News

Antivirus From the Edge

In an interview from </i>MCP Radio<i>, Editor Michael Domingo interviewed Anton Zajac, president of Eset Software about his company's antivirus offerings.

• By Michael Domingo
• 04/29/2004

MCP Magazine: You have an interesting story to tell about the name of your company and the name of the products you make.

Anton Zajac: The name of the company is Eset, which is an Egyptian goddess. [Eset is Isis in English.—Editor] She had the special capability to revive corpses. Her husband was cut into pieces; she was able to put him back together and revive her husband.

Our program, NOD32, which is an antivirus system, we'd like to believe it's capable of reviving dead computers, computers infected by deadly viruses. The name of the product, NOD32, is derived from the name of a very famous series that ran on TV in Czechoslovakia. The title of the series was called "The Hospital on the Edge of a City" (translated in English). We named our product, accordingly, "The Hospital on the Edge of a Disk."

Frankly, I've never heard of your company, because when we think of antivirus, in context we think of companies like Symantec and McAfee. Have you been around long and is this the first time you've had exposure in the market against those companies?

No. Actually, the first major exposure was in PC Magazine, the April 2003 edition. Symantec, McAfee and Trend Micro were tested with NOD32 and NOD32, based on PC Magazine, blew away the competition in the performance degradation tests.

The first international introduction of our product was in May 1998, when we submitted the product for tests to Virus Bulletin, which is a publication solely dedicated to virus detection, protection and recognition. Since May 1998, we won 26 Virus Bulletin 100% awards. NOD32 is the only product that has not missed any in-the-wild virus in Virus Bulletin's tests since May 1998, which is a pretty solid virus detection track record.

The company is privately owned, revenue funded and we didn't have a lot of money to advertise... We're gradually becoming more popular, especially among expert users. In fact, there are companies — Dell, Microsoft, Canon — which have tested the product and based on the results of the tests, for example in the case of Dell, who performed net bench tests...based on the result of extremely low system impact of our antivirus system on Dell NAS systems, that Dell decided to ship the product with its servers.

Microsoft has been using the product in its release labs for three years and Canon is our exclusive distributor in Japan. I believe we'll gradually appear on the radar screen of big companies and the user, as well.

Are you looking to expand exposure of the company or are you trying to maintain exclusivity, developing products as partners join you and perhaps spreading your product more through word of mouth? I guess I'm asking you to explain how your company will thrive in the market among those other companies.

Basically, that is what's happening. The revenues of the company are growing exponentially. We've been selected by Deloitte & Touche, one of the top accounting firms, in its technology Fast 500 program among its 500 fastest growing companies for the second consecutive year...[but] most of our customers are coming to us because some friend or somebody told them that NOD32 is an excellent system. Our client retention rate is about 99 percent and a very high percentage of our clients are coming to us because they were infected while they were using a different, competing antivirus system.

Tell the listeners what product you're talking about here.

We have actually many products. We have products for all Windows platforms, including DOS. We have products for mail servers, Microsoft Exchange, Lotus Domino. We have products for different flavors of Linux, Linux Mailserver, Linux Fileserver. In fact, in this month's edition of Virus Bulletin is a comparative review of antivirus systems on Linux platforms. NOD32 for Linux Fileserver won yet another 100% Award for detecting 100 percent of in-the-wild viruses.... The whole list of products appear on our Web site at www.nod32.com.

Can you tell me about NOD32 and Remote Console, specifically how they differ from competing products?

I think there are basically three or four parameters that should be considered when selection of an antivirus system is being done. The first is detection.

The second would be the scanning rate. There are many clients who are coming to us because they just can't stand waiting an hour or a long period of time for other antivirus systems to finish scanning. NOD32 is not only extremely rigorous scanning engine but also very fast. In fact, one of the reviewers in Virus Bulletin [commented that] it's common accepted that an antivirus system is fast or a good scanner, but NOD32 beats this, coupling speed and detection together. The third parameter is the impact on system resources. NOD32 has the lowest impact, the lowest requirement for system resources.

You asked about Remote Administrator. That's the corporate edition of our product. It allows for the deployment of antivirus system on a large network, let's say, 5,000 computers, in a couple of minutes. It not only provides for deployment, but it allows for an immediate and flexible picture of what's going on. It creates customized or pre-defined reports of what has happened on a network or what is happening. It would find unprotected computers. It would alert the system administrator if a computer is not using the latest edition of NOD32.... It's basically a management tool that's inevitable in today's environment.

I forgot one feature, which is extremely important in today's antivirus protection. The feature is the capability of an antivirus system to detect unknown yet unanalyzed infiltrations. Those are, I believe, the most dangerous infiltrations. It's relatively simple to protect a client against a worm that hit the streets three days ago. But what's really necessary is to protect the client's computer against something that will hit the streets tomorrow. That can be achieved using a special detection method which is known as heuristics.

NOD32 has a very powerful heuristics based on special virtual PC technology, which consists of creation of a mock PC in the memory of a computer with all the devices. Our system will throw a file into this simulated environment and based on the behavior of this running and potentially infected file, it will trigger an alarm.

To listen to the MCP Radio show that features the complete audio interview featuring Anton Zajac, click here.