While networking has made us all more productive, it also provides the perfect environment for viruses to spread. Keeping servers and desktop PCs free of viruses is a vital system security task.

With that in mind, we examined 11 products designed to keep Novell, Inc. NetWare networks clean and free from viruses. They offer a range of features, from simple detection and attempted repair to functions typically found in higher end network management packages. In order to make direct comparisons, we concentrated solely on the virus detection features of each product, the aspect most difficult for users to test themselves and e one most crucial in keeping networks secure from viral infection.

None of the products we tested found every virus in our Zoo suite, which contains some esoteric beasts (see story, page 61). However, two products, Command Software Systems, Inc.'s F-Prot Professional for NetWare and Sophos Plc's Sweep for NetWare, had perfect results in our other tests, and IBM AntiVirus was just a hair behind. We put these three offerings at the top of our evaluation list.

Products vary in their approach to protecting the network, but most are of two types: NetWare Loadable Module (NLM)-based (which the majority of the products tested were) and DOS-based.

With NLM-based products, an NLM is loaded on the server. This program provides scheduled and immediate scans, examining files as they are copied to or from the server. Several companies also offer support for grouping NetWare servers into logical domains, so an entire WAN can be centrally administered. Products also vary in the way in which they cope with a multiple-server environment. Some products--for example, Symantec Corp.'s Norton AntiVirus (NAV), Intel Corp.'s LANDesk Virus Protect and Cheyenne Software, Inc.'s InocuLAN--are designed with multiple servers in mind, whereas others take a more piece-by-piece approach.

The biggest advantage of NLM-based products is that the programs are impervious to typical virus attacks, as they run on the file server, not in a DOS environment. One disadvantage is that on-access file scanning can put a load on the server, slowing things to such an extent that you are forced to turn off the feature. We strongly suggest you test any product on your network before buying it.

The DOS-based approach to network...