Norman Virus Control
June 30, 2005
- Ease of Use:
- Value for Money:
- Overall Rating:
The "Sandbox" feature provides a safe way to monitor suspicious program behavior.
The centralized installation feature is limited to systems in the same Windows Domain.
An effective antivirus system with useful administration features.
Although Norman Virus Control offers support for the current versions of Windows, including Windows 95, and various versions of Linux, it also supports OS/2 Warp 4 and OS/2 Warp Server.
While these systems no longer make the headlines in computing magazines, there are still plenty of them doing useful work. In terms of Windows systems, it is possible to manage large deployments to systems running NT4, 2000 and XP, but only if they have MS File and Print services running and are in the same domain as the "NDesk" management system. Otherwise, the software will need to be installed manually.
The NDesk software is the core of the Norman environment, managing updates for client systems and monitoring their health. The software seems to assume that malware will be caught during normal scanning: catching an infestation under way would simply involve pushing out updates across the enterprise (and Norman scales very well for this) and forcing a scan. We would have liked more tools to report on outbreaks, but the basic approach is workable enough.
Norman Virus Control provides a useful "exclusion list" facility that allows individual files to be ignored during virus scanning. The list will allow directories and associated sub directories to be excluded as well, and can exclude files by file extension if required.
The most obvious use for this option is to exclude software such as remote control programs that might otherwise generate a false positive alert.
A major feature of Norman Virus Control software is its "Sandbox". In this case, it is a virtual environment that provides everything a program needs to run while isolating it from the real operating environment. In this way, a program can be checked for suspicious behavior without exposing the system to attack.
Since the virtual environment always starts from a known state, any changes that occur in it are the result of the program's activity.
These changes can then be examined to see if there are any undesirable effects before judging the program acceptable. In order to reduce the number of false positives that might otherwise be caused by the behavior of some types of software, such as Remote Administration systems, the program refers to the exclusion list and the latest virus definitions.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Microsoft update left Azure Linux virtual machines open to hacking
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack
- 9.2 million medical records for sale on darkweb
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry