寻找抗病毒应用程序要注意的10件事

10 things to look for in an antivirus application寻找抗病毒应用程序要注意的10件事

by  ​​Erik Eckel Network+, MCP+I, MCSE ​​ |  3/22/07
作者：Erik Eckel, 3/22/07
翻译：endurer
Tags:  ​​Security applications/tools​​​ | ​​Antivirus software​​​
标签：安全应用程序/工具 | 抗病毒软件

英文来源：​​http://articles.techrepublic.com.com/5100-1009_11-6169682.html?tag=nl.e102​​

Takeaway: Selecting the right antivirus protection for your organization may be one of the most important decisions you'll be asked to make. Erik Eckel offers 10 key factors to keep in mind as you weigh the various AV options.
导读：选择恰当地抗病毒软件保护组织可能是最你所要作的重要的决定之一。Erik Eckel提供了你在权衡各种各样的抗病毒软件时要记住的10个关键因素。
《endurer注：1。keep in mind:记住》

Antivirus programs are no longer a best practice; they're a requirement. If a system has a power supply and runs Windows, it must have a first-rate antivirus application current with the latest signatures. Don't make it easier for attackers to compromise the systems you're supposed to be keeping secure. Insist on these 10 elements in any antivirus application you implement.
抗病毒程序不再是最优方法。他们是一种需要。如果一个系统有能力支持和运行Windows，它必须有目前第一流的、带最新特征库的抗病毒程序。不要让攻击者轻易危害，你应该保持安全。对你使用的一些抗病毒程序强调10点。
《endurer注：1。best practice:最优方法》

#1: Potency
效力

An antivirus program is useless if it fails to identify and isolate viruses, worms, and similar infections. Productivity losses quickly mount when you have to clean machines of malicious software. Removing infections from systems supposedly protected by antivirus applications only adds insult to injury. Avoid such frustration by ensuring that the antivirus platform you deploy effectively prevents infection.
抗病毒程序如果不能鉴别和隔离病毒、蠕虫、和类似危害，是没用的。当你清理被恶意软件感染的机器时，生产损失迅速增大。从抗病毒程序保护的系统中清除危害更是雪上加霜。通过确认你部署的抗病毒平台有效地防止危害来避免这类挫折。
《endurer注：1。production loss:生产损失
2。add insult to injury:伤害之外又加侮辱(使关系更糟),雪上加霜》

Don't let persuasive ads or persistent channel partners talk you into specific brands. Research your options thoroughly and talk to other IT pros to learn their recommendations. The insight you'll gain is invaluable, especially when comparing notes with colleagues within the same industry—those who are responsible for maintaining the same type of business and enterprise applications.
不要让有诱惑力的广告或固执的渠道合作伙伴说服你用指定牌子。重新彻底研究你的选项，并与其它IT专家交谈，研究他们的推荐。你将获得的真知卓见是无价的，特别是当和同事就同一产品交换意见时——这些同事正维护同类公司和企业软件。
《endurer注：1。talk into:说服
2。compare notes:交换意见》

#2: Low overhead
低开销

Some mass-market antivirus programs have been known to bring minimally configured Windows systems to a standstill. An effective antivirus program must constantly work behind the scenes to monitor active applications. That's understood. But protective software apps requiring (or commanding) significant system resources often do more harm than good.
一些销量大的抗病毒程序已知会给最低配置的Windows系统带来停顿。一个有效的抗病毒程序必须在后台实时工作，以监控活动程序。这是容易理解的。但保护软件程序要求（或占用）相当数量的系统资源通常弊多利少。
《endurer注：1。do more harm than good:弊多利少》

When selecting an antivirus application, review the program's system requirements. Before committing to a solution, test the application on several workstations to determine the true load that the program places on real-world equipment. Don't settle for manufacturers' claims. Verify performance data firsthand.
在选择抗病毒程序时，研究该程序的系统要求。在确认解决方案前，在几台工作站上测试该程序来判断把这些程序置于真实设备上的真实性。不要向制造厂家付清所有款项。校验第一手性能数据。
《endurer注：1。settle a claim:付帐；解决索赔；清算债务》

#3: Centralized administration
集中管理

No one enjoys having to visit every workstation within the organization. That's just what you'll have to do, though, if you standardize on an antivirus application that doesn't support centralized distribution and administration.
没有人喜欢访查组织内的每一台工作站。如果你使用不支持集中分配和管理的抗病毒程序，这将是你不得不做的。

