Skip navigation
Menu
Security

VIPRE Enterprise 3.1

Executive Summary: With simple installation and immediate protection, Sunbelt Software’s VIPRE upgrade is easy to use and delivers basic virus protection, but the product lacks scalability. Although VIPRE can prevent serious virus and malware infestations on a network, it doesn't offer complete coverage as a standalone antivirus solution.

I’ve never been a fan of antivirus suites, especially their enterprise implementations, which are often difficult to set up and manage, in particular for small-to-midsized businesses (SMBs) with limited technical support. Sunbelt Software has made some big promises for its new VIPRE antivirus/antispyware product, including low utilization of system resources and reduced download time for definition updates, so I was keen to see whether VIPRE delivered on its pledges.

VIPRE Enterprise 3.1
PROS: Is quick and easy to install; uses few resources; does quick scans; integrates with AD; provides customized reporting
CONS: Provides no parent or secondary server support
RATING: 3.5 diamonds
PRICE: From $38.75 per seat
RECOMMENDATION: As part of a multilayer defense strategy working with a simple network, VIPRE should be enough to prevent serious virus and malware infestations.
CONTACT: Sunbelt Software • 727-562-0101 • 888-688-8457 • www.sunbeltsoftware.com

Setting Up VIPRE
I found VIPRE’s setup routine to be quick and simple, and you can customize the configuration any time after the initial install. The setup assumes that you want to configure a single VIPRE Enterprise server with a Microsoft Access database on the back end, although you can also use SQL Server for larger deployments. The server component installs in a few minutes, and apart from installing Microsoft .NET Framework 2.0 and Microsoft Data Access Components (MDAC) 2.6 SP2, if you don’t have them already, there are no complicated prerequisites to install or configuration decisions to make. The product features configurable dashboards, such as the example that Figure 1 shows, which let you create a customized command center where you can access your most-used reports and policy controls.

One disadvantage to the product’s simplicity is that although you can use multiple VIPRE servers in your organization for scalability, VIPRE wasn’t designed to do so. VIPRE servers aren’t aware of each other on the network, meaning that VIPRE can control and report only on agents deployed from a given server. For organizations with distributed networks, updates to agents are throttled by sending data in small 64KB packets. For slow network links, you can increase the time interval between each packet to avoid a logjam of information.

Deploying Antivirus Agents
VIPRE Enterprise is a policy-based system, and you can manage an agent’s configuration using different policies for differing needs. For example, you could configure a policy for notebooks that might need to download definition updates over slow network links, and another for desktops that are permanently attached to a high-speed corporate backbone. Integration with Active Directory (AD) lets you link policies to organizational units (OUs), which can save time if you want to base the configuration on your existing OU structure. The ability to copy settings between policies is also a nice time-saving touch.

VIPRE lets you push agents to clients directly from the administration console and automatically discovers machines on a network, either by using IP address ranges or AD. You can choose to distribute agents as a Windows Installer package (.msi) or standard .exe file through either Group Policy Software Deployment or Microsoft System Center Configuration Manager.

Protection
VIPRE’s real-time antivirus and malware monitoring is based on three checks: pattern matching, heuristics, and behavioral analysis. Unlike most antivirus and antispyware products, VIPRE’s realtime scanning (Active Protection in VIPRE terminology) is turned off by default. This improves VIPRE’s overall system performance but increases the chance of infection. Rootkit detection is provided by FirstScan, which checks crucial areas of the system before Windows starts. The VIPRE agent boasts efficient scanning speeds and a low memory footprint of just 67.3MB during a manual scan (compared with approximately 120MB from the nearest competition, and more than 250MB from McAfee). On Windows XP, I barely noticed that the agent had been installed.

VIPRE also lets you configure what software an end user may run—similar to Windows software restriction policies (SRPs). And if Windows Defender doesn’t play nice with your antivirus policies, you can disable it from the VIPRE console (but I recommend leaving it enabled, if possible, because two scanning engines provide more comprehensive protection).

VIPRE lets users download the standard EICAR antivirus test file from the Internet when it’s formatted as a .txt or .zip file; VIPRE doesn’t block the EICAR file until the user tries to open the file locally—assuming Active Protection is configured to scan when files are opened. VIPRE waits to quarantine the code only when it’s renamed as a .com or .bat file. This behavior may unnerve those who’d prefer their users to be blocked immediately from downloading the code in the first place. (ESET NOD32, for instance, will block all such attacks at the source, with the exception of malicious code in a .zip file, downloaded over an HTTP Secure connection.)

Enterprise Features
A report scheduler lets you set reports to run at a designated time and email reports to specified users. You can also use the custom report editor to modify existing reports or create your own report to display chosen information. An especially useful VIPRE feature is the download updates via the Internet if local updates are unavailable setting, which is handy for laptop users who rarely connect to the corporate network but still need to download new threat definitions.

Going the Distance
Sunbelt Software doesn’t provide a comprehensive range of antivirus solutions for protecting Exchange Server and other enterprise applications, such as those offered by ESET or Symantec, which could be a disadvantage for companies who want to deal with one vendor for all their antivirus needs. The inability to build a hierarchy of parent and secondary VIPRE servers might be a drawback for businesses with geographically distributed environments. Despite some confusing labeling and wording in the administration console, VIPRE’s simple but effective approach should appeal to SMBs. As part of a multilayer defense strategy, VIPRE is enough to prevent serious virus and malware infestations on a network.

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
DevSecOps concept
90% of Java Services in Production Have Vulnerability Risk, DevSecOps Report Finds
Apr 20, 2024
Businesswoman challenges concept and gender obstacles
Women in Cybersecurity Face Barriers to Hiring, Advancement
Apr 15, 2024
person typing on keyboard with icons for certificates
Top IT Certifications for a Career in Finance
Apr 12, 2024
employee working on a laptop with AI
Why AI Coding Assistants May Be Greatest Cybersecurity Threat Facing Your Business
Mar 26, 2024