McAfee uses Web to catch new bugs

At least once a week during the winter months in Canada, somebody somewhere can be heard lamenting, “They can put a man on the moon, but they still can’t find a cure for the common cold.” In the IT world, security software manufacturers are working hard to not only find a cure for the common – and not so common – virus, but to find a way to manage it.

McAfee, a division of Network Associates Inc. has taken a step towards managing those pesky bugs with its release of ePolicy Orchestrator (ePO) 2.0.

Eric Hemmendinger, a senior analyst of information security at Boston’s Aberdeen Group, considers virus management to be a natural progression for suppliers of security solutions.

“If you go back five years, anti-virus products were set to deal with stuff that came in over floppy disks,” Hemmendinger explained. “Then this Internet thing happened and the amount of file transfer that happens over floppy disk has basically dropped down to zero. It’s all across the network now, and most viruses are transferred across the network, more often than not through e-mail.

“The anti-virus suppliers found out that they had to be able to deliver updates much faster, and they had to figure out how to do incremental updates, so that instead of telling you that you had to download the whole thing all over again, you could download just what’s needed to make the DAT file whole,” Hemmendinger continued. “And what happened is over time they all became comparable in terms of desktop detection and prevention capability. So the next big battleground, and this is where the Melissa virus came in, was to deploy this stuff on the gateways and servers to stop it before it really takes hold.

“The next phase after that is management tools,” Hemmendinger concluded. “This is a continuation of that process for Network Associates. ePO is a natural progression for them and ePO 2.0 is a continuation of the capabilities that they initially provided in 1.0.”

ePO is an anti-virus policy management tool that offers cross-vendor reporting, a feature that is paramount, according to Toronto-based Doug Cooke, the pre-sales system engineer team lead for Network Associates Canada.

“For every desktop that is a part of an infrastructure, this tool will know what level of anti-virus security there is,” Cooke stated. “It will know every area of entry and can therefore protect an organization using 2.0.”

Cooke explained that this is particularly important for companies that use contractors or consultants that bring in their own laptops with other security software installed. ePO 2.0 is able to detect and monitor other anti-virus software.

“The key capability of the product is to do two things,” Cooke said. “One is to manage your anti-virus environment, and two to report on it from an anti-virus perspective. This has all been prompted as the anti-virus marketplace has matured and as companies come to realize that they need a comprehensive, sophisticated capability to monitor and manage virus breakouts that can happen in their organization. It’s a mission-critical application.”

eP0 2.0’s Internet-based management is able to scale up to 250,000 desktops, a feature that Peter Lindstrom, an analyst from Framingham, Mass.-based Hurwitz Group, believes could be the application’s most attractive.

“It seems to me that the Web is the most useful tool for managing multiple desktops,” Lindstrom assessed.