Make sure the antivirus solution you select works well with Windows Intellimirror and other mass client-deployment technologies (or has its own native deployment features). Although some smaller organizations aren't as dependent on time-saving deployment tools, remotely managing and administering antivirus applications is still most efficient, even in businesses with just 20 employees. By eliminating the need to visit those systems to configure scans, review logs, and maintain updates, strong centralized administration features more than pay for themselves.
确信你选择的抗病毒解决方案可以和Windows智能镜像及其它部署客户端技术合谐工作（或有其原生部署特性）。尽管一些较小的机构不依赖于省时部署工具，但远程管理和执行抗病毒程序仍是最有效率的，即使是在只有20名雇员的企业中。通过消除访查这些系统以进行配置扫描、检查日志、维护更新的需要，强大的集中管理特性。
《endurer注：1。IntelliMirror(智能镜像）管理技术是嵌于Windows 2000操作系统的一系列强大特性，可增加系统的可用性，减少用户总支持费用。详细介绍：​​​http://www.microsoft.com/china/windows2000/library/howitworks/management/intellimirror.asp​​2。be dependent on:取决于》

#4: E-mail protection
电子邮件保护

It goes without saying that any antivirus solution should guard against infectious code sent or received in e-mail. However, not all applications provide such protection. Even if your organization maintains an e-mail server- or router-based antivirus program, seek client antivirus apps that provide secondary e-mail protection.
不消说，任何抗病毒解决方案都需要防范传染性的代码通过电子邮件发送或接收。然而，不是所有的应用程序都提供这个保护。即使机构维护一台电子邮件服务器或基于路由的抗病毒程序，还是寻求提供二级电子邮件保护的客户端抗病毒应用程序罢。
《endurer注：1。It goes without saying:不言而喻
2。guard against:防止,防范》

Client-side e-mail security offers essential protection for your organization. It also safeguard's its reputation, preventing users from infecting external customers, partners, and suppliers and keeping your organization off one of many troublesome spam lists.
客户端电子邮件安全为机构提供必要的保护。它也保卫机构的声誉,防范用户传染到外部客户，合作者和支持者，并使机构避免一些列入令人烦恼的垃圾邮件列表中的邮件。
《endurer注：1。keep off:不接近,避开》

#5: Compatibility
兼容性

In addition to confirming that an antivirus application operates well with your operating system, check that it doesn't create errors when installed alongside enterprise applications, proprietary programs, and other software packages. Some IT newsgroups—and occasionally, antivirus manufacturers—do a good job of warning about known conflicts. But the best bet is to install the solution (prior to a department- or organization-wide deployment) to test the antivirus software's interaction with other programs.
此外还要确定抗病毒程序可以与操作系统良好运行，检测其与企业程序、专有程序、及其它软件包一起运行时不产生错误。一些IT新闻组——及抗病毒程序制造商不时也会——做好警告已知冲突的工作。但最好的措施是使用解决方案（在部门或机构范围部署前）来测试抗病毒软件的与其它程序的相互作用。
《endurer注：1。do a good job:vi. 工作干得好
2。best bet:最好的措施
3。prior to:在...之前
4。interact with:与...相互作用》

Pay particularly close attention if you're working with Microsoft Vista. Don't expect Windows XP-based antivirus software to work well with the newest desktop OS. In fact, in most cases, it won't. If your organization has moved to Vista , confirm that the security software is certified for use with the newest Windows platform.
如果你正使用微软Vista，要特别注意。不要期望基于Windows XP的抗病毒程序在新的桌面操作系统上良好工作。实际上，在大多情况下，这是不可能的。若机构已转移到Vista，要确认安全软件经验证可用于最新的Windows平台。
《endurer注：1。to pay close attention to:密切注意》

#6: Effective reporting tools
有效的的报告工具

Some antivirus solutions enable you to review reports from all configured clients via a Web interface. Others produce reports indicating threats, scans, and infections but require that an administrator visit each client to obtain that information.
一些抗病毒方案使你能通过网页界面审查所有已配置客户端的报告。其它产品报告威胁指示、扫描和感染，但要求管理员访问每台客户机来获取这些信息。
Review your organization's needs and determine which method will work best. Consider reporting features carefully. A program's logs and report information will prove invaluable in alerting you to problems before or as they occur.
审查机构的需要并判断哪种方法效果最佳。仔细考虑报告特性。一个程序的日志和报告信息在问题发生之前或发生时向您发出警告将会有很高的价值。

#7: Technical support
技术支持

Antivirus programs fail. It's inevitable. Sooner or later, you'll encounter strange failures, bizarre error messages, or inexplicable system freezes. Having access to the antivirus manufacturer's development staff is essential for successfully identifying a solution.
抗病毒程序失误，这是不可避免的。你迟早会遇到奇怪的失败，奇异的错误信息，或费解的系统停滞。可以联系抗病毒软件生产商的开发人员对成功鉴定解决方案是重要的。
《endurer注：1。have access to:可以到达(可以使用)》

