Results 1 to 10 of 10

Thread: Enterprise Antivirus help!!!! PLEASE

  1. #1
    Succeded in braking Windo TZ Veteran Dehcbad25's Avatar
    Join Date
    Apr 2002
    Location
    DE - USA
    Posts
    2,406

    Enterprise Antivirus help!!!! PLEASE

    OK, our Symantec support run out, and we forgot to renew (dumb, dumb) so, I ask for a quote, and even thought it is an upgrade (I am not upgraded anything) it is about 4 grand (100 license)
    So, I decided, I don't really like the admin console (too simply) It has no reports (unless pay for another product). If you have use the console, you probably know the pain. It relies on logs. It is also a big fat, and we have some old computers (NT 600 MHz 128 and 256 MB RAM) so Resources is also a problem.
    I wanted to see if I could find the *best* but I quickly found out it is going to be difficult. I am also pressed with time.
    Could you guys point me to information to prepare a comparison? Management and reliability are very important. I manage the Antivirus, as well as other 2000 things. I believe I have enough time to take a look at the Antivirus console every 2 weeks and I tired of seeing all those reds (Spyware 99%)
    I already got quotes for NOD32 EE and McAfee Enterprise.
    I have to test NOD32 interface too (already got a trial) and I will work on getting trial for McAfee on Monday.
    Before I deploy the trial my idea is to see if I can set something quick to try. Suggestions?? Ideas? that way I can use like sand boxing or something similar......I really think that is a great idea. Please, help

  2. #2
    Hardware guy Super Moderator FastGame's Avatar
    Join Date
    Apr 2002
    Location
    Blasters worm farm
    Posts
    3,416
    Hmm where you work do you thinks its a good idea to experiment ?

    Get McAfee Enterprise if the price is right.

  3. #3
    Succeded in braking Windo TZ Veteran Dehcbad25's Avatar
    Join Date
    Apr 2002
    Location
    DE - USA
    Posts
    2,406
    well, I don't have much time to experiment. We have Symantec, but the management sucks PLAIN AND CLEAR
    McAfee didn't pass the VB test in Windows NT and when I tried it some time ago (not recently thought) it could eat quite the resources. Our PCs aren't really that quick, so 15~25MB for the AV is actually too mcuh for the system.
    I have at least registered 30 complains from users when I rolled out SAV 9.0 (from 8.6) because it is a lot heavier in resources.
    We have some Spyware too, since the users aren't very savy.
    McAfee price was OK. Actually normal. SAV is outrageous at 69 per licence (compared to 29 of McAfee)
    Still I have to present numbers in a spreadsheet, so I do have to have some research, and whichever I am recomending has to be backed up. A main point will be management.
    I was asked to evaluate and put numbers for Symantec (current AV) McAfee Inc, CA eTrust, NOD32, Kaspersky, and Avast (Alwil).
    I am not too confident with CA, but was asked to put it in.
    I had thought of setting up Virtual PC HDD images for the test. One NT, one 2000, one 2003 and one XP, and run the test on the images, so I just can make copies of the image and load the AV test sandbox from there.
    So far that is the only idea I could come up with, to test them. But I will need a couple of systems which I don't have available, so still wondering.
    I wish I was given more time. I hate rushed projects. I fear we might chose just whatever (not uncommon)
    I already have enought work with the Spam/Antivirus for email, and the content filtering, which was *recomended* by vendor. That alone took 3 months out of the last 9, and I just got the reporting module for the spam a month ago (69% isn't that bad, right?)
    Last edited by Dehcbad25; March 12th, 2005 at 02:21 AM.

  4. #4
    Super Moderator Super Moderator Big Booger's Avatar
    Join Date
    Apr 2002
    Location
    JAPAN
    Posts
    10,941
    http://www.pcmag.com/article2/0,1759,1113339,00.asp

    Take a look there. Great reviews of several of the top corporate antivirus software applicatons. Should get you headed in the right direction.

    http://www.pcmag.com/process_downloa...,d=1788,00.pdf

    View that PDF for a direct comparison. Trendmicro took the editor's choice, although it is more expensive.. it would seem you get what you pay for.


    another one to consider would be Panda's Enterprise solution:

    http://www.pandasecurity.com/paves.htm

    as well as FPROT:

    http://www.f-prot.com/products/corporate_users/
    Last edited by Big Booger; March 12th, 2005 at 02:36 AM.

  5. #5
    Hardware guy Super Moderator FastGame's Avatar
    Join Date
    Apr 2002
    Location
    Blasters worm farm
    Posts
    3,416
    I just think where you work you shouldn't mess around, I mean your job could be on the line with your choice. I know you shouldn't place your job security with what I think

    Maybe you should go to Wilders Security and ask. All the guys who do the virus test everyone links to hang out there.

