LABS GALLERY: Shavlik Netchk Protect 7 Gets Anti-Malware Boost

Matthew D. Sarrel

Wouldn’t it be wonderful if every piece of software also downloaded and installed the prerequisites?

After installation, a setup wizard walks you through additional configuration options. These can be set later under the options menu, but it’s easier here.

The first time you launch Shavlik Netchk Protect 7’s management console, the home page greets you with quick links to common tasks.

After clicking a link on the quick start page, help opens up to guide you through the tasks. Once set up, tasks can be run manually or scheduled to run automatically.

Within minutes of installing Netchk Protect 7, I had detailed patch-related information for my test network. I got info on which patches needed to be downloaded and which machines need to be patched first.

Here are summary results of a security patch scan on an environment comprising physical and virtual machines. The machines with “VM” in their name are virtual. Nnote how a distinction is now made between an on or off VM.

Shown is a very useful chart that lists the top malware threats found on my test network.

A similarly useful chart shows the top malware threats by OS. This could be used to prioritize patches.

Before deploying agents to manage patches and threats, it is necessary to configure an agent policy. From the Threat Tasks tab, I added “scan archived files” by clicking on the check box.

It is important to classify the risk presented by each category of threat and then decide how that threat should be treated if discovered. I found it useful to click the Default Action for all Threats button and select Quarantine.

After a scan detects a threat and reports back to the management console, you can allow the threat and then push the agent policy out to the clients.

The Sunbelt VIPRE engine identified and quarantined threats found on an infected machine. The threats were removed without compromising system stability.

I created a restricted security policy in which the user had to approve each executable as it ran. This screen shot is from the client agent. This list is not reported on the management console.

With patches, I simply clicked the machine, then the patches tab below, then deploy. In contrast, with threats, information is not actionable in the lower pane.

I found the Machine View to be the easiest to use during my testing. This is how a GUI should be: intuitive and easy to use.

The Operations Monitor tests agent connections to determine whether a patch would be deployed successfully.

Patch installation is so non-disruptive that users won’t even know it is happening. Note the processes update.exe and silent.exe.

Here are the results of a security patch scan of virtual machines. Netchk Protect 7 simplifies patch management by treating virtual machines the same as physical machines.

Service packs can be deployed to virtual machines either immediately or on a schedule.

You can deploy patches to virtual machines on disk when they are not running. Patches are applied when the VMs boot. Here, an unpatched Windows XP Pro VMware Workstation 6.5 virtual machine is being patched.

I saw this message two to three times a day during my test period. At best, it was just a GUI crash. At worst, background tasks (downloading and deploying patches) crashed as well.