Antivirus programs for NetWare 6
Novell Cool Solutions: Trench
Digg This -
Posted: 4 May 2004
Question: Jim G. wrote: I have tried number upon number of antivirus programs on my Novell 6 test server and to no avail. Anywhere from a hour to a week the server abends by dismounting the drive. Have you ever heard of this?
I would like to put a Antivirus solution on my NetWare Boxes but I am having no luck. I have tried:
- Computer Associates
Either they abend the server or don't work with regular operating systems well enough to be used in a working environment.
Answer: Check this page in the Partner Product Guide. There are lots of choices in there. Anything with the Yes Tested and Approved icon is probably your safest bet. Anyone got any suggestions for Jim?
- Mark L.
- Donna L. Seiser
- Rolf Fett
- David Benjamin
- Randall Diekmeyer
- Jeff Critchlow
- Bryan Diller
- Tim Wessels
- Syed Quadri
- Crystal B
- Sami Kapanen
- Tony Anstis
- Jens Hübner
- Matthew White
- Andreas Troger
- Mark Steele
- EKInfo Kochis
- Jean-Paul Carter
- Ian Belton
- Dave Wymer
- Christian Rioux
- Peter Scherre
- Hank Torrance
- Joe Zazzaro
- Timothy Ste. Marie
- Bruce P. Shay
- Bradley Jerome
- Glenn Yunashko
- German Caro
- Victor M. Coscodan
- Carol Northcut
- Liza M. Hazzard
- Peter Pinti
- James Hammond
- David Albaugh
- Brett Wheeler
In response to your question, I have been using McAfee Netshield for some time and found it to be very stable. V4.61 I believe is the current version with scan engine 4.2.40.
Hello Jim. Use Symantec Enterprise Edition; install the AV on a low-end Windows 2000 (not server) box and let it update the NetWare Servers. Works great for us and no abends. Good luck!
We experienced the same trouble finding a "decent" (i.e. not harming the server-operations) antivirus-sw for NetWare. What definitely works (at least for us) is Server Protect 5 from Trend Micro. We have had it running for a couple of months now without any glitches whatever. Only drawback is that you need a Windows box for management since the product is actually a enterprise solution. Our environment consists of eDir 8.7.1 on NW 5.1 / 6.0.
Jim, I agree with Donna. We have been using Symantec Enterprise Edition for several years and it has been the most reliable. In my previous life, four years ago, I worked with McAfee, Computer Associates and Symantec. Symantec is the easiest and most stable that I've used.
We used InoculateIT (or InocuLan) on NetWare 4 - 5 successfully for many years. It does require the most current patches of the AV stuff, and we had to turn off the Probe process. Currently we have eTrust on 3 NW 6 SP3 servers, and it is working fine. I especially like the automated signature update in the current version.
Try Nod32 for NetWare from Eset. We have been using it for over six months without issue, and Eset updates the definitions as needed, sometimes two and three times a day without impact to the server.
We use Symantec on all of the NetWare and Microsoft boxes, except for our GroupWise and NetMail servers that use McAfee. We found that McAfee was working better on GroupWise with GWAVA and it's supported on NetMail while Symantec isn't. Plus with multiple vendors at least one should catch all of the viruses. With our Symantec clients in less than an hour, we can have all 2000+ machines upgraded to the newest dats.
I've run McAfee NetShield for NetWare 4.60/4.61/4.61d with good results on NetWare 5.x/6.x servers. The 4.61d version is needed if you plan to use the Network Associates (McAfee) ePolicy Orchestrator which is WIN32 program.
I have been using McAfeefrom Network Associates for many years now, and it seems to do its job. I have had very rare abends due to Netshield. It has good alerting and auto update features.
I am curious to know what kinds of problems (a resource leak or other apps) Jim is having with Sophos. I consult with two school districts that are both Novell shops running anywhere from 3.12 to 6.0 and don't have a problem with Sophos. I find Sophos to be very simple to install and maintain compared to other software I have dealt with in the past (McAfee and Symantec Corp Edition).
I can vouch for the Symantec Antivirus CE 8.x too, it has worked really well.
NetWare servers can get updates automatically from Symantec and spread them along in your environment, to other servers and workstations. We use Symantec AV on our workstations as well, NetWare is the Primary Server / backend for the AV updates and roll-out installs. No "extra" Windows boxes needed ;-)
We use McAfee Antivirus for both our NW5.1, NW6 and Windows servers and it is very stable. We tried Kaspersky, and our servers kept rebooting - not good.
