Don't like the snow? You can make a bookmark with the following text instead of a url: javascript:snowStorm.toggleSnow(). Clicking it will toggle the snow on and off.
Our new Indie Games subforum is now open for business in G&T. Go and check it out, you might land a code for a free game. If you're developing an indie game and want to post about it, follow these directions. If you don't, he'll break your legs! Hahaha! Seriously though.
Our rules have been updated and given their own forum. Go and look at them! They are nice, and there may be new ones that you didn't know about! Hooray for rules! Hooray for The System! Hooray for Conforming!

Corporate antivirus

AtomBombAtomBomb Registered User regular
edited August 2010 in Help / Advice Forum
First off, sorry for all the work related posts lately. I'm sure something will go wrong with my wang or I'll need to remember some movie from the 80's eventually and I'll make a more interesting post.

So I need to get a new AV solution for 100ish computers and 7 servers. These are all Microsoft. We also need anti-spam and whatnot for our Exchange 2003 server. Currently we have McAfee, which I inherited, which is mostly a piece of shit. I got it working a lot better than my predecessor, but I still don't like it. Spam-wise it's okay, AV-wise it doesn't stop much. If it detects and "deletes" something usually that is just a heads up to me that the machine is infected. Most the threats now seem to be more malware and trojans than tradtional viruses, and McAfee is shit for catching those.

So I'm trying to choose between Symantec Protection Suite Small Business v3.0 and Trend Micro Worry-Free Business Security Advanced. I've spoken to 2 people about it, one said go with Symantec and the other said Trend Micro. Symantec is slightly cheaper. I was wary about them, as previous experience with the consumer versions of their products (Norton) has been very unimpressive (even worse than McAfee's home stuff), but I'm told that they've gotten a lot better. My only experience with Trend Micro has been using their online scans, which have been decent if not great.

Anyone have experience with either of these?

AtomBomb on
I just got a 3DS XL. Add me! 2879-0925-7162

Posts

  • RuckusRuckus Registered User regular
    edited August 2010
    The large company (500 workstations, dozens of servers) I work for uses Symantec Enterprise.

    Last medium sized company (100 workstations, ~20 servers) I worked for used McAfee with ePolicy Orchestrator.

    Before that I worked for a very small company (20 workstations, 3 servers) we used AVG Professional and then switched to McAfee via SonicWALL management.

    Personally I found McAfee w/ePO to be the easiest setup to manage, as long as you keep all the components up to date. Most of the problems I had were also with the previous admin not configuring stuff properly.

    Raneados wrote: »
    so what SPECIFICALLY is the problem with my hole?
  • runethomasrunethomas Registered User
    edited August 2010
    Symantec endpoint protection is what we use for most of the companies we support; it catches most viruses and malware, although occasionally we will still need to run malwarebytes or something similar if a pc got really infected.

    The only other thing is the management console can be a pain to set up if you haven't done it before.

  • ihmmyihmmy Registered User regular
    edited August 2010
    our IT folk set us up with NOD32 recently. It seems to not suck, but I couldn't tell you beyond that how good it is

  • amateurhouramateurhour Registered User regular
    edited August 2010
    I've worked for two state government offices with 400+ users.

    One used Trend Micro and one used Symantec. They're both great, easy to update, and easy to deploy (just put them on a server and go there through the web browser on the pc needing the client.)

    Seriously, either one would be great.

    However, I've noticed that, with the weekly scans, Trend Micro seems to eat up a little more resource. We usually set scans for like 2 to 5 PM Friday afternoons and with Trend Micro I noticed a much bigger difference in network and system lag, especially if you're still using XP enterprise.

    It's not horrible, but it's noticable.

    Here's what I do...
    The Vac - My Science Fiction Epic
    Fortune Pancakes - My Gag-A-Day Comic
  • DjeetDjeet Registered User regular
    edited August 2010
    I've experience with Symantec and Trend. My experience with Symantec was from 8 years ago, and prompted the switch to Trend. They costed about the same, but Trend had really good tech support (Symantec tech support was poop on a stick, though it's been awhile, maybe things have changed). Things have been smooth for awhile so for the past 5 years my interaction with Trend as a company has been limited to activating my renewals.

    We use NeatSuite due it's being a better fit licensing-wise to the way we use the software. They have SMB products that have additional endpoint security and some kind of hosted gateway/internet security, but I've no experience using those so cannot say how they perform. I liked it when they dropped their server AV client (before Servers got a different AV client from the workstations), so now they all use OfficeScan, which is convenient. The web interface for monitoring and deploying changes is good, and I use a lot of the notification features. The email AV scanner (the one that runs on the Exchange server) has never let anything through and I cannot recall any false positives.

    Though I think network segmentation (which can be done independently of whichever malware suite you use) has done a lot to decrease downtime on my networks and limit the scope of damage an outbreak can cause.

  • NailbunnyPDNailbunnyPD Registered User regular
    edited August 2010
    I'm very happy with ESET NOD32 for desktop/server protection. We have ~45 users right now.

    We previously used McAfee with ePolicy Orchestrator, but the antivirus software just wasn't keeping up with modern threats, and updates were not often enough. The ePO management software was cumbersome, too.

