Discussion on:
View:
Show:
What antivirus systems are you using in your organization? Have you tried one of the five Wally mentioned? What do you think about it?
Have you seen these choices used in an enterprise situation?
I guess like me you initially just browsed through and looked at the names, this is from the opening remarks.
". . . most of us have probably only used one of the handful of biggest players.
In this edition of Five Apps, we take a look at five enterprise grade antivirus systems that fall just under that handful of major players."
". . . most of us have probably only used one of the handful of biggest players.
In this edition of Five Apps, we take a look at five enterprise grade antivirus systems that fall just under that handful of major players."
We use Avast exclusively in our company. Not these enterprise editions, however if we did utilize an enterprise edition, I would certainly NOT use Symantec, McCafee etc...
I have deployed Endpoint suites to medium to the largest companies (from a few to tens of thousand endpoints) and in cases where I replaced another enterprise suite I have never ran across these products.
We use Kaspersky's Total Space Security, and it has been great!
I've seen VIPRE used by a local telecom company and they have been very pleased.
I've seen VIPRE used by a local telecom company and they have been very pleased.
Thanks for your opinion. I +1 to remove the -1 that had no explanation. Your feedback can help others make a wise decision.
what RNR is saying here is SEP is not effective if a user installs a malicious piece of software on their own. I like how Avast will scan what I am downloading. I am sure that SEP has something that does this also however I would not use a Symantec product on any critical computer ever.
At the same time there is a point in RNR's post regarding users, and bypassing the first line of security, dare I say it? Common Sense. I know there are ways to get into security problems that are not as obvious but most are.
Educating users is a must.
And if they are under age, monitoring. My son is 12. I am a CIO at an oil company. He gets approx 2 hours on the weekend to get on the computer and play games. No one in my house is allowed to install any software on any of the computers without my consent. All his devices (ipod, android phone) get monitored (manually). And we talk about bad sites and what irresponsible browsing can do.
At the same time there is a point in RNR's post regarding users, and bypassing the first line of security, dare I say it? Common Sense. I know there are ways to get into security problems that are not as obvious but most are.
Educating users is a must.
And if they are under age, monitoring. My son is 12. I am a CIO at an oil company. He gets approx 2 hours on the weekend to get on the computer and play games. No one in my house is allowed to install any software on any of the computers without my consent. All his devices (ipod, android phone) get monitored (manually). And we talk about bad sites and what irresponsible browsing can do.
Which of these apps are freeware? Are any of these programs simply trialware - if so, are they limited, and it what way? If it is trialware, how long is it functional?
When TechRepublic does a review of any software, this information is basic and critical - if you're really offering valuable information for anyone considering installing new programs, you need to pay more attention to this point.
In my experience, TechRepublic rarely supplies this information and yet this is very important to most potential users of the programs you recommend.
You undermine your value as a source of quality information if you don't address this issue.
When TechRepublic does a review of any software, this information is basic and critical - if you're really offering valuable information for anyone considering installing new programs, you need to pay more attention to this point.
In my experience, TechRepublic rarely supplies this information and yet this is very important to most potential users of the programs you recommend.
You undermine your value as a source of quality information if you don't address this issue.
Freeware is more appropriate for home or small business users. Since this article is specifically discussing enterprise AV solutions, I would be extremely surprised to see freeware listed.
Check out this site. A very respected Austrian organization that tests antivirus software.
http://www.av-comparatives.org/comparativesreviews/corporate-reviews
http://www.av-comparatives.org/comparativesreviews/corporate-reviews
Seems to me they usually do a pretty good job a providing enough information so that I can decide if I want more and do the additional research myself. In this particular case since these are labeled as enterprise ready then they will certainly not be freeware though you may be able to get a short term free trial.
If I were looking for something to replace our current enterprise solution the information they provide about features etc. is more important to me than the type of license etc. If the software sounds like it will server my needs then I can look up the license information myself. If they include everything anyone might want to know then the article becomes way too long and I suspect more readers just skim it.
