Computer Associates Etrust Antivirus Manual
Computer Associates Etrust Antivirus - Administrator Guide, size: 2.8 MB
Anti-Virus/PC Diagnostics Software ETRAV71XPOEMRT COMPUTER ASSOCIATES - Primary InformationPlatformWInService & Support Type1 YEAR OF SUPPORT
Brand: CA Computer Associates
Part Number: ETRAV71XPOEMRT
Here you can find all about Computer Associates Etrust Antivirus, for example manual and review. You can also write a review. [ Report abuse or wrong photo | Share your Computer Associates Etrust Antivirus photo ]
User reviews and opinions
|langman||5:58pm on Wednesday, August 4th, 2010|
|I got this free through road runner. It blocks my internet access, refuses to unistall. I got this free through road runner. It blocks my internet access, refuses to unistall.|
|Wim||3:53am on Friday, July 30th, 2010|
|I purchased a 3-pack about a year ago. When renewing I purchased anothers 3 renewal keys. I ended up with nine.|
|Bud||5:40pm on Monday, April 26th, 2010|
|I got this free through road runner. It block... None- except it was free Alot, read review|
Comments posted on www.ps2netdrivers.net are solely the views and opinions of the people posting them and do not necessarily reflect the views or opinions of us.
Computer Associates eTrust Antivirus v 7.1
Analyst, Information Security
Senior Analyst, Information Security Contents
Product Assessment Summary
Product Strengths & Weaknesses
Product Strengths & Weaknesses
Product Buying Criteria
Scanning and Outbreak Containment Management Features Architecture Vendor Support
2005 Current Analysis Inc. All rights reserved. For more information, please call +404 9200, toll-free +787 8947, Europe +33 (0) 14. Or visit our Web site: www.currentanalysis.com
levels the playing field. is about winning
C. Dunlap, A. Braunberg
Current Perspective: Threatening
Computer Associates eTrust Antivirus 7.1 is threatening to competitors because the enterprise suite offers robust security coverage at all points of entry into the enterprise and comes with an extremely aggressive price. CAs cutthroat pricing structure is a deliberate attempt to steal away market share from higher profile AV players Symantec, McAfee, and Trend Micro. CA, like other security vendors, has realized there is a lucrative business in the mid-market space. The company, which has traditionally focused on the high-dollar space, is now moving down market and is using the low pricing structure to gain the attention of customers. This is because customers are typically content to stay with the same security vendor for years. eTrust Antivirus includes a unique dual scanning engine, to promote multi-layered protection, and broad OS support, including Linux. CAs low pricing campaign also includes lifetime signature support for free. CA has cultivated strong channel partnerships with leading systems integrators and sells this suite 100% indirect.
Strengths & Weaknesses
November 10, 2005
Enterprise AntiVirus in Information Security - U.S.
eTrust Antivirus uses two scanning engines within the suite which is supported by two separate research divisions. This appeals to customers looking for layered protection. eTrust Antivirus is aggressively priced, undercutting the competition significantly. The pricing strategy is CAs attempt to displace competitors, and is a good way to be considered in the customers buying process. CA offers lifetime access to signature updates without having to update software licensing. CA provides a broad range of operating system support in this product, including Linux.
CA is a name with less notability at the desktop than its competitors. As the glue that holds this suite together, CAs centralized management product, eTrust Security Command Center, is not as well known as other popular consoles such as McAfees ePolicy Orchestrator. Usability of eTrust is not straightforward and fine-tuning of the product before deployment is time-consuming. The user interface, while simple to learn, is said to be cumbersome to use on occasion. eTrust does not include anti-spam technology in this suite.
Product Assessment: Computer Associates eTrust Antivirus v 7.1
Scanning and Outbreak Containment
eTrust Antivirus provides anti-virus protection for the gateway, groupware server, and desktop in a single suite. The software provides scanning at the gateway for HTTP, FTP, POP3, and SMTP, and groupware tools to remove viruses and other malicious code from e-mail, attachments, and public folders. eTrust includes two scanning engines developed by two different groups within the company for double the virus protection redundancy. Company officials claim 100% detection of in-thewild viruses. eTrust provides incremental signature updates, and includes a redundant signature distribution system so anti-virus clients are rerouted to the next available signature server when a signature distribution server is down. Like most competing offerings, eTrust does not include anti-spam technology. Customers may purchase an add-on product, called Secure Content Manager, CAs own technology, which guards against spam and other unsolicited e-mail.
