Addendum to Virus Scanner Review

Nathan Johanson nathan at TCPNETWORKS.NET
Fri Oct 10 22:04:21 IST 2003

Yeah, I've drawn a few conclusions from dealing with all of these
vendors (all of which I could have probably guessed before I even set
out to do this).

* Software licensing (as far as AntiVirus software goes) is ambiguous at
best. The license says one thing, the site says another, and the sales
representative another. Sometimes you talk to two people at a given
vendor and get two different answers. 
* Should you purchase a product based on what an uninformed sales
representative tells you, you could be in breach of the paper license.
Of course, the reverse it true too. You could end up overpaying for the
software if you're dealing with the uninformed (more common with the
larger companies I suspect). For example, two different representatives
told me that McAfee VirusScan for Unix was licensed per computer (not
per user), but others on this list have been told the exact opposite. A
look at the license says that it can be installed one "one computer",
but some of their marketing documentation seems to contradict that. What
the hell? Frankly, I don't think the vendors even know how their
licensing works.

I'm curious how many people have actually been audited for software
license compliance. And I'm curious how many of these license agreements
have actually stood up in court. Personally, I've never heard of such a
thing. I do know this... All of the ambiguity makes it difficult for
law-abiding citizens like myself to purchase their software and remain
confident that I'm in compliance... since "compliance" is a moving


-----Original Message-----
From: Kevin Miller [mailto:Kevin_Miller at CI.JUNEAU.AK.US] 
Sent: Friday, October 10, 2003 1:27 PM
Subject: Re: Addendum to Virus Scanner Review

When I was looking for a solution in June or thereabouts, they sold me a
server license, but their stated policy was per user.  They were
because it was a make a sale for less or make no sale.  I suspect
always been per user, but were wise enough to know which side their
buttered on.  Maybe too many of us were doing a beat up on 'em? <g>

Kevin Miller                Registered Linux User No: 307357
CBJ MIS Dept.               Network Systems Administrator, Mail
155 South Seward Street     ph: (907) 586-0242
Juneau, Alaska 99801        fax: (907 586-4500

>-----Original Message-----
>From: Nathan Johanson [mailto:nathan at TCPNETWORKS.NET]
>Sent: Friday, October 10, 2003 12:12 PM
>Subject: Addendum to Virus Scanner Review
>Hello all,
>I recently posted the results of a full-scale, commercial anti-virus
>review. In that email, I said that F-Secure had a per-server licensing
>model (based on their web site). However (while in the midst of my
>testing phase), I went back to their site and noticed that they have
>switched their licensing model to per user when used to scan email.
>At the time of my review a few weeks ago, F-Secure said this about
>F-Secure AntiVirus for Linux.
>The command line scanner provides a versatile and powerful tool that
>works both as a user-invoken command and as a platform for automated
>antivirus systems. Detailed reporting and return codes ensure easy
>integration with third party mail scanners such as AMaViS (A Mail Virus
>Now, it says this:
>In case the product is used to scan e-mail traffic, licensing is based
>on the number of users who have access to the services provided by the
>product. In that case, the customer needs to buy a license for F-Secure
>Anti-Virus for Linux Gateways
>This means that in the last month they have gone from per user, to per
>server, to per user again. A follow up with the sales director I was
>talking to earlier yielded no response and no explanations.
>In short, it's clear that these guys are in transition and
>aren't really
>sure how to sell their products. I've scratched them off my list. For
>those of you that can afford this kind of license, F-Secure does appear
>to be a viable product from a technical standpoint since it incorporate
>three different engines into one scanner.

More information about the MailScanner mailing list