Security Management on Virus Protection

by Peter Mok
SHARE THIS

The anti-virus software (Mcafee) has been made available centrally for every PC on staff LAN. Users are regularly informed to update their anti-virus signature file (a file used by anti-virus software to detect the presence of any known viruses). However, for some reasons, almost everyday some staff PCs are still found to have contracted viruses.

We believe the ever-presence of virus infection in some staff PC, is due to the following:

  • The anti-virus software is not installed when the system is installed or re-installed.
  • The virus signature file is not kept up-to-date even when the staff are so informed.
  • The PC are not re-booted daily. As a result, the daily process of updating virus signature file to be carried out automatically at login time fails to execute.
  • The process of updating virus signature file is intentionally or un-intentionally blocked by the personal firewall being locally installed on some staff PCs.
     

To ensure that our users will deploy the anti-virus software and keep the virus signature file up-to-date, we are planning to install the Mcafee ePolicy Orchestrator (ePO) on every PC on the Staff LAN starting this September. This ePO is a network anti-virus policy management program which can prevent a network infrastructure from contracting or spreading viruses by managing and enforcing the following policies from an anti-virus administrator server:

  • Push anti-virus software to client PCs
  • Download and distribute virus signature file to client PCs
  • Schedule and manage virus scan on client PCs when required
  • View and report network-wide anti-virus activities and the status of client PCs' virus protection
     

Each PC with an ePO agent installed will automatically keep its scan engine and/or virus signature file up-to-date, unless the ePO's agent has been removed or its download or update function is blocked by personal firewall (hence disabling its automatic update of virus signature file). However, the implementation of ePO can only minimise but not eliminate completely the existing problems we face. We still have to rely heavily on users' cooperation and commitment to make their as well as others' PCs virus free.