CA provides central, policy-based management through its console called eTrust Security Command Center. The console is simple to learn, but can be cumbersome to use, requiring extra drag and dropping, and pointing and clicking during policy updates. The eTrust console was recently enhanced to centrally manage heterogeneous enterprise environments. Security Command Center supports correlation and event management and links to third-party anti-virus solutions, intrusion detection systems, and firewalls. eTrust provides outbreak containment capabilities, which deploy policy-control templates to each product within the suite, defusing an attack based on the characteristics of the virus before a signature is defined. When a new virus surfaces, the management console automatically collects a set of policy-control templates from the vendor support site. eTrust provides solid reporting capabilities through an integrated reporting engine. The suite offers 60 different report types, including one that details policy compliance by listing the systems that have eTrust installed and which engine and signature versions are running on each system.
eTrust is simple to set-up and configure, but fine-tuning of the product before deployment requires a considerable amount of manpower hours. eTrust provides support for a broad range of operating systems including Windows and Linux environments. Symantec and McAfee do not yet support the Linux platform. In the future, CA says it plans to support Linux client technology that includes real-time and scheduled scanning technologies. eTrust is priced very low, a strategic move by the company in its attempt to displace competitors and become a stronger player at the desktop. eTrust is priced at $25 per seat for 250 to 749 nodes, and $15 per seat for 750 or more nodes.
Competitive response Product Assessment:
Computer Associates Computer Associates provides 24/7 support from its rapid response team called TARGET eTrust Antivirus v 7.1 (Threat Analysis and Response Global Emergency Team), which includes worldwide response
centers that research and respond to threats.
CA maintains two separate research teams, which operate independently to support eTrusts two scanning engines. One is based in the U.S. and the other is based in Israel. eTrust offers free lifetime signature updates, regardless of maintenance contract status. However, while customers are facing increases in annual support costs, this is a minor selling point to enterprise customers looking to stay current on product upgrades and have access to vendor support. CA customers have wider service and integration support through the companys strong channel partners. CAs distribution model includes 100% of the eTrust product being sold indirect.
All materials Copyright 1997-2005 Current Analysis, Inc. Reproduction prohibited without express written consent. Current Analysis logos are trademarks of Current Analysis, Inc. The information and opinions contained herein have been based on information obtained from sources believed to be reliable, but such accuracy cannot be guaranteed. All views and analysis expressed are the opinions of Current Analysis and all opinions expressed are subject to change without notice. Current Analysis does not make any financial or legal recommendations associated with any of its services, information, or analysis and reserves the right to change its opinions, analysis, and recommendations at any time based on new information or revised analysis. For additional reproduction rights and usage information, go to http://www.currentanalysis.com.
Current Analysis, Inc. 21335 Signal Hill Plaza, Second Floor, Sterling, VA 20164 Tel: +404 9200, Toll free 894
2 rue Troyon, 92316 Sevres Cedex, Paris, France Tel: +33 (1) 83 17
Product: Computer Associates eTrust Antivirus v 7.1
Antivirus Features Real-time detection/removal/remediation of spyware Application exclusions for setting custom policies Integrated AV and anti-spyware Tamper Protection AntiVirus Capabilities Real-time and On-demand AV File System Scanning Scheduled AV Scanning Real-time AV Attachment Scanning for Lotus Notes Realtime AV Scanning for Incoming/Outgoing POP3 In-memory Scanning Outbound E-mail Worm Blocking Network Server Anti-virus Protection Scan Individual File, Folder and Drive Forced Restart of Real-time Protection if Disabled Heuristic Scanning Includes Scan Throttling Options Initiates Scheduled Events that are Missed Identify Host that Dropped Threat on Machine Quarantine/Submit Suspicious Files for Analysis Detect and Remove Adware and Spyware Applications Compressed File Scanning Client System Can Roam to Another Mgmt Server Laptop Battery Optimization Automatic Updating Capabilities Antivirus Signature and Engine Updates Management Server ''Pushes'' Content Updates Centralized Content Update Server Management Features Central Management Console Deploy Invisible Client Install Identify Clients w/o AV/Third-party AV Protection Uninstall Third-party AV Software Deploy from Management Console Value No Yes No Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Deploy from Web Server Deploy from Log-in Script Deploy from Network Share Deploy Using Third-party Distribution Tool Pre-configure Client Policy with Lockdown Settings Deploy with Elevated Privileges Central Quarantine of Suspicious Files Submission/Response of Suspicious Files Remote Policy Compliance (VPN) Real-time AV Protection-enabled Real-time Heuristic Scanning at Specified Level Real-time AV Protection on Specified Files Content Update Session Completed Installed Antivirus Client Version is Specified Virus Definition Files No Older than Max Age A Specified Scan Ran Within the Last (n) Days Microsoft Exchange/Outlook Plug-in is Enabled Lotus Notes Plug-in is Installed and Enabled Auto Remediation if Virus Defns are Out of Date Auto Remediation if Real-time Protection is Off Alerts Customizable Text in Alert Message E-mail SNMP Trap Pager Run a Program Write to System Event Log Tray Icon Shows Alerts and Disables Logging and Reporting View Detailed Logs from Console Logs Date and Severity of Attacks Filters Event Data Sent from Client to Mgmt Server OS Support - Windows OS Support - Other Platforms Mail Security Yes Yes Yes Yes Yes Yes No Yes Yes Yes Yes Yes Yes Yes Yes Yes No No Yes Yes Yes No Yes Yes Yes Yes with SCC Yes Yes Yes Yes Yes Yes Yes Yes Value
Product Metrics (contiuned)
Platforms: Windows 32/64bit, Mac OSX, EMC, NetApp, Novell, Solaris, HPUX, RedHat Linux, Suse Linux, Sun JDS (linux), Linux S/390, Windows Mobile/SmartPhone, Palm, XP Embedded, Exchange, Lotus Notes/Domino OS Support Mail Security AV Capabilities Real-time Scanning Scheduled Scanning On-demand Scanning Incremental Scanning Message Store Scanning True-file Typing Malformed MIME Threat Detection Heuristic Antivirus Scanning Quarantine Suspicious Files Scanning Compressed Files Container Limits (''Zip of Death'' Prevention) Filename Blocking Extension Blocking Mass-mailer Cleanup Spam Prevention Integrated Anti-spam Subscription Service Option Detection Sender Blocking Real-time Blacklist (DNSBL) Support Filtering by Subject Line Filtering by Message Body Heuristic Antispam Engine Custom Subject Line Tag Optional X-Bulk Header Spam Score Handling Prevents Relaying Non-local Requests (Antirelay) False Positive Prevention Sender Whitelisting Whitelist by Full Domain Whitelist by E-mail Address Whitelist by Sub-domain Windows, Linux Data not available Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No Yes with SCM No Data not available Yes Yes, with SCM Yes Yes No Yes with SCM No Yes with SCM Yes Yes Yes with SCM Yes with SCM Yes with SCM Yes with SCM Whitelist by Top-Level Domain (TLD) Whitelist by Domain Using Wildcard Auto-generated Whitelist Recipient Whitelisting Content Enforcement Subject Line Blocking Message Body Filtering Rules-based Filtering Attachment Scanning Custom Disclaimers Automatic Updating Frequency of Virus Definition Updating Virus Signatures Scan Engine Updates Unified Virus Definition Update Heuristic Antispam Engine Definitions No Service/System Restart on Scan Engine Update Management Features Centralize Server Configuration Web-based Management UI Role-based Administration Auto-refreshable Configuration File Graphical Reporting System Alerts Message Quarantine Outbreak Alerting Centralized Reporting Mail Security Technology Integration Single-source Install Virus Scanning/Anti-spam/Content Enforcement OS Support Anti-virus Real-time Scanning of HTTP/FTP over HTTP Traffic On-demand Scanning Quarantine E-mail Alerts on Virus Infection Yes Yes Yes Yes, with SCM Yes Data not available Yes No No Yes No Yes Yes with SCM Yes Yes Data not available Yes Yes with SCM Windows, Linux Value Yes Yes Yes Yes Yes with SCM Yes with SCM No Data not available Data not available Yes Yes Yes Yes Yes with SCM Yes
