I recently upgraded our e-trust antivirus from ver 6 to 7 on our servers and workstations. I'd always wondered why there were 2 scanning engines (Vet and InnoculateIT) so I asked Computer Assosiates. They replied with the following, which I thought was pretty useful for all e-trust AV users...
Q: Why is there an option to choose between 2 different engines?
A: Delivering eTrust InoculateIT/Antivirus with 2 engines is based on the observation that many companies do not rely on one vendor only for their virus protection. A typical setup is to run vendor A on the servers/gateways and vendor B on the clients. This way there is a second chance to detect a virus on the workstation if it slipped through the server protection. Using the same vendor on servers and workstations will let a virus straight through if the product doesn't have detection. While most anti virus scanners are pretty much equal when it comes to detecting in the wild viruses, there might be differences when it comes to zoo viruses and especially new, yet unknown viruses detected by heuristics.
The downside of using 2 different products is that administrators have to learn 2 different products, use 2 different applications to manage the deployed antivirus products, possibly implement 2 different signature update schemes, etc.
eTrust InoculateIT/Antivirus gives enterprise clients the benefit of running 2 different anti virus technologies within their organization while eliminating the need to learn two different products. All the management is done through one comprehensive user interface regardless of the engine installed.
While, of course, exchanging viruses, the 2 antivirus teams work largely independently, so that the 2 engines can be considered completely different. Detection/cure for known viruses is about the same, but the heuristic modules looking for unknown viruses are very different.
Q: Why is there an option to choose between 2 different engines?
A: Delivering eTrust InoculateIT/Antivirus with 2 engines is based on the observation that many companies do not rely on one vendor only for their virus protection. A typical setup is to run vendor A on the servers/gateways and vendor B on the clients. This way there is a second chance to detect a virus on the workstation if it slipped through the server protection. Using the same vendor on servers and workstations will let a virus straight through if the product doesn't have detection. While most anti virus scanners are pretty much equal when it comes to detecting in the wild viruses, there might be differences when it comes to zoo viruses and especially new, yet unknown viruses detected by heuristics.
The downside of using 2 different products is that administrators have to learn 2 different products, use 2 different applications to manage the deployed antivirus products, possibly implement 2 different signature update schemes, etc.
eTrust InoculateIT/Antivirus gives enterprise clients the benefit of running 2 different anti virus technologies within their organization while eliminating the need to learn two different products. All the management is done through one comprehensive user interface regardless of the engine installed.
While, of course, exchanging viruses, the 2 antivirus teams work largely independently, so that the 2 engines can be considered completely different. Detection/cure for known viruses is about the same, but the heuristic modules looking for unknown viruses are very different.