If I were looking for something to replace our current enterprise solution the information they provide about features etc. is more important to me than the type of license etc. If the software sounds like it will server my needs then I can look up the license information myself. If they include everything anyone might want to know then the article becomes way too long and I suspect more readers just skim it.
Most companies generally avoid freeware. They want to pay for the application so they can get support in case there is a problem. Very few freeware apps offer any support other than forums.
Watch out for licensing agreements for "freeware". Most are for any non-commercial usage. So they can't be used for profit, for a chairty, etc.
Well, if you don't like TR's information, you are free to go elsewhere.... They aren't in the business of supplying information just for a single area such as freeware.
Watch out for licensing agreements for "freeware". Most are for any non-commercial usage. So they can't be used for profit, for a chairty, etc.
Well, if you don't like TR's information, you are free to go elsewhere.... They aren't in the business of supplying information just for a single area such as freeware.
I don't understand RNR1995's comment. One of Sophos' major features is the ability to block user installations. In an enterprise, it's smartest to set AD to stop any user installed programs. The Hospice I support has such a GPO and all our computers do a domain logon. No local logons. It's been flawless for us over the past 6-7 years.
My major complaint is their slow response to new versions of Windows. Currently, for example, they do not have a firewall that is supported under Windows 8.
My major complaint is their slow response to new versions of Windows. Currently, for example, they do not have a firewall that is supported under Windows 8.
1) I was referrring to Symantec Endpoint Protection
2) If users cannot install programs, all of your updates are maintained by an IT staff person? Acrobat, Flash, JAVA, etc? or a GPO push?
Just wondering?
2) If users cannot install programs, all of your updates are maintained by an IT staff person? Acrobat, Flash, JAVA, etc? or a GPO push?
Just wondering?
SEP is administrated centrally. It is up to whomever running the sever whether they want application updaters to to be enabled or disabled.
Yes. we manage all updates. We have the advantage that 98% of our users do a domain logon and then log onto one of two Citrix servers. Only I.T. computers have anything installed (other than the Citrix Receiver, WSUS and Sophos). This means that we only have to update our own computers (3) and 2 servers.
I wish we could setup every network that way
Unfortunately most of our networks do not have an assigned IT person on staff or on site, it is up to the users to install certain updates, hence the rub on Symantec. If a user decides they want to install Joe blows latest ransom virus, well poof there it is.....
Unfortunately most of our networks do not have an assigned IT person on staff or on site, it is up to the users to install certain updates, hence the rub on Symantec. If a user decides they want to install Joe blows latest ransom virus, well poof there it is.....
We've had Sophos for years however it has been disappointing in the past year. First there was the update where it started to detect itself as Malware, this shows a lack of testing. More worryingly we've had a few infections that it didn't detect and a few others it couldn't help with.
Want to see more than five? Check out this site. A very respected Austrian organization that tests antivirus software.
http://www.av-comparatives.org/comparativesreviews/corporate-reviews
http://www.av-comparatives.org/comparativesreviews/corporate-reviews
Hi, I work for Webroot and we have had rave customer reviews for this new antivirus approach. Our bandwidth usage is typically less than 250KB per day, and from a data/cloud security perspective only encrypted hash values that identify that endpoint's specific applications and processes are exchanged. Absolutely no user file data of any sort is exchanged. The trade-up is no signature updates, ever, and real-time protection against malware. 30-day free trials are available at our website, and no conflicts makes us easy to test.
With new malware/crapware coming out daily, how does Webroot keep bandwidth usage to less than 250KB per day [per client I'm assuming]? That sounds about the size for checking for updates and finding there isn't any and not when there is an update.
Gisabun
That's a very valid question. As George mentioned above, the file information being sent and compared on the cloud is only encrypted hash values of the endoint's specific applications and processes, not the actual files themselves. These hash values are less then 4kb in size. Every scan is sent up to our cloud-based threat database to be checked on our end, and a response as to the determinations of those files is sent back.
Webroot is not updating a definition file stored on your computer, but sending rules down regarding the file in question, thus keeping the bandwidth usage down to less then 250kb.
That's a very valid question. As George mentioned above, the file information being sent and compared on the cloud is only encrypted hash values of the endoint's specific applications and processes, not the actual files themselves. These hash values are less then 4kb in size. Every scan is sent up to our cloud-based threat database to be checked on our end, and a response as to the determinations of those files is sent back.
Webroot is not updating a definition file stored on your computer, but sending rules down regarding the file in question, thus keeping the bandwidth usage down to less then 250kb.
We had been running F-Secure's enterprise version for several years and just switched to Kaspersky. The main reasons for the switch were that the footprint on the client was not small and that they had not really updated their enterprise product in quite some time (all of their focus seemed to be on the home product).
When we were talking to them, it appeared that they had no plans to update, so we decided to evaluate other options. We ended up with Kaspersky and seem to have fewer problems. There are occasionally some agent issues, but we don't see the terrible performance issues that we did with F-Secure Client Security. I'm sure some of the performance issues could have been worked around with policy updates and tweaking, but the lack of attention to the enterprise product at that time made it an easy decision to change.
When we were talking to them, it appeared that they had no plans to update, so we decided to evaluate other options. We ended up with Kaspersky and seem to have fewer problems. There are occasionally some agent issues, but we don't see the terrible performance issues that we did with F-Secure Client Security. I'm sure some of the performance issues could have been worked around with policy updates and tweaking, but the lack of attention to the enterprise product at that time made it an easy decision to change.
Yes. We currently are using GFI Vipre and are very happy with it. Network consists of 50 pc's nad 3 servers.
I've been using Avast since 2010 (first as Avast Enterprise 4.8, now Avast Endpoint Protection Suite Plus 6.x), currently licensed through 2014, and will more than likely be renewing for another two years after that.
We had been using Symantec for 2-3 years (upon the recommendation of our managed service provider) and I would need to invent new words to describe how awful it was because any superlatives in the English language are not sufficient. Symantec had a pesky problem of being easily defeated (i.e. its background services disabled and corrupted) by viruses, spyware, fake antiviruses, and the like. Self-defense is kind of an important feature for any antivirus, but Symantec flopped like a European soccer player. On four occasions I had to give up and reformat a PC because it was too far gone to repair. For all other occasions I would turn to Avast Home Edition to do the dirty work. If the PC was not too far gone and I could get Avast installed, I would run a boot-time scan (something Symantec couldn't do, at least at the time) to clean up the PC, and then uninstall Avast and reinstall Symantec.
After doing that enough times I had the bright idea to just switch to Avast completely. Our MSP strongly recommended against it because it was "off the beaten path" but I told them to shove their recommendation and bought it anyway. At the time (version 4.8) neither the client nor the management software looked as polished as Symantec's but they worked a LOT better, and I noticed an instant improvement in the number of severe virus infections, even with my most problematic users. I have not had to reformat a single computer on Avast's watch, I haven't even had a virus infection bad enough to run a boot-time scan. Pretty much the only things that got through anymore were the fake antiviruses (something that I'm not sure any AV could reliably stop), but now that most of our 32-bit XP PCs have been replaced with 64-bit Win7 PCs and I've weaned people off of using IE I'm not seeing nearly as many of those anymore.
We recently upgraded to Avast version 6 (Endpoint Protection Suite Plus) and had a couple of hiccups. With the latest version they've added firewall, antispam, etc., a lot of features we didn't have before The antispam feature in particular got us in trouble, although it was partially my fault. We have a spam appliance so we don't need spam filtering at the client level, but I figured I would install it anyway (just in case we needed it in the future) but leave it disabled. This does not show up anywhere in the docs but doing so installs the Avast Outlook plugin anyway and routes ALL incoming mail to Outlook's junk mail folder. 25 PCs into my upgrade deployment I had to create a new install package without the antispam module and start over. That sucked, but lesson learned, I guess.
The management console does have a few quirks but it gets the job done once you learn your way around. I do wish they had made more improvements to it from version 4.8 (ADNM) to version 6 (AEA) - it's basically the same software with some updated icons. Remote installs/uninstalls are also pretty unpredictable; sometimes it works, sometimes it doesn't, and I haven't really noticed a pattern. The client itself also doesn't show you remote install/uninstall status; you have to load and refresh the remote install log file. I'd recommend having some remote support software (TeamViewer, LogMeIn, etc.) to fall back on for installs/uninstalls.
We had been using Symantec for 2-3 years (upon the recommendation of our managed service provider) and I would need to invent new words to describe how awful it was because any superlatives in the English language are not sufficient. Symantec had a pesky problem of being easily defeated (i.e. its background services disabled and corrupted) by viruses, spyware, fake antiviruses, and the like. Self-defense is kind of an important feature for any antivirus, but Symantec flopped like a European soccer player. On four occasions I had to give up and reformat a PC because it was too far gone to repair. For all other occasions I would turn to Avast Home Edition to do the dirty work. If the PC was not too far gone and I could get Avast installed, I would run a boot-time scan (something Symantec couldn't do, at least at the time) to clean up the PC, and then uninstall Avast and reinstall Symantec.
After doing that enough times I had the bright idea to just switch to Avast completely. Our MSP strongly recommended against it because it was "off the beaten path" but I told them to shove their recommendation and bought it anyway. At the time (version 4.8) neither the client nor the management software looked as polished as Symantec's but they worked a LOT better, and I noticed an instant improvement in the number of severe virus infections, even with my most problematic users. I have not had to reformat a single computer on Avast's watch, I haven't even had a virus infection bad enough to run a boot-time scan. Pretty much the only things that got through anymore were the fake antiviruses (something that I'm not sure any AV could reliably stop), but now that most of our 32-bit XP PCs have been replaced with 64-bit Win7 PCs and I've weaned people off of using IE I'm not seeing nearly as many of those anymore.
We recently upgraded to Avast version 6 (Endpoint Protection Suite Plus) and had a couple of hiccups. With the latest version they've added firewall, antispam, etc., a lot of features we didn't have before The antispam feature in particular got us in trouble, although it was partially my fault. We have a spam appliance so we don't need spam filtering at the client level, but I figured I would install it anyway (just in case we needed it in the future) but leave it disabled. This does not show up anywhere in the docs but doing so installs the Avast Outlook plugin anyway and routes ALL incoming mail to Outlook's junk mail folder. 25 PCs into my upgrade deployment I had to create a new install package without the antispam module and start over. That sucked, but lesson learned, I guess.
The management console does have a few quirks but it gets the job done once you learn your way around. I do wish they had made more improvements to it from version 4.8 (ADNM) to version 6 (AEA) - it's basically the same software with some updated icons. Remote installs/uninstalls are also pretty unpredictable; sometimes it works, sometimes it doesn't, and I haven't really noticed a pattern. The client itself also doesn't show you remote install/uninstall status; you have to load and refresh the remote install log file. I'd recommend having some remote support software (TeamViewer, LogMeIn, etc.) to fall back on for installs/uninstalls.
We have 130 licensed PCs spread across two campuses, including an Avast mirror at the remote campus.
If you have trojans, malware and other crap coming through then your firewall isn't doing anything to block out that crap. You are basicaklly relying on client security to secure the clients instead of having your firewall being the first line of defence.
If you are also getting that much crap comething through then either your employees are not getting educated on the crap out there or they are allowed to go to sites that they shouldn't be going to.
I have worked with a number of AV/EP products and I never really saw any issues with SEP when managed correctly.
If you are also getting that much crap comething through then either your employees are not getting educated on the crap out there or they are allowed to go to sites that they shouldn't be going to.
I have worked with a number of AV/EP products and I never really saw any issues with SEP when managed correctly.
My Vipre home security renewal is coming due, and to renew they want more than I paid for it originally.
Sorry Vipre, I don't buy it.
Sorry Vipre, I don't buy it.
We've been using Webroot on our network for the past 4 months. The client is very light and works well. The installation is amazingly fast. We've used Vipre for a number of years also and ran into a serious issue during an upgrade that disabled a number of critical applications. Thats when we rolled out webroot. If there's a short coming to Webroot I would say that there needs to be improvement in the administration and notifications. Webroot has been working with us to improve these areas.
Roger -
We appreciate those comments, and are very happy that you are pleased. I am ensuring that even your recommendations for improvements get sent to the correct people.
Richard
We appreciate those comments, and are very happy that you are pleased. I am ensuring that even your recommendations for improvements get sent to the correct people.
Richard
First, I'd like to say thanks for putting this on one page instead of spreading it out over 5 or 6 pages and making us click through.
I've used Panda and ESET. I really liked Panda's interface and overall management features. The desktop component is very light and it had a very good detection rate.
ESET is one I've used more recently and it reminds me very much of Panda. Good backend management, light client-side component.
I've used Panda and ESET. I really liked Panda's interface and overall management features. The desktop component is very light and it had a very good detection rate.
ESET is one I've used more recently and it reminds me very much of Panda. Good backend management, light client-side component.
We have been using Trend Micro products for years and they seem to do a good job.
Wouldn't touch Avast with a 10 foot pole.
Place I worked had the enterprise version a few years back and it couldn't even detect those fake "XP anti-virus" crap that were floating around.
Maybe it has changed but the management interface also sucked. Had some clkients that weren't communicating regularly with the server. Required to remove and then re-install.
Maybe it has changed but creating a deployment MSI file was also a hassle. Cryptic setup.
Place I worked had the enterprise version a few years back and it couldn't even detect those fake "XP anti-virus" crap that were floating around.
Maybe it has changed but the management interface also sucked. Had some clkients that weren't communicating regularly with the server. Required to remove and then re-install.
Maybe it has changed but creating a deployment MSI file was also a hassle. Cryptic setup.
Most of the freeware versions of antivirus/malware are not allowed to be installed in a corporate or business setting. Read the licensing.
And we are using the Endpoint suite from Microsoft. Our license agreement with MS gives us access to all of their software. It pays to be both a State Agency and Academic!
And we are using the Endpoint suite from Microsoft. Our license agreement with MS gives us access to all of their software. It pays to be both a State Agency and Academic!
Gross! Nasty yucky program. I would not depend on that software if my life depended on it.
Sorry you feel that way. If you're talking about our old AV suites I might understand, but the new Webroot SecureAnywhere Business endpoint launched in March 2012 is very, very different. Have you tried it?
We also use Vipre with about 18 servers and 130 endpoints. It's a decent product with a light footprint.
We tested Vipre about 4 years ago when our Sophos license came up for renewal. I wasn't that impressed. I thought the console and management was clunky and not at all intuitive. Their ability to migrate our end points was practically non-existent. The prospect of having to uninstall Sophos (4 components) and then install the Vipre client was just to much work. Also, we found that when the client was running a scheduled scan, it basically pegged the CPU at 100% until finished.
I'm sure that Vipre has improved significantly since then. Our cloud vendor uses it. We've been happy with Sophos.
I'm sure that Vipre has improved significantly since then. Our cloud vendor uses it. We've been happy with Sophos.
1. For Enterprise level i would suggest McAfee EPO, more than (5000 + machines). Its really good and make security persons jobs easy. Either implementation, monitoring, reporting Auditing pretty good.
2. Symantec EndPoint Protection: Well, Its also nice option. But my vote goes to McAfee. In my overall IT experience, I And Its not suitable for lower end client machines.
3. Kaspersky
Budget level products, audit report, centralized control panel etc .. good.
4. F-Secure / Bit defender / ESET / .......
5.
2. Symantec EndPoint Protection: Well, Its also nice option. But my vote goes to McAfee. In my overall IT experience, I And Its not suitable for lower end client machines.
3. Kaspersky
Budget level products, audit report, centralized control panel etc .. good.
4. F-Secure / Bit defender / ESET / .......
5.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
