and how easy is it to use.

Admin Notifications

When a virus is found, message is blocked or attachment filtered what notification are sent and how easy are they to configure. CA eTrust emails the live virus to the admin team!!! McAfee couldn't be fully configured and some unwanted notifications couldn't be turned off. Symantec was the most flexible and easiest to configure.

Mail Scanning

How good the product was at handling the scanning of messages, particularly signed and encrypted content.

Database Scanning

How good the product was at handling the scanning of replicated attachments. The CA product can't scan replicated documents. The McAfee product quarantines all encrypted content.

Co-Existance with other AV products

If another product is chosen to protect the OS side of the server, how well they would co-exist. In the case of CA, the CA OS product had to be installed alongside.

Outbreak Management

It's not unusual for a virus to enter the email system before it is known with the virus signatures. As soon as the signatures are updated, it's important to clean up any dormant viruses with a manual scan of all attachments in all areas. All products offer this functionality except CA.

Disclaimer Handling

Can a disclaimer be added to messages, either a corporate footnote or a "scanned for all viruses" style message. Our winner allowed specific disclaimers in local language to be applied as required to messages.

    No Comments Found
Add Comment
Web Site:
Comment:  (No HTML - Links will be converted if prefixed http://)
Remember Me?