Kaspersky has come up trumps with very fast software with some neat features. Queuing the mail was just moments slower than the top runners with 49 minutes, but processing was fastest of the lot at 107, and it nearly tops the efficiency chart too, with 4,055 scanned.
This was one of the few products to require a restart after installation. The system requires a management password of its own, rather than using the administrator account, which makes good sense, especially if you delegate administrative tasks.
One of the product's strong points is a superb template system for editing alerts and messages, all driven from within the MMC snap-in that drives everything except the reporting function, which is a separate tool. The default template is awkward, but so easy to improve that most administrators will promptly do so. The sent-from address for alerts defaults to "[email protected]" which is surprisingly shoddy. [email protected] or [email protected]<domain> would be better for an Exchange server.
In contrast to the alert templates, the custom report facility is poor. Searching by criteria such as "Column 0 contains..." is far from self-explanatory.
The product deals with a flood of alerts in a number of ways, some of them badly implemented. The activity report maxes out at 1Mb, at which point the old file is renamed and a new one begun. That would be a good approach, except the renamed file has an incorrect extension, which is needlessly awkward. The virus alerts claim viruses have been quarantined, but the "quarantine" folder was empty. Instead, the "infected" folder contained thousands (one for each virus) of .tmp files, each with its original alert as a separate text file.
Given the excellent performance, this product would be some way ahead of its competitors if it had more outbreak controls and some of the glitches fixed.