Two Scanning Engines eTrust Antivirus has one brand name, but provides two different scanning engines stemming from two different product acquisitions: InoculateIT, originally developed by Cheyenne Vet, originally developed by Cybec Although the two scanning engines have two separate development groups within CA, they can be managed together from a single management console. Single-Console Updating eTrust Antivirus offers a flexible signature update procedure. The updates are free and are automatically downloaded from the Internet to the corporate server based on an update frequency defined by the network administrator.
The network administrator also has the option to choose to examine the updated signature file on a local machine to ensure there are no conflicts with network software. When the signature file is approved, it is automatically disseminated to all other systems on the network down to the desktop. Real-Time Virus Scanning eTrust Antivirus uses two primary scanning methods to scan for viruses in real time: The first is a proprietary signature-scanning method which scans for known types of viruses, including polymorphic, multipartite, stealth, script and macro viruses, in addition to worms and Trojans.
The second is a heuristics-based scanning to detect unknown viruses. With its use of positive and negative rules, the heuristics engine attempts to keep the number of false positive results to a minimum. The organization can to choose up to three levels at which to scan, with each level varying on the type of scan and the speed at which the scan is performed. These levels can vary from desktop to desktop based on the parameters defined by the network administrator. Fast Scan is the fastest because it scans only the header of the file, determines what the checksum is and opens the file only if it is determined to be virus-free.
The Secure Scan level scans every part of the file to detect for viruses. The Reviewer Scan, which is the slowest, adds the entire heuristics rule base to the scanning process before tagging the file virus-free. CA treats eTrust Antivirus as an integral part of its entire security strategy and has implemented that philosophy in two ways: First, each of its security products can be managed from a central console; signature file updates can be distributed from a single console.
Second, it made the antivirus functionality part of the eTrust offering, which includes an integrated portfolio of software to enable security in an e-business environment.
For these customers, central administration is an important element of CA's eTrust strategy. In addition, eTrust Antivirus also integrates into eTrust Security Command Center, which can manage all the security products in an enterprise.