I have tried this software in and out and I recommend you wait for TMG to come out. Kaspersky engine and signatures in and of themselves are great, but combined with the backwards, drunken russian, CCCP style GUI is a nightmare.
The Bad: 1. There is no support for MIME types, leaving you with a very limited and out-dated file type exclusion. 2. Excluding traffic from complete scanning is not possible. 3. No AD integration. 4. Security risk: Applications with their own downloaders and updaters fail to retrieve data from the mother-ship. Things such as Java, Apple.com, Adaware updates just simply fail! 5. The support in the US tries to be helpful (thanks Bill), however the programmers are in the USSR... so.... nothing got resolved. 6. Did I mention that the GUI was developed by a mad scientist?
The Good: 1. Kaspesky likes to scan everything and does pick up all malware types. That's GOOD! 2. Much lower memory footprint than GFI, much much lower. 3. Simple client-server interaction, not too many things can break. 4. AV engine interfaces correctly with ISA Cache.
I can only give this release a 1 as it is a security risk in itself. Until next release... -chris
< Message edited by fixitchris -- 18.Jul.2008 9:22:40 AM >
Answer: If you want to add the whole list of MIME-objects from the link, you do not need to install anti-virus software; as the list contains a lot of possibly infected objects. In this case it is more logical to exclude a server from scan, but not dozens of MIME-types. In the new release some types of objects from the list can be added, but not the whole list given in the link. We could however consider adding a list of specific types to the product.
2) Adding trusted domains or IP addresses to the servers tab does not seem to have any effect whatsoever on anything at all…
Answer: In current version of KAV for ISA customer must point to exact server's URL. IF customer wants to add "www.microsoft.com/*", he must point to "www.microsoft.com". Wildcards are not recommended in the current version but will work. As far as current version of KAV for ISA requires exact URL to make exclusions please check source of updates in logs of KAV for ISA or ISA itself and add them to the list of trusted sites.
3) Large downloads are timing out and they do work ok when KAV service is OFF. Specifically security updates from apple.com for Macintosh and large downloads from solidworks.com. Both methods utilize 3rd party downloader apps.
Answer: In the policy the customer is able to setup exclusions using servers, client, or type of object. User name or some group for this user can not be used for exclusions. Customer must point clients' addresses, which can be used for passing traffic without checking.