E-mail Alerts on Virus that Cannot be Repaired URL Filtering List-based Filtering Using Pre-defined Categories Real-time Heuristic Filtering of Web Page Content Blocked Site Override Custom Local Category Support Per User, Per Group, Per Computer Policy Options Time of Day, Day of Week Scheduling Allow-only Mode Locked Mode Audit Mode Auto Alert when Threshold of Blocked Sites Reached Auto Locking of Internet when Threshold Reached Management Central Policy Mgmt Using LDAP, Active Directory Secure Authentication Central Authentication Support Leveraging LDAP HTML-based User Interface Access Control List Support for Granular Mgmt Reporting Detailed Activity Reports Built-in Graphical Reporting Support for Event Manager for AntiVirus Most Active Users/Computers Top 10 Web sites Accessed Bandwidth, Traffic Statistics Management, Configuration Change Information File Filtering Blocking by Attachment Type Container Limits (''Zip of Death'' Prevention) OS Support Yes Value Yes with SCM No Yes with SCM Yes with SCM Yes with SCM Yes with SCM No Yes with SCM Yes with SCM No No Value No Yes No Yes Yes Value Yes Yes Data not available Yes Yes No No Value Yes Yes Windows, Linux, Solaris, HP, Windows x64 Value Additional Dedicated Contacts Available Proactive Alerting Available Product Notification Service Available Technical Account Manager Available Dedicated Worldwide Security Research and Response Regular Security Protection Updates Response Centers WorldWide Professional Services Available Licensing Options Sold on a per Node Basis Includes One-year Technical Support Includes One-year Upgrade Insurance Second-year Extended Maintenance Available Third-year Extended Maintenance Available Support Features 7X24X365 Extended Hours Available Number of Dedicated Contacts Level 1 Number of Dedicated Contacts Level 2 Number of Dedicated Contacts Level 3 Yes Yes Yes Yes Value Yes Yes Yes Yes Yes Value Yes 6 people in North America 6 people worldwide These resources are not dedicated, they are a part of the 'Integrated Threat Management' development team (AV + PP) of 42 Yes Yes Yes Yes ('Technical Operations Manager' +C16 and 'Threat Marshal')
Vendor Back-end Response
The process of updating virus definitions on workstations protected by Deep Freeze Enterprise involves three fundamental steps: 1. 2. 3. Rebooting the workstations into a Thawed state so the updates are kept upon restart Updating the virus definitions Shutting down or restarting the workstation into a Frozen state
This white paper provides technical information on how to approach these steps with CAs eTrust Antivirus. Deep Freeze is not marketed as an antivirus product. However, Deep Freeze will protect workstations from any virus. Just restart the Frozen workstation and the virus is gone. Many viruses require a fundamental change to be made to the core files and only become active on restart. With Deep Freeze installed and activated, these viruses will be deleted upon restart and therefore never become active. Ensure the BIOS is set to boot directly to the C: drive and that the BIOS is protected with a password; failure to do so can result in boot sector viruses being transferred to the hard disk drives via infected floppy disks. Setting the Workstations to a Thawed state In order to make any permanent changes, the workstations protected by Deep Freeze have to be set into a Thawed state. Those permanent changes include antivirus updates; therefore, the workstations must be rebooted into a Thawed state before applying these updates. There are three ways to remotely set workstations into a Thawed state: By manually using the Deep Freeze Enterprise Console By setting up an Scheduled Maintenance Period By using the Command Line Control
Manually Using the Deep Freeze Enterprise Console The Enterprise Console contains a toolbar at the top of the screen that allows quick access to the functions of the Console.
To boot a workstation into the Thawed state, select the workstation and click the Thaw Workstation icon on the toolbar. Alternatively, right-click and select the Set Computer(s) to Thaw option in the context menu.
