First, lets start off by breaking this FAQ down into 2 branches, desktop and enterprise. This is because what do you in a Virtual Machine which may run for 20 minutes a week is very different then a 24/7 system.
Software Evaluation / Desktop Virtualization:
Should you run Antivirus software?
Short answer Always. Long answer is this: evaluate the risk, the potential loss, and loss of performance to decide if it is worthwhile. If you are using a virtual machine to test software or websites where the VM is only powered on for a few minutes a day then it is probably ok to avoid the uneeded overhead. If you are running the VM as the development environment, where you are connected to the physical network and visiting websites then you may want to consider running antivirus software.
Which anti virus software should I run?
There are many out there, but any of the big three: mcafee, nortons, avast would be acceptable. For windows XP or Vista systems you can’t go wrong with grisofts free offering.
What if I’m not running Windows, ie running Linux or Solaris?
Ask yourself this, what are you really trying to protect? There are very few viruses out there for linux and solaris at this point. If you have been good about only using highly trusted repositories for your software then you should be safe. Generally it seems safe to say the biggest problem a linux system will encouter is the actual user deleting the wrong file, not a virus.
Here is a list of solaris antivirus options
Here is a list of Linux antivirus software packages
Here is a directions for installing antivirus on ubuntu
Here is an article “Note to new Linux users: No antivirus needed” from linux.com
Enterprise level virus scanning
What anti virus should I run on my corporate server?
There are a few well known quality enterprise grade antivirus options. But they are almost all for windows server in a windows environment. If you are running a linux backend, then what you really need is just enough protect to prevent the spread of viruses onto the windows portion of the network, as it is unlikely that any linux product will be as effective as a secure linux system with a properly configured firewall and security levels.
Check out this breakdown for a good starting direction Antivirus Tools Underperform When Tested in LinuxWorld ‘Fight Club’
Symantec AntiVirus Corporate Edition
They do support linux clients, here is the info from their website:
Linux Client
Symantec AntiVirus supports installation on the following Linux distributions:
* Red Hat Enterprise Linux 3.x, 4.x, 5.x
* SUSE Linux Enterprise (server/desktop) 9.x, 10.x
* Novell Open Enterprise Server
* VMware EX 2.5.x, 3.x
Note: Symantec AntiVirus Linux clients are unmanaged clients. You cannot use the Symantec management components, such as Symantec System Center, to centrally manage Symantec AntiVirus Linux clients.
What premade Virtual Machines are available for Antivirus tasks?
Check out this page from Trend Micro USA - Virtualization. They offer a variety of solutions for the enterprise customer, ranging from spam protection to full virus scanning. Their virtual machines are available for VMware workstation 5.x, 6.x, VMware Server 1.x, VMware ESX 3.x.
Also search the VMware Appliance Marketplace for antivirus, there are a few helpful premade machines there.
A few general articles about Virtual Machine performance related to antivirus:
virtualization.info: How to improve disk I/O performances with VMware Workstation
virtualization.info: Security by virtualization
The Core Dump of Thought: Anti-virus, virtualization and security paradigm
rentzsch.com: Virtualization as an Antivirus
anti-virus rants: what virtualization can and cannot do in an anti-malware context
No related posts