Before purchasing any software, check out the manufacturer's Web site. Find out whether the manufacturer provides a toll-free number for support, review any troubleshooting forums, and check which live assistance options exist.
在购买软件前，检查厂商的网站。找出厂商是否提供技术支持免费电话，查阅故障排查论坛，检查其日常助理选项的存在。

#8: Certification
认证

Just as an antivirus solution's potency is critical, so too is certification. Manufacturers can make all the promises and claims they want in marketing materials, but industry certification is hard won. ICSA Labs, Virus Bulletin, West Coast Labs, the National Associate of Specialist Computer Retailers, and others all require antivirus programs to meet stringent requirements to receive certification.
正如抗病毒解决方案的能力是关键，认证也是如此。制造商能做出所有承诺并声称他们想参加，但产业认证难于获取。ICSA Labs（国际电脑安全协会），Virus Bulletin(病毒公报)，West Coast Labs(英国西海岸实验室)，the National Associate of Specialist Computer Retailers，和其它所有要求抗病毒程序满足来严格要求来接受认证。
《endurer注：1。want in:想要进来(想参加)》

Of course, certification isn't foolproof. But one way to know you're purchasing a trustworthy application is to confirm that the program has earned certification from these leading labs.
所以，认证不是很简单的。但知道你正在购买可信赖的应用程序的一种方法是确认该程序已获得这些领导实验室的认证。

#9: Simplified licensing
精简许可证

Once you've identified an antivirus solution that's potent, compatible, and backed by quality technical support (among other elements), it's time to turn your attention to licensing. Some manufacturers complicate licensing to the point that you can install a dedicated license on only a single machine. If that system's hard disk or motherboard fails (or the entire system goes down), under OEM terms your organization is likely required to purchase another license, even if the original term is yet to expire.
一旦你认定了有效、兼容、有质量技术支持（除了其它元素外）的抗病毒解决方案，就是把注意力转到协议上的时候了。一些制造商把申请许可证的一个要害搞得复杂：一个专用许可证只能安装在一台机器上。如果系统的硬盘或主板坏了（或事个系统完蛋了），在OEM条款下，机构极有可能被要求购买其它许可证，即使原始条款仍然有效。
《endurer注：1。to the point:切题,切中要害》

Review license requirements with care. It's often best to purchase client licenses by seat. Thus, if a workstation or server fails, migrating an existing license to the replacement system becomes a simple matter. (But expect to pay more for the privilege.)
仔细审查许可证要求。通常按位购买客户许可证是最好的。这样，如果一个工作站或服务器坏了，迁移
现存许可证到替代系统将会成为一件简单的事情。（但）

Remember to factor in growth considerations when purchasing a specific number of seats. It's all too easy to exceed licensing limits signed six months ago. Keep detailed notes on how many systems receive antivirus software and keep the documentation current as workstations and servers are replaced or upgraded.
在购买一定数量的位置时要记得考虑增长因素。超出6个月前签署的许可协议限制实在是太容易了。详细记录安装抗病毒软件的系统数量，并在工作站和服务器替换或升级时更新文件。

#10: Reasonable cost
合理成本

When purchasing fewer than 50 licenses, expect to pay approximately $30 to $45 per seat for an annual antivirus license. As an organization exceeds 100 licenses, costs can drop to as low as $25 per user.
购买少于50个许可时，预计每个位置的年抗病毒软件许可大约30到45美元。当一个组织机构超过100个许可时，成本可降低至每个用户25美元。

Unless an application includes firewall, anti-spyware, or antispam features, prices should fall within the above ranges. Any organization tempted to add firewall or anti-spyware tools to its antivirus application, especially for 20 or more users, might be better served pursuing a hardware-based solution (such as the ones provided by SonicWALL, Barracuda, and other manufacturers) instead of a software-focused product.
除非一个软件包括防火墙，抗间谍软件，或抗垃圾处理邮件特性，价格应该在上列范围内。一些组织机构打算增加防火墙或抗间谍软件工具到抗病毒软件，特别是有20或更多用户的，购买基于硬件的解决方案（例如SonicWALL， Barracuda或其它厂商之一提供的）代替焦点软件产品可能有更好地服务。

《endurer注：1。fall within:属于
2。SonicWALL是全球中小型企业市场中公认的领导厂商，其解决方案广泛应用于分布式企业环境、政府、零售业销售点、医疗保健领域以及服务供应商行业。 总部位于美国加利福尼亚州桑尼维尔市。
3。Barracuda Networks2002年底成立，是全球的垃圾邮件产品市场价格性能比的领导者，其拳头产品“梭子鱼”垃圾邮件防火墙系列产品屡获殊荣。总部位于美国硅谷Cupertino。
4。instead of: 代替,而不是》