Antivirus solutions for Linux

3012

By JT Smith

There are a growing number of companies and GNU Projects coming forward to provide Linux antivirus products. The Open Antivirus Project aims to provide open source solutions to multiple antivirus needs, including squid-vscan (virus scanning with squid), samba-vscan (on-access virus scanning with Samba), and VirusHammer (a standalone virus scanner to be run by end users). Many other features and projects are planned, like rescue disks and remote management. The Open Antivirus Project also has a project page at http://sourceforge.net/projects/openantivirus/.

Commercial products are becoming available in the mainstream for Linux. McAfee, Trendmicro, Panda Software, Sophos, and Central Command all have products for home Linux users as well as enterprise networks.

Installation for all of these products is straightforward and quite easy. Even novice users should be able to follow along without confusion. Most products provide the same basic capabilities, but some provided additional features, such as mail gateway server protection or file server protection. One thing I found disturbing with most products was the lack of SMP support. I run dual processor servers for better performance. Most of the antivirus programs gave a warning during install about not supporting SMP machines, while some simply would not function after installation under SMP. Trend Micro’s ServerProtect, for example, installed nicely on my dual processor Red Hat Linux box, but failed to run. Only after trying to start the daemon manually did I discover that the application would not function on a dual processor box.

Panda Software
Panda Antivirus for Linux

Panda Software provides a free ‘command line only’ version of their software for use on Red Hat systems. The software can be automated easily by creating a script and then scheduling it to run scans at scheduled times, but real time protection is not possible. Updates to the engine are installed manually after downloading new definition files. If you are going to run a Linux workstation this provides a nice cost-effective solution, but too many features are missing to consider it for deployment for on commercial servers.

Central Command
Vexira Antivirus for Linux

Central Command Vexira Antivirus for Linux provides real time protection for workstations as well as servers with the ability to scan email, files, and downloads from external sites. Updates can be downloaded automatically via the Internet, relieving some administration chores. Vexira also has the ability to scan files automatically as they are accessed, and it offers configurable path protection. It also provides email virus notification, blocks access to infected files, and has options for repair – move – rename – deletion of infected files. Vexira provides a command-line scanner, scans archives (.zip, .gz, .tar, etc), and allows for scalable concurrent scanning. Vexira does not provide support for SMP.

RAV Antivirus
RAV Antivirus Desktop

RAV Antivirus Desktop provides a clean graphic user interface for configuring scan engine settings. With the control center you can modify settings for scheduled scans, scan actions such as clean, ignore, rename, delete, or copy to a quarantine folder, and even automated updates.

RAV Antivirus for Mail Servers provides support for most email servers including Sendmail, Qmail, Postfix, and CommuniGate Pro.

Trend Micro
ServerProtect

Trend Micro’s ServerProtect provides virus protection for Linux servers in a mixed Windows environment. Administration is handled through a Web based interface, and allows administrator the ability to run on demand scans, set scan options for real time and on demand scans, and even automatic updates. Because the management console is web based, remote management is made easy. ServerProtect allows administrators to configure automated alerts via email, and SNMP. The logs are easy to read and provide adequate information for dealing with file infections. The down side of this product is its lack of support for newer kernels, and SMP systems.

Sophos
Sophos Antivirus

Sophos Antivirus provides a “command line” version of their software for use on Linux systems. Creating and scheduling scripts can automate scans. Updates must be downloaded and installed manually. This product does a great job of finding and removing viruses, but lacks many features needed by network administrators.

Central Command’s Vexira Antivirus for Linux is the best product of its kind for providing overall features and protection. Its only downfall, again, is the lack SMP support. If Central Command can correct this one shortcoming, they could dominate the Linux market until other companies begin providing more features and automation to their products. The cost for a single workstation is around $40, and $400 for a server.

The best hope, though, is still riding on the open source community to come from the back of the pack and provide the best Linux anti-virus solution.

Mike Dittmeier is the President of Blue Crab Technology, Inc., located inBradenton Beach, Florida. Blue Crab Technology provides IT ManagementServices to small businesses in west central Florida using a combination ofMicrosoft and Linux solutions. Mike has been an MCSE for 6 years, and hasworked in network technology for 9 years as a consultant, IT manager, anddeveloper. You can e-mail Mike at
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
.