We use also the product McAfee Netshield for NetWare in Version 4.61 and Hotfix E, with the new Scan Engine 4.3.20. The new Scan Engine fixed some Abends with corrupted and password protected Zip Files. It works very well. But you should use this Version only on NetWare 6. On Netware 5, you should use Netshield Version 4.5! We have one 8 Node NetWare 5.1 and one 8 Node NetWare 6 SP1 Cluster. The new Scan Engine is great.
Jim. We've been using Panda Antivirus for just over two years now on about 15 NW boxes. We haven't had a single abend related to the Antivirus NLM's. They are very Novell-aware and just released a newer version for faster scanning on our NW 6.5 SP1 boxes. Givem a look.
We have been using Symantec Corporate Edition 8.x for 8 months.
Automatic update of virus definitions, detection and cleaning of infected files is working really great! Also the overview and logfiles of the clients are very useable.
Sometimes Symantec needs more time to deliver the newest definitions to a new threat than one of its competitors, but I think that's ok, when the software is running with stability.
There was one incident/abend two months ago in the rtvscan.nlm, but since I am starting Veritas Backup Exec after Symantec AV there were no more problems.
I highly recommend this product!
I found McAfee Netshield to be stable but it did hit performance. It could slow backups down by as much as 70%, depending on how you configured it and the data set you use. The performance hit probably won't be noticed by users except with large files but the backup time might increase to the point where it becomes unacceptable. Other a/v packages probably have much the same overhead. My tests were conducted 18 months ago on a PIII 1.4 GHz server - a P4 at 3 GHz might not be so badly affected.
I have been using CA's Inoculate v4.53. for years and have recently upgraded to v7.0 for NetWare (now called eTrust).
I have used v4.53 on NetWare 5.0 and 6.0 (possibly even on 3.12.. cannot remember that far back) and about a month ago upgraded to v7.0 on my NW6 servers. The new version installs in a snap and is controlled by the central eTrust Admin Server. My servers are stable as ever! Highly recommended!!!
We are using Kaspersky v5 on six servers and it runs fine. One server is our Gee-Whiz email scanner server for NetMail and GroupWise. We like v5 much better than the previous v4 version. We switched from Mcafee after having many problems with their scan engine and babysitting the pattern file update process.
We currently use Sophos sweep on our servers with no problems. We run a scheduled overnight job, and more recently realtime scanning on our 'shared' volumes (due to the nature of the netsky virus!).
We have been using SymantecSymantec Corporate Edition for the last three versions and are happy with it. Symantec has made great progress in both stability and usablility with each new version, which is something we wish all vendors did. It has worked for us on NW 5.5 and 6.0. We have also been successful using it across 10 frame relay connections and it has worked well there.
We liked Mcafee for our Netmail server, but their licensing is so restrictive, that even if we wanted to use it only for our NetMail server, we would have to buy it for all the computers in the college. :-(
I have installed Kaspersky for NetWare Version 5.01 on several servers. I already had installed version 4.0 some time ago. Everything works good. The partner support at Kaspersky is exceptionally good. The update mechnism is quite comfortable and even works through a proxy.
We were using Mcafee for years and found it very stable, we switched to Sophos two years ago due to superior detection and updates. While McAfee would sometimes cause high utilization it did not ABEND the server. As for Sophos we have had no problems whatsoever. Have you contacted their tech support?
We have been using Mcafee for a few years now. Good product, we have recently installed the McAfee eorchestra product also which really streamlines the DAT file upgrades to workstations and servers. The reporting is great.
Sophos was a disaster for me. I had a school district where it was loaded on both the client stations and the server. It kept abending the server. When I contacted tech support they said you can't scan the files on the server and the workstation. They suggested turning it off at the server. I asked them what the point of having a server based AV product was if I had to turn it off....
I have to agree with Crystal B., Sophos is easy to install. Updates can be automated for both the file server(s) as well as all workstations -- Windows, Mac, Unix, Linux. Very low processor overhead. I have yet to see it abend a file server. Small, fast updates. Many reporting and notification options. 24x7x365 tech support included. Free corporate employee copies for home use.
