Top Third-Party Tools
Sysadmins can't live by Windows 2000 alone. Check
out these handy antivirus protection and backup/restore
programs that can help you get through the day.
- By Harry Brelsford
- September 01, 2001
As high-priced management consultants like to
say (and to charge you for saying it), there comes
a time when you have to think outside the box.
In this case, I'm referring specifically to Windows
2000 and its native toolset. Now that you've worked
with Win2K for some time, you've probably discovered
its strengths and weaknesses. I want to share
my discoveries with you this month as I present
a couple of third-party tools that are a necessary
part of your Win2K installation.
Basically, I'm presenting two products that perform
functions not included in Win2K or functions that
Win2K doesn't perform as well—namely, virus
protection and backup and restore.
With the spread of the Sircam and Code
Red viruses, Win2K novices and gurus learned something
new about virus protection. As an MCSE consultant,
I've worked with several virus-detection applications
and have settled on Trend Micro's OfficeScan as
my top choice. I've found that OfficeScan is a
simple install, and it operates in a cohesive
client/server manner. That is, both the server
and client computers are protected as a whole
system (you don't install the client-side components
separate from the server-side protection).
OfficeScan is a bundle of Trend Micro products
that's priced significantly lower than if you
purchased these components individually. Another
point is the integrated installation routine that
basically works well. But what really stand out
for me are the OfficeScan management tools and
the use of the logon script to update the network
clients at each logon.
For managing the basic input/output scanning
operation, you use the OfficeScan Management Console
(see Figure 1).
|Figure 1. The Workstation
Administration view allows you to assess the
current virus protection status of network
clients. (Click image to view larger version.)
Note that the Workstation Administration view
allows you to configure the network clients with
options on the left side, including the ability
to force a scan at the workstation with the "Scan
Now" button. The Server Administration view (Figure
2) lets allows you to observe and configure various
|Figure 2. The Server
Administration view gives you the opportunity
to observe and configure various server-side
options. (Click image to view larger version.)
Another critical configuration screen with OfficeScan
is the Update and Upgrade screen (Figure 3). You'll
note that important update information is displayed,
allowing you to access how current the virus protection
on your network is.
|Figure 3. You can access
update information via the Update and Upgrade
screen, which allows you to see how current
your network virus protection is. (Click image
to view larger version.)
Best Practice: I wasn't entirely clear
how to use the update OfficeScan via the Internet.
That is to say, I was initially baffled by the
auto-update if you add ISA Server 2000 to the
picture, which is a typical setup when you're
working with Small Business Server 2000 and BackOffice
Server 2000. It was clear enough that you'd click
the Auto Update button under the Update and Upgrade
listing on the left side of the OfficeScan Management
Console; but instead of putting in the server
name (e.g. NHM1) or the server's IP address (either
internal or external) in the HTTP Proxy field,
I had to manually type localhost. This undocumented
step is shown in Figure 4.
|Figure 4. Configuring
the Internet Proxy for Trend's OfficeScan.
(Click image to view larger version.)
And then there's the ScanMail component of OfficeScan
(Figure 5), which provides both scheduled and
real-time scans against Exchange 2000 Server-based
e-mails. While I don't want to distract you by
going into excruciating detail here, ScanMail
can be richly configured (e.g. attachment blocking).
|Figure 5. The ScanMail
component provides scheduled and real-time
scans against Exchange 2000 Server-based e-mails.
(Click image to view larger version.)
Best Practice: Assuming you run Exchange
2000 Server, which is a reasonably safe bet for
many MCSEs, the following applies to you: Trend
and other virus-detection application vendors
are eagerly awaiting the release of Exchange 2000
Server Service Pack 1 (SP1). Why? Because Exchange
2000 SP1 corrects a few things in the application
programming interface (API) that allow third-party
virus-protection programs to scan incoming and
outgoing e-mail in real time. Note that these
Exchange 2000 Server virus-detection applications
can already perform scheduled scans against the
storage group (where the e-mail is stored), just
not in real time. This will be fixed in SP1. Note
that, if you used Trend Micro's OfficeScan 5.0
for Small Business Server 2000, you need to download
ScanMail version 5.1 to correctly interact with
the new Exchange 2000 Server service pack.
Oh, and I must mention that Trend Micro's products,
more than any other virus-detection application
I've used, is minimally invasive. Compare that
to the Symantec's Norton anti-virus offering.
It has been my experience that the Norton virus-detection
application likes to come to dinner and never
leave—that is, once Norton is installed on
a Win2K system, it's amazingly difficult to remove
it, and even then some applications get upset
along the way. Trend Micro's products such as
OfficeScan are good neighbors on a Win2K box.
Backup and Restore
Close to or equal in importance to virus
detection is backup and restore. The question
is: Should you use improved native Win2K backup
application in lieu of a third-party solution?
I respectively submit that no, the native application
likely won't meet your mission-critical backup
and restore needs in the long run. I say this
for a couple of reasons:
- Application agents—Third-party
backup applications truly differentiate themselves
by adding application agents. That is, the native
Win2K tape backup application doesn't have agents
for SQL Server and, arguably, the Exchange agent
is a tad feature-light.
- Logs and reporting—Maybe I'm just
in a fussy mood, but the darn reporting in the
native Win2K backup application is inconclusive.
It doesn't report "success" or "failure." Rather,
the logs are detailed reports of backup activity
and require a fair amount of study to understand
them. A full featured backup program's strengths
are often in the numerous reporting functions
So my vote for an acceptable third-party tape
backup program in the world of Windows 2000? Backup
Exec from Veritas gets the nod. Backup Exec uses
a console (see Figure 6) to allow you to select
different tape backup and restore-related tasks.
The current version for Win2K is version 8.6.
|Figure 6. Backup Exec
is a reliable program, which uses a console
that allows you to select different tape backup
and restore-related tasks. (Click image to
view larger version.)
Best Practice: I've received e-mails from
MCSEs who have asked how can they take their careers
to the next level, beyond the Win2K administration
skills taught in this column. My response is "look
above." Suppose you're an MCSE with Win2K administration
skills (along with the majority of Win2K MCSEs).
How do you distinguish yourself and increase your
compensation at the same time? Simple—choose
a niche that's in high demand. Both Trend and
Veritas have extensive classes you can take to
master the lucrative intricacies of virus protection
and disaster recovery (which includes backup and
So there you have it—a couple of third-party
tools I consider mandatory for any Win2K site.
Don't get caught without some form of virus protection
and backup routine-or ye shall suffer the consequences!