Windows Terminal Servers (WTS) have become more and more popular as a mean to reduce IT cost in large and medium sized companies. One of the reasons is the increased bandwidth capacity in Networks, other being one place for management, and reduced potential for security breach. By having centralized management, storage and application control, the need to have hugh IT staff has become history.

Terminal servers are meant to reduce the total cost of ownership (TCO) in an organization. Companies using WTS solutions have a need for anti-virus solutions that is specially designed for this environment, and that is somewhat different from traditional anti-virus software for servers and workstations. Norman has taken this needs seriously and made the new Norman Virus Control v5 for Windows Terminal Servers.

Why choose Norman Virus Control for Terminal Servers?

In a Windows NT or Windows 2000 terminal services environment users may be connected to the server via terminal services clients. Using this configuration, the terminal services clients do not run applications locally, but instead they depend on the server to run instances of the applications they use.

Norman Virus Control is tailor-made to integrate with the Terminal server services, and uses the latest techniques to optimize the scanning performance that will occur on the server when multiple persons accesses files at the same time. In addition it gives the administrators unique control functions of the various users using the Terminal server.

Product specifications

Norman SandBox v2

The unique US patent pending, Norman SandBox v2 have been added to the Norman On-Demand scanner module with the option to turn it on or off. In its second generation, Norman SandBox are capable of detecting even more new viruses, worms etc. even one off variants will be detected. The Norman SandBox inserts any suspicious file into a virtual computer, a 'sandbox', monitoring the actions of the file in real-time. If virus behaviour is detected, it performs the necessary actions to prevent damage from the virus.

How does it work?

The server distributes screen layout to each user that logs on and runs applications on behalf of the user. This design simplifies the administrator's maintenance of files and applications in an environment of multiple users. NVC adds value to the design by making it easy for an administrator to configure NVC accordingly. During on-access scanning for Terminal server client sessions, NVC will always use the 'non-interactive' (or server) configuration. This means that no virus alert dialog box will appear on the Terminal server when a virus is found. On the Terminal server client's machine however, a message box will appear.

Message box

This message is purely informational. The terminal server client is not allowed to change the behavior or the configuration of the scanner. Note that scan of changed or new files only is the default setup for the 'non-interactive' configuration. Files read or executed from a terminal server client are therefore not affected by on-access scanning.

On the administrator's NVC Messages console the following message has been added:

Console message

The name of the logged on terminal client as well as the terminal client's machine is added to the virus alert message. In the example above the user PetterN on the machine NT2000PROBLI caused the virus alert message on the terminal server W2KTSRV. NVC on-demand scanning is still possible from each terminal session. The functionality in this respect is no different from on-demand scanning on any other configuration.

Updating NVC

Norman Internet Update (NIU) is an integrated part of the product and can be configured to regularly check for new and updated files on Norman's product servers. NIU offers complete updating and upgrading of the software to ensure that virus definitions are kept up to date and that you are always running the latest version of the software. The Norman Internet Update uses incremental updates of definition files to keep the size of the updates as small as possible, thereby reducing the network load and increase the speed for distributing updates.