We use Nod32 antivirus for NetWare on the servers as well as using it on the workstations. It is very easy to setup and configure for the servers or workstations. It has not once crashed or burned the servers since it was installed in November 2001 for workstations and February 2003 for servers, and has a very small footprint on the systems. You can get a trial version from http://www.Nod32.com or http://www.nod32.com.au Schools get the programs at half price. If you have any questions please don't hesitate to contact me
From a performance standpoint, Sophos and Trend Micro have two of the best server engines and they do not have ABEND issues. We automate the update process for servers and all the local and remote users and set it so that endusers cannot disable their AV as they can with other products. Since the average virus ID file for Sophos is actually under 2k, the update process has no real effect on the system. They even provide you with a full refresh via CD monthly. Sophos actually tweaks existing code to catch new viruses so that your systems don't have to churn through tons of old IDs.
As for tech support, I can reach a live knowledgeable person at Sophos in a minute, vs waiting for days for a call backs from CA and most others. Better still, they run on NetWare, which means that I can eliminate the cost and performance hits associates with running another M$ box as you have to with Command and GWguardian and many others. We support a large number of schools and organizations with very limited buggets and staff so these are all big issues.
We just had a local college (30,000 + students) run a side-by-side trial with Sophos vs their existing Symantec. The results were that the staff preferred Sophos but management stayed with Symantec due to its slightly lower upgrade price. Less than a month later they got hit hard by the latest virus. No product is perfect not even NetWare, but we have worked through the issues with Sophos and Gwava, and they do work well together. I actually get compliments from customers when they see the wealth of spam that is blocked and viruses caught by this duo.
Jim, we've tested and evaluated solutions from McAfee, Symantec, and TrendMicro. We standardized on Trend Micro as being the most functional, complete, simple, effective, and multi-platform solution available not only for all our NetWare 6 boxes but also Windows 9x, 2K, XP Desktops, Laptops, and even Palm Pilots. We even have it running on our Notes box. They even have a Linux version if you plan on testing some Linux for your shop. If you only need to protect the servers go with Server Protect. Although this should provide you with coverage you might also want to take a look at their OfficeScan solution for your desktops and laptops. Good Luck.Kaspersky v5 on Novell servers, all workstations and other servers. We have only one small problem - antivirus for email. But we resolve this with KAV scanner for workstations (use SMTP Service Queues Directory in GroupWise).
KAV5 is a good version, much better than version 4. We've used KAV for three years (we switched from Mcafee) and haven't had any problems (good scanner and live monitor, email and message notifications, good scheduler, automatic live update every day, administration from ConsoleOne). And good price!
Like others who have posted here, we have been using Sophos on our NetWare 6 servers and are quite satisfied. The only problem we've had was in conjunction with GWAVA on the GW server running the MTA. Sophos' decompression engine wasn't properly decompressing the Netsky attachment for GWAVA to scan it, and infected mail was getting through. We switched to GWAVA's decompression engine until Sophos could solve the problem. It was never a problem with the other eight NetWare servers.
We now have eManager up and running, and it's keeping all our servers and workstations up to date with the latest IDEs as soon as they come out. It's a beautiful thing.
Additionally, Sophos' support has been fantastic. There are techs who actually know NetWare!
I have McAfee Netshield running on 5.5 and 6.0 boxes. Updates to the definition files are done automatically. Runs great.
Hey Jim, I am a consultant in New York and we only install Trend Micro. Never had a problem yet. Been running this on the servers for years.
I have also used/tried several AV programs (and versions) and keep returning to the Symantec AV Corporate Edition.
I have found that load order, realtime protection level and compressed file depth are critical performance considerations (love scanning those JAR files).
In a non-recommended configuration, I actually run Symantec CE in real-time protection mode against my BorderManager cache volumes. Performance hit? Sure - but it has intercepted tons of imbedded viruses and code exploits (necessary since I cannot guarantee all the potential proxy clients have any AV program installed).
It doesn't sound like a anti-virus software problem but a RAID or SCSI problem. We recently had the exact same symptoms on one of our servers. It turned out to me a flaky RAID controller.
We have been using Sophos for a few years now. At one stage we were having problems with it causing abends, but following one update they stopped - cause still unknown! Since then Sophos has caused less problems than NDPS.
In short I am quite happy with Sophos.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com