    ESET does all that stuff much better than McAfee did. I will say I have had to uninstall ESET's Exchange antivirus software v4 from our Exchange 2010 server, and will likely be finding another vendor for that, but I'm still very happy with NOD32.

    XBL: NailbunnyPD PSN: NailbunnyPD Origin: NailbunnyPD
    NintendoID: Nailbunny 3DS: 3909-8796-4685
    steam_sig-400.png
  • 3drage3drage Registered User
    edited August 2010
    Large scale corporate installs I usually recommend Symantec, these days with regulations the way they are I've begun to recommend solutions that allow for multiple AVs within the network.

  • AtomBombAtomBomb Registered User regular
    edited August 2010
    Thanks everyone. I think we're going to give Symantec a shot. I appreciate all the input.

    I just got a 3DS XL. Add me! 2879-0925-7162
  • rfaliasrfalias Registered User
    edited August 2010
    I use trendmicro at work, 5000+ endpoints, 1000ish servers (physical and virtual).
    It keeps up with the latest stuff pretty well, and works for our large org.

    /my anecdotal evidence

    1036440-1.png
  • PheezerPheezer Registered User, ClubPA
    edited August 2010
    runethomas wrote: »
    Symantec endpoint protection is what we use for most of the companies we support; it catches most viruses and malware, although occasionally we will still need to run malwarebytes or something similar if a pc got really infected.

    The only other thing is the management console can be a pain to set up if you haven't done it before.

    Granted the only places where I've been exposed to the tech side of things have been extremely large corporations, but everywhere I've worked would never bother with that.

    Give everyone a networked storage location, and if they fuck up, remote wipe their PC and reinstall from an image. Takes less time and if they're using local storage instead of following policies (like the Internet usage one that would have prevented their becoming infected in the first place), provides an even better incentive not to do it again than a tersely worded e-mail. Any business cost is the employee's to bear responsibility for.

    Obviously this works less well for the CEO than it does for the junior accountant, but let's face it: The rules are always different for anyone sufficiently high up the chain and that's really not going to be the scenario described by the OP anyhow.

    As for which product to use for AV, I don't know. Everyone seems to use Symantec. There are two factors to consider in most jobs but especially in IT: You can try to find the right solution according to you, or you can try to find the right solution according to your boss. When your boss is sufficiently wrong, find the right solution according to you and convince them.

    When you're debating about which of a dozen roughly identical products would be best, go with the one that your boss is going to just shrug and say "well that IS the best". In this case, that's whichever Symantec solution meets your budget. If it fails, no one is going to be looking at you wondering why you didn't go with the software everyone else uses. I doubt it's significantly more or less likely to fail than it's two or three closest competitors.

    That's just me, though. Maybe you're more idealistic or something, but let's face it: The computers are all going to break eventually. Make a good corporate image pick the AV software based on what your boss will think is the smart buy.

    I know nothing about spam software.

    IT'S GOT ME REACHING IN MY POCKET IT'S GOT ME FORKING OVER CASH
    CUZ THERE'S SOMETHING IN THE MIDDLE AND IT'S GIVING ME A RASH
  • 3drage3drage Registered User
    edited August 2010
    Pheezer wrote: »
    runethomas wrote: »
    Symantec endpoint protection is what we use for most of the companies we support; it catches most viruses and malware, although occasionally we will still need to run malwarebytes or something similar if a pc got really infected.

    The only other thing is the management console can be a pain to set up if you haven't done it before.

    Granted the only places where I've been exposed to the tech side of things have been extremely large corporations, but everywhere I've worked would never bother with that.

    Give everyone a networked storage location, and if they fuck up, remote wipe their PC and reinstall from an image. Takes less time and if they're using local storage instead of following policies (like the Internet usage one that would have prevented their becoming infected in the first place), provides an even better incentive not to do it again than a tersely worded e-mail. Any business cost is the employee's to bear responsibility for.

    Obviously this works less well for the CEO than it does for the junior accountant, but let's face it: The rules are always different for anyone sufficiently high up the chain and that's really not going to be the scenario described by the OP anyhow.

    As for which product to use for AV, I don't know. Everyone seems to use Symantec. There are two factors to consider in most jobs but especially in IT: You can try to find the right solution according to you, or you can try to find the right solution according to your boss. When your boss is sufficiently wrong, find the right solution according to you and convince them.

    When you're debating about which of a dozen roughly identical products would be best, go with the one that your boss is going to just shrug and say "well that IS the best". In this case, that's whichever Symantec solution meets your budget. If it fails, no one is going to be looking at you wondering why you didn't go with the software everyone else uses. I doubt it's significantly more or less likely to fail than it's two or three closest competitors.

    That's just me, though. Maybe you're more idealistic or something, but let's face it: The computers are all going to break eventually. Make a good corporate image pick the AV software based on what your boss will think is the smart buy.

    I know nothing about spam software.

    Defense in depth is one of the most important aspects to understand in information security. AV is one portion, and in most cases a necessary portion if you are dealing with any type of regulation.

  • runethomasrunethomas Registered User
    edited August 2010
    Most of the places we support are small to medium sized businesses (less than 20 people) that don't have an image deployment system so this setup works fine, most don't even have client/server infrastructure. On some of the lager accounts we use a deployment console with images, software pushes, and such.

Sign In or Register to comment.