• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Kaspersky Anti-Virus for MS ISA Server Review (version 5.6.1181.0)

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Misc.] >> 3rd Party Add-ons >> Kaspersky Anti-Virus for MS ISA Server Review (version 5.6.1181.0) Page: [1]
Login
Message << Older Topic   Newer Topic >>
Kaspersky Anti-Virus for MS ISA Server Review (version ... - 18.Jul.2008 9:18:12 AM   
fixitchris

 

Posts: 148
Joined: 23.May2007
Status: offline
Here is my review of the KAV for ISA (version 5.6.1181.0) :
http://www.isaserver.org/software/ISA/Anti-Virus/Kaspersky-Anti-Virus-for-Microsoft-ISA-Server/Click/

I have tried this software in and out and I recommend you wait for TMG to come out.  Kaspersky engine and signatures in and of themselves are great, but combined with the backwards, drunken russian, CCCP style GUI is a nightmare.

The Bad:
1.   There is no support for MIME types, leaving you with a very limited and out-dated file type exclusion.
2.   Excluding traffic from complete scanning is not possible.
3.   No AD integration.
4.   Security risk: Applications with their own downloaders and updaters fail to retrieve data from the mother-ship.  Things such as Java, Apple.com, Adaware updates just simply fail!
5.   The support in the US tries to be helpful (thanks Bill), however the programmers are in the USSR... so.... nothing got resolved.
6.   Did I mention that the GUI was developed by a mad scientist?

The Good:
1.   Kaspesky likes to scan everything and does pick up all malware types.  That's GOOD!
2.   Much lower memory footprint than GFI, much much lower.
3.   Simple client-server interaction, not too many things can break.
4.   AV engine interfaces correctly with ISA Cache.

I can only give this release a 1 as it is a security risk in itself.  Until next release...
-chris

< Message edited by fixitchris -- 18.Jul.2008 9:22:40 AM >
Post #: 1
RE: Kaspersky Anti-Virus for MS ISA Server Review (vers... - 18.Jul.2008 10:53:47 AM   
fixitchris

 

Posts: 148
Joined: 23.May2007
Status: offline
Tech Support:

1) Would it be possible to release a new build that would include additional MIME object types?  Such as MSI, COM, etc, etc.  I can help with the list.
http://www.verio.com/support/documents/view_article.cfm?doc_id=3989

Answer:
 If you want to add the whole list of MIME-objects from the link, you do not need to install anti-virus software; as the list contains a lot of possibly infected objects. In this case it is more logical to exclude a server from scan, but not dozens of MIME-types. In the new release some types of objects from the list can be added, but not the whole list given in the link. We could however consider adding a list of specific types to the product.

2) Adding trusted domains or IP addresses to the servers tab does not seem to have any effect whatsoever on anything at all…

Answer:
In current version of KAV for ISA customer must point to exact server's URL. IF customer wants to add "www.microsoft.com/*", he must point to "www.microsoft.com". Wildcards are not recommended in the current version but will work.
As far as current version of KAV for ISA requires exact URL to make exclusions please check source of updates in logs of KAV for ISA or ISA itself and add them to the list of trusted sites.


3) Large downloads are timing out and they do work ok when KAV service is OFF.  Specifically security updates from apple.com for Macintosh and large downloads from solidworks.com.  Both methods utilize 3rd party downloader apps.

Answer:
In the policy the customer is able to setup exclusions using servers, client, or type of object. User name or some group for this user can not be used for exclusions. Customer must point clients' addresses, which can be used for passing traffic without checking.


[color=#000000 size=3] 
[color=#000000 size=3] 

(in reply to fixitchris)
Post #: 2
RE: Kaspersky Anti-Virus for MS ISA Server Review (vers... - 25.Jul.2008 10:39:00 AM   
fixitchris

 

Posts: 148
Joined: 23.May2007
Status: offline
Well, all in all, I was able to get my money back for the product with no problems and I even got a free license for 'KAV for ISA' for the next year.... eeeek!

(in reply to fixitchris)
Post #: 3
RE: Kaspersky Anti-Virus for MS ISA Server Review (vers... - 10.Jun.2009 10:20:28 AM   
fixitchris

 

Posts: 148
Joined: 23.May2007
Status: offline
Release update:
http://www.cyprotect-dl.de/kaspersky/kavigateways/isaserver2004-
2006english/release_notes_en.txt

(in reply to fixitchris)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Misc.] >> 3rd Party Add-ons >> Kaspersky Anti-Virus for MS ISA Server Review (version 5.6.1181.0) Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts