What You Need to Know About Microsoft Antigen

The first round of Microsoft-branded Sybari products—Microsoft Forefront Security for Exchange Server, Antigen for SMTP Gateways, Antigen Spam Manager, and Antigen Enterprise Manager—are ready to hit the market. Eventually, all of these products will be included with the Microsoft Forefront line of security products, but the current versions offer a compelling solution for Microsoft Exchange Server email infrastructures. Here's what you need to know about the Antigen family of products.

Spam Protection at the Server Level
The Antigen products are designed to protect Exchange email servers, though Antigen for SMTP Gateways also supports the SMTP server function in Windows servers. (Microsoft is also working on Antigen products for Windows SharePoint Services and IM.) An Antigen for Exchange product has existed for roughly 10 years, and it has always focused solely on managed enterprise servers, not consumer or desktop products. Customers have always applauded Antigen because it only minimally affects performance and easily integrates with Microsoft's management technologies.

Unlike some antivirus solutions, Antigen doesn't rely on just one antivirus engine. Instead, administrators can install and enable multiple antivirus engines, as the situation demands, to obtain the best antivirus protection possible. Sybari never saw itself as an antivirus engine lab, so it partnered with several antivirus engine companies, and Microsoft continues to benefit from these established relationships. Antigen also includes a new antivirus engine designed by Microsoft that's based on its experience protecting millions of MSN and Hotmail accounts.

The Antigen email protection products come with five antivirus scanning engines: Microsoft, Sophos, CA Vet, CA InoculateIT, and Norman. If you buy the Antigen Messaging Security Suite, which includes Forefront Security for Exchange Server, Antigen for SMTP Gateways, and Antigen Spam Manager, you also get Kaspersky, AhnLab, Authentium, and VirusBuster engines. You can use any combination of engines to get the best protection, but Microsoft recommends activating no more than five antivirus scanning engines per installation.

Why would you need multiple engines? When a virus appears, companies that make antivirus scanning engines race to be the first to market with new signatures. By using multiple engines, you're more likely to quickly receive signatures for all new viruses than you are if you rely on just one vendor.

What's New in Antigen
Antigen underwent Microsoft's grueling Security Development Lifecycle code review to ensure that it utilizes the lowest possible security privileges and ships with the most secure out-of-the-box configuration. These precautions are important because hackers often use antivirus products as an attack vector. Antigen also provides greatly enhanced support for Exchange clusters.

If you're already a Sybari customer, there probably aren't enough improvements in Antigen to warrant an upgrade. But if you're still looking for an antivirus solution that offers superior protection and deep integration with Active Directory (AD) and other Microsoft management tools, consider Antigen. Future versions will benefit from integration with other Forefront solutions and Exchange Server 2007's roles-based infrastructure.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.