As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/
Options
Corporate antivirus
AtomBomb
Registered User regular
Registered User regular
First off, sorry for all the work related posts lately. I'm sure something will go wrong with my wang or I'll need to remember some movie from the 80's eventually and I'll make a more interesting post.
So I need to get a new AV solution for 100ish computers and 7 servers. These are all Microsoft. We also need anti-spam and whatnot for our Exchange 2003 server. Currently we have McAfee, which I inherited, which is mostly a piece of shit. I got it working a lot better than my predecessor, but I still don't like it. Spam-wise it's okay, AV-wise it doesn't stop much. If it detects and "deletes" something usually that is just a heads up to me that the machine is infected. Most the threats now seem to be more malware and trojans than tradtional viruses, and McAfee is shit for catching those.
So I'm trying to choose between Symantec Protection Suite Small Business v3.0 and Trend Micro Worry-Free Business Security Advanced. I've spoken to 2 people about it, one said go with Symantec and the other said Trend Micro. Symantec is slightly cheaper. I was wary about them, as previous experience with the consumer versions of their products (Norton) has been very unimpressive (even worse than McAfee's home stuff), but I'm told that they've gotten a lot better. My only experience with Trend Micro has been using their online scans, which have been decent if not great.
Anyone have experience with either of these?
So I need to get a new AV solution for 100ish computers and 7 servers. These are all Microsoft. We also need anti-spam and whatnot for our Exchange 2003 server. Currently we have McAfee, which I inherited, which is mostly a piece of shit. I got it working a lot better than my predecessor, but I still don't like it. Spam-wise it's okay, AV-wise it doesn't stop much. If it detects and "deletes" something usually that is just a heads up to me that the machine is infected. Most the threats now seem to be more malware and trojans than tradtional viruses, and McAfee is shit for catching those.
So I'm trying to choose between Symantec Protection Suite Small Business v3.0 and Trend Micro Worry-Free Business Security Advanced. I've spoken to 2 people about it, one said go with Symantec and the other said Trend Micro. Symantec is slightly cheaper. I was wary about them, as previous experience with the consumer versions of their products (Norton) has been very unimpressive (even worse than McAfee's home stuff), but I'm told that they've gotten a lot better. My only experience with Trend Micro has been using their online scans, which have been decent if not great.
Anyone have experience with either of these?
I just got a 3DS XL. Add me! 2879-0925-7162
AtomBomb on
0
Posts
Last medium sized company (100 workstations, ~20 servers) I worked for used McAfee with ePolicy Orchestrator.
Before that I worked for a very small company (20 workstations, 3 servers) we used AVG Professional and then switched to McAfee via SonicWALL management.
Personally I found McAfee w/ePO to be the easiest setup to manage, as long as you keep all the components up to date. Most of the problems I had were also with the previous admin not configuring stuff properly.
The only other thing is the management console can be a pain to set up if you haven't done it before.
One used Trend Micro and one used Symantec. They're both great, easy to update, and easy to deploy (just put them on a server and go there through the web browser on the pc needing the client.)
Seriously, either one would be great.
However, I've noticed that, with the weekly scans, Trend Micro seems to eat up a little more resource. We usually set scans for like 2 to 5 PM Friday afternoons and with Trend Micro I noticed a much bigger difference in network and system lag, especially if you're still using XP enterprise.
It's not horrible, but it's noticable.
We use NeatSuite due it's being a better fit licensing-wise to the way we use the software. They have SMB products that have additional endpoint security and some kind of hosted gateway/internet security, but I've no experience using those so cannot say how they perform. I liked it when they dropped their server AV client (before Servers got a different AV client from the workstations), so now they all use OfficeScan, which is convenient. The web interface for monitoring and deploying changes is good, and I use a lot of the notification features. The email AV scanner (the one that runs on the Exchange server) has never let anything through and I cannot recall any false positives.
Though I think network segmentation (which can be done independently of whichever malware suite you use) has done a lot to decrease downtime on my networks and limit the scope of damage an outbreak can cause.
We previously used McAfee with ePolicy Orchestrator, but the antivirus software just wasn't keeping up with modern threats, and updates were not often enough. The ePO management software was cumbersome, too.
ESET does all that stuff much better than McAfee did. I will say I have had to uninstall ESET's Exchange antivirus software v4 from our Exchange 2010 server, and will likely be finding another vendor for that, but I'm still very happy with NOD32.
NintendoID: Nailbunny 3DS: 3909-8796-4685
It keeps up with the latest stuff pretty well, and works for our large org.
/my anecdotal evidence
Granted the only places where I've been exposed to the tech side of things have been extremely large corporations, but everywhere I've worked would never bother with that.
Give everyone a networked storage location, and if they fuck up, remote wipe their PC and reinstall from an image. Takes less time and if they're using local storage instead of following policies (like the Internet usage one that would have prevented their becoming infected in the first place), provides an even better incentive not to do it again than a tersely worded e-mail. Any business cost is the employee's to bear responsibility for.
Obviously this works less well for the CEO than it does for the junior accountant, but let's face it: The rules are always different for anyone sufficiently high up the chain and that's really not going to be the scenario described by the OP anyhow.
As for which product to use for AV, I don't know. Everyone seems to use Symantec. There are two factors to consider in most jobs but especially in IT: You can try to find the right solution according to you, or you can try to find the right solution according to your boss. When your boss is sufficiently wrong, find the right solution according to you and convince them.
When you're debating about which of a dozen roughly identical products would be best, go with the one that your boss is going to just shrug and say "well that IS the best". In this case, that's whichever Symantec solution meets your budget. If it fails, no one is going to be looking at you wondering why you didn't go with the software everyone else uses. I doubt it's significantly more or less likely to fail than it's two or three closest competitors.
That's just me, though. Maybe you're more idealistic or something, but let's face it: The computers are all going to break eventually. Make a good corporate image pick the AV software based on what your boss will think is the smart buy.
I know nothing about spam software.
CUZ THERE'S SOMETHING IN THE MIDDLE AND IT'S GIVING ME A RASH
Defense in depth is one of the most important aspects to understand in information security. AV is one portion, and in most cases a necessary portion if you are dealing with any type of regulation.