Click OK in the confirmation window. The selected workstations now restart in the Thawed state.
Setting up a Scheduled Maintenance Period There are two ways to set up a Scheduled Maintenance Period. One is to set it up when configuring the Deep Freeze Enterprise installation files with the Configuration Administrator (best method for new deployments) and the other way is to create or update the Maintenance Period using the Enterprise Console. Assuming you have already deployed Deep Freeze throughout your network, the following instructions elaborate on how to create/update the Maintenance Period with the Enterprise Console. 1. 2. Open the Enterprise Console. Select any workstation and right-click on it. Select Update Maintenance Period.
A toolbar appears at the bottom of the screen.
Click New. The Configuration Screen appears as shown. It only contains the Restart/Shutdown, Maintenance and Advanced Maintenance options.
4. Click on the Maintenance tab and place a check in the Enable Thawed Maintenance Schedule check box. Also place a check beside each day you want the Maintenance Schedule to run. 5. Set the Maintenance start time for each day in the Start Time column, and the end time in the Stop Time column. 6. It is recommended that the Disable keys option is checked so the keyboard and mouse are disabled while the workstations are in the Thawed state. It is also important to check the Shutdown box so Deep Freeze shuts the workstations down at the end of the Maintenance Period. Otherwise the workstations are restarted after the Maintenance Period is complete. 7. Close the Configuration Screen. A pop-up message appears, requesting the administrator to select the workstations to send the new configuration to. 8. Select the workstations to be updated and click Send. This action updates all the selected workstations configuration on the fly. This means the workstations dont have to be in the Thawed state for the configuration updates to take place. Controlling Deep Freeze Through the Command Line Control - DFC The Deep Freeze Command Line Control (DFC) offers network administrators increased flexibility in managing Deep Freeze workstations. DFC works in combination with third-party enterprise management tools and/or central management solutions. This combination allows administrators to update workstations on the fly and on demand. It is important to note that DFC is not a stand-alone application. DFC integrates seamlessly with any solution that can run script files, including standard run-once login scripts. DFC commands require a password with command line rights. OTPs cannot be used. List all commands by calling DFC without parameters. The files are copied to C:\WINDOWS\system32\DFC.exe
DFC Boot Control
DFC password /BOOTTHAWED
DFC password /THAWNEXTBOOT
DFC password /BOOTFROZEN
DFC password /FREEZENEXTBOOT
Restarts workstation into a Thawed state. Only works on Frozen workstations. Sets up workstation to restart Thawed the next time it restarts. Only works on Frozen workstations. Does not force workstation to restart. Restarts workstation into a Frozen state. Only works on Thawed workstations. Sets up workstation to restart Frozen the next time it restarts. Only works on Thawed workstations. Does not force workstation to restart.
DFC Status Query
DFC get /ISFROZEN
Queries workstation if it is Frozen. Returns 0 if Thawed. Returns 1 if Frozen.
DFC password /CFG=[path] depfrz.rdx
Replaces Deep Freeze configuration information. Works on Thawed or Frozen workstations. Password changes are effective immediately. Other changes require restart.
Example Batch File Below is a sample batch file that can be modified for use with any antivirus software that supports updating through a command line.