  6. #6
    Succeded in braking Windo TZ Veteran Dehcbad25's Avatar
    Join Date
    Apr 2002
    Location
    DE - USA
    Posts
    2,406
    thanks for the review BB, but it is from 2003. I have one from August 2004 and I think it is too old
    Also, kind of they describe a lot about antivirus, but put a lot of different things on the same bag, for example email antivirus. The Symantec email version, it is totally different from the SAV corporate, not to mention it is a totally new license too. There are more Strong contenders now too, so it is kind of limited with only 4.
    There was a lot of useful information in the article thought.
    An example, NOD and Avast have interesting Enterprise editions. The Avast management seems to pull nice reports and graphics.
    It seems that it is going to be a long weekend for me
    I am thinking of just pulling out numbers for detection rates, and then try them. Then I can balance detection rate with management GUI.
    I am disappointed at Symantec big time. I think they sit in a neutral area regarding Spyware (it will detect it, but not remove it, or stop it from entering the system, so, why use resources to detect it at all?) On top of that, add that it is very conservative on the findings, for Gator, it just list the exe file. What about the other 200 files?
    I am not picky, but as FG said, I have to be carefully. Symantec will make directives relax, but if I spent 2 hours a day, so there is no threat listed it won't be secure, because I don't have those 10 hours a week extra. I already work about 60 hours, not even looking at the AV once a week. All the installations are manual. Can be done from Central location, but you have to have a program to scan the network, then compare the computers to find out which doesn't have AV. One word: TEDIOUS in an environment that changes a lot.
    I am also in the middle of deploying DFS for all the share folders, and have to change all the NTFS permissions, so you can imagine how I am

  7. #7
    Triple Platinum Member Curio's Avatar
    Join Date
    Nov 2004
    Location
    London
    Posts
    899
    Difficult choice for you - I have heard sophos is very good but I don't use it myself. I also hear good things about Panda but I don't use the enterprise version of that either I tend to use Symantec or AVG (got a thing about McAfee just can't like it). Looking at the long game I would personally choose one of the big two - why? Because if you have a big infection which costs network downtime and you are using something the bosses have never heard of you are going to get a right kicking. If on the other hand you can say look I am using the market leader what more can I do - you may be on firmer ground.
    I'm using Windows 7 - you got a problem with that?

  8. #8
    Succeded in braking Windo TZ Veteran Dehcbad25's Avatar
    Join Date
    Apr 2002
    Location
    DE - USA
    Posts
    2,406
    Well, I won't be chosing the AV, I just have to present a spreadsheet with numbers, so conclusions can be drawn from there. I have also a thing against McAfee that I can't really pint point Symantec needs way too much maintenance which is really weird. License file in the clients gets corrupted, kills a Intel mobo with NTFS if Intel HDD drivers are used (and I wasn't able to change the drivers either ), it won't tell me which PCs don't have it installed, some clients don't get the updates, it slows down old PC's, it really doesn't like at all Cygwin (which we use), and the most annoying is the logs. Logs it is not the problem, the problem is that log is all that provides. What good is an antivirus if it makes you hate to look at it?
    I agree with you in the insurance, but after 2 years, I have fed up with it. It is expensive, it requires more programs to do what others do standard, and it works only on 95% of the workstations. The other 5% makes you work too much. It is a very expensive AV solution unless you have a Antivirus Administrator dedicated to only that. With 25 PCs I guess it wouldn't be a problem, but with 100 it really is. I just can imagine the day it kills the PC of one of the directors It already decided to stop updating in the exec. director's laptop once, so I had to create special policies for it (and added all laptops to it just in case) that if the parent server is lost, it will work on its own. I would love to add the Management of Avast, or NOD into Symantec

  9. #9
    Triple Platinum Member Curio's Avatar
    Join Date
    Nov 2004
    Location
    London
    Posts
    899
    I only use symantec SB so I don't know if the full enterprise version is any different but the management console does all the stuff you want. I set it to delete the quarantined files after 3 days so if it ever accidentally quarantines something like ntfs.sys there is plenty of time to get to it but the disk space usage doesn't climb too high. I rarely if ever look at it unless someone says their pc isn't working properly, you can set traps for notification but who wants that - I will find out soon enough without it.
    Cygwin problems I didn't know that, thanks for the heads up that could be valuable information.
    I'm using Windows 7 - you got a problem with that?

  10. #10
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    There is also VET anti-virus, we used it in a few server installations... it has a master installation method... so install on server and clients pull it down from there... cheap too, we pay $20 per license... www.vet.com.au

    --- 0wN3D by 3gG ---

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •