HELP! Anti-virus software in multi-OS environment

I'm in the process of deciding which anti-virus solution is best for our company but i'm curious to know what people are using at their workplace.  Basically, our criteria is this:

1. Good vendor support
2. We have many different servers running many different operating systems (ie: Windows, Novell Netware, Linux, HP-UX, etc)
3. Centralized anti-virus management
4. Work for multiple subnets
5. Will work for servers, workstations, laptops
6. User friendly

* Cost isn't really an option.
Who is Participating?
briancassinConnect With a Mentor Commented:


Like I said before a live test run would be your best bet. Or even trying several evaluation versions of different companies software.

Every answer you are going to get here is going to be opionated one way or another. Their will be some that agree and some that disagree however just because people agree on an anti virus solution does not necessarily make it the best choice it is what they like for whatever reason. Just like if 100 people jumped off a bridge is it the right thing to do just because 100 people did it ? If they really like it they may quantify that reason in any manner which can lead to skewed information.
I personally take the see it to believe it approach and try the software test it, try to break it to see what it will do before I purchase it.

There are many vendors out there this is a shortlist of the top ones out there currently

http://www.Sophos .com <---- if money is not an object you could look into a cisco self defending network... They are world renowned for network hardware and would probably have no problem working across all platforms.
I'll be the first to say Norton (but I'm sure I won't be the only respondant!)
We use the Managed server SAV product in our corp environment of over 40K clients.
Happy to say we've been among the few corps that have missed a lot of the worms and recent outbreaks...even had the Atlanta-based CDC calling to ask us "how we did it" :D
Of course, it has a lot to do with other protections as well - firewalls, etc.

That's my .02
Personally I would advise against Norton recently I had a problem with a virus known by Trend Micro as Sdown.A which is a backdoor program that Norton did not detect even after trying to submit the virus to them through their automated system in their software it told me it could not submit it because the file was not infected. They want to currently charge me to be able to ask them why I am paying for monthly updates if it is not catching things they have said several times I have to talk to their virus technicians and they only way to do that is through paid phone support.

Also Norton failed awhile back in detecting Back Orifice which is another backdoor trojan program. It may protect against standard worms and viruses by in the field of trojans and backdoor programs it fails miserably.

If anyone wants to put their norton to the test I will send them the file that I pulled off the system that contains the Sdown.A and I can gurantee it will not pick it up. I just tried it yesterday to see and it still did not pick it up.

In addition when I was unable to send this to them automatically I downloaded their SARC submission system which created a temp directory on my hard drive where it saved the virus submission (which is shouldn't do this) The file was on diskette and I simply was pointing SARC to the diskette it took it off the diskette put into a temp file never deleted the temp file sent it off to symantec (Norton) after several program crashes. I still have not heard back from their virus lab people it has been almost 2 weeks. In addition the only reason why I know SARC saved this file is because the other day I ran Trend Micro's Housecall because I am not relying on NORTON anymore... and it picked it up in a directory called SARC which is Symantec's virus submission program. (I have screen shots to prove this).

In addition their are several Viruses out there such as Klez that can break through Norton and overwrite it's NPROTECT.EXE so that it acts like it is really working but in reality it is doing nothing!

So I would advise highly against NORTON...

Trend Micro's Housecall has highly impressed me with how fast and how many things they look for they look for Browse Hijackers also which Norton does not do. Trend Micro picked up that I had JS.Fortnight on my system - Norton did not!

I am just giving you my experience with Symantec... the support is not there and they do not seem to pay attention to Browser Hijackers or Backdoor Trojans both of which could cause serious problems / damage in a corporate enviroment.

If you asked me 2 weeks ago who to go with for Anti Virus I would have said Norton in a blink of an eye now I would say stay away.

Call it a crazy idea but........
I would say the best way would be to do your own little test... go up on Kazza or another P2P file sharing network and start downloading all sorts of things you will come across many viruses up there. This is the best test... Setup a lab computer not connected to the rest of the network and that does not have pertinent data on it get trial versions of several vendors software. Start downloading tons of executables from Kazza, Gnutella, WinMX etc..... ... download them into a folder called "anti virus test" or something to that affect fill it with at least 600MB of executables try to get small executables off of the P2P networks. make a copy of all the files you downloaded by burning them to CD...
Now run one of the trial versions of the anti virus applications and see what it identifies and repairs/deletes. then after it is done write down what it found or print out the log then reload the bad programs back into the test folder run another anti virus application and run the test again.

This will give you a "real world" real results test.
Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

briancassin- I'd love to try it...make a believer out of me, cause I run this at home as well.
My email is in my profile.  :)
I use norton too, but recently i had a virus that was only detected when i did an online scan (suing norton online scan). the thing is, if you miss an update and norton is unable to catch the virus, you are outta luck. the virus goes undetected (my experience). i still like norton, but then again i own it and don't have extra $$ to buy another prog. i would just make sure you have live update enable at all times and test norton from time to time (sounds like a pain? tell am about it!)
I always have live update active the thing is automatic live update only goes out every wed. to download updates that is the way they have it configured it is not modifiable. The only true way is to run it manually everyday which I do but it still does not catch things. Also once of the nice utilities they had when I was on windows ME is now a thing of the past because it does not run on XP is their Rescue Disk set. This was great especially for troubleshooting at client locations but now I get Internet connection established and go to
sirbounty what would you love to try ?
>>If anyone wants to put their norton to the test I will send them the file that I pulled off the system that contains the Sdown.A and I can gurantee it will not pick it up. I just tried it yesterday to see and it still did not pick it up. <<

I'm up for the challenge... :D
KABOOMAuthor Commented:
Thank you everyone for the response but I think we are getting a bit off topic on my question.  
We use Mcafee at our place.
tdmgtechConnect With a Mentor Commented:
We use McAfee Viruscan, NetShield, and e500 Application server.  All the components are tied together via the EPO server.  From the EPO server I can see what is installed on my machine, what definitions they have, versions of software etc.  The server handles all the updates for defintions and requires the workstations to pull updates and reguarly scheduled intervals.  It will alert me if there is an infection or outbbreak.  The E500 server is rock solid, running on linux, and stops untold hundreds of virus prior to it getting to the workstations.  The virusscan is there to protect the frontlines at the workstation level.  The cost is very reasonable for the McAfee solution, with the excetpion of the eapplicance which is pricy but worth it.  I loved Norton at home but it has failed a few times and I trust McAfee here in the office.  
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.