@ECHO OFF \\SERVER\SHARE\FOLDER\DFC.EXE get /isfrozen IF ERRORLEVEL 1 GOTO FROZEN IF ERRORLEVEL 0 GOTO THAWED :FROZEN
ECHO Errors where encountered running the command line control on this workstation. \\SERVER\SHARE\FOLDER\DFC.EXE password /bootthawed GOTO END :THAWED
REM ********************************************************************** REM * Insert the command to update the antivirus software here. * \\SERVER\SHARE\FOLDER\DFC.EXE password /freezenextboot REM Send commands to reboot the system. REM For Windows 95/98/ME REM **********************************************************************
RUNDLL32 SHELL32.DLL,SHExitWindowsEx 2 RUNDLL32 USER32.DLL,ExitWindowsEx 2 RUNDLL32 USER32.DLL,ExitWindowsEx 2 REM For Windows XP SHUTDOWN -s -t 01 GOTO END :END
REM For Windows 2000 (may need to be called 2x)
Updating the Virus Definitions
This document provides three different ways to approach virus signature file updates for CA eTrust Antivirus clients. 1) Do Nothing The virus signature file continues getting updated every time the workstations are restarted or whenever the updates are pushed down, but the changes are lost upon reboots. On fast-switched networks this has a negligible impact on the boot-up time. The workstations have the latest definitions at all times. The only downside of this method is that, with time, the signature file keep growing bigger. Therefore, it is recommended to schedule a Thawed Maintenance Period at least twice a year to make the updates permanent. 2) Manually Update the New Virus Definitions 1. Using the Deep Freeze Enterprise Console, set the workstations to reboot into the Thawed state. 2. When the computers are back on, right click the eTrust icon on the system tray to access the menu. 3. Select Download Updates Now, this will automatically download and apply updates from the distribution server as shown below.
This immediately updates the Virus Signatures.
3) Scheduling the Virus Updates From the Local Computer 1. 2. 3. Using the Deep Freeze Enterprise Console, schedule a Maintenance Period as per instructions provided on p. 4-5. Right click the eTrust icon on the system tray and choose About on the menu. On the Summary page, click on Change your update settings here.
On the Update tab set the date and time that updates will be downloaded to correspond with the date and time of the Maintenance period configured in step 1.
4) Scheduling the Virus Updates from eTrust Threat Management Console 1. 2. Using the Deep Freeze Enterprise Console, schedule a Maintenance Period as per instructions provided on p. 4-5. Open the eTrust Threat Management Console and click on the Policy Management tab
On the Policy Management tab select Common on the Applications drop down menu, and then select Content Update on the Type menu and click on New to create a new policy. Enter a description of the policy and assign the policy to the organization containing the computers to be updated.
Click on the Update Scheduler tab and set the schedule to match the settings for the Maintenance period specified in step one.
Click on the Components tab and select the eTrust components that you want to update. When the appropriate settings have been selected click Apply to finish.
Multifuncao MP436 Switch MX-6000 KDC-4090R RC5215P Player Kameleon 4 Frame 4100TN AOG-524-24 2G BBA 2450 NWD-E023F FJR1300A-2006 NW-7GY GTA 2200 SA-PM41 HL-1670N DH-100 IC-F34GS Studio HDS-10 Terracan MDC-2001 Radio-navigatiesysteem MFD2 Recon Headset H350 KDL-40W5500 FAT BOY Nokia 8801 GT-S50 5 0 SA-HE90 CDU1163 WT1485CW Within V1812W AFD280X FZ6-C PMR 510 4050T KDL-40P300H TX-SR805 DCT646 FM610W IC-W31A DSC-T1 Perfection 640 Guzzi V65 Rdxs34 ZOB 364 VP-ITC Gemini 500 CA-mxjd5 CF220 Silver GO 530 Series RS-M85 Nokia 1202 Comfort 96-85 Mcmy10SCC NW-E003F Photoimpact 11 CTK-531 Caribbean WF8650NHW Nikon FE2 ZKT652DBV DVP-S313 ANH-P9R FS2700F WA141 Powerpod K12 Razr V3M TX-L32u10E - Gold DS106 ZWF1432S GCC-4521B HK884400FG ICF-C414 HW-C560S Anycall EMP-DM1 KDL-26S3020 RX-396RDS SRU4105WM TNB DUO2 SKY EXO CFD-S350 Review R-885 AVR 354 LE40R73BD CR-400 Research LS22 F4 VGN-SR29xn S JT-V22
manuel d'instructions, Guide de l'utilisateur | Manual de instrucciones, Instrucciones de uso | Bedienungsanleitung, Bedienungsanleitung | Manual de Instruções, guia do usuário | инструкция | návod na použitie, Užívateľská príručka, návod k použití | bruksanvisningen | instrukcja, podręcznik użytkownika | kullanım kılavuzu, Kullanım | kézikönyv, használati útmutató | manuale di istruzioni, istruzioni d'uso | handleiding, gebruikershandleiding
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101