Solved

Opinion Needed on Virus Software

Posted on 2004-10-09
12
342 Views
Last Modified: 2013-11-16
First I would like to asked a question of those currently using Computer Associates Inoculate ver 7 Antivirus software. Are you pleased both with the protection it provides and it's features?

Secondly for those running the Symantec Enterprise Antivirus software. Do you usd the Symantec software with Cisco's Network Admission Program for securing the connection of remote clients?
Are you pleased with the performance and how do you've this configured?
Below are some url's I've just looked at.  
http://www.symantec.com/press/2003/n031118b.html
http://www.informationweek.com/story/showArticle.jhtml?articleID=16101204

Thanks!
 
0
Comment
Question by:jhhaley
  • 2
  • 2
  • 2
  • +4
12 Comments
 
LVL 6

Expert Comment

by:cwkhang
ID: 12269060
mayb you wil hv interest to read on this
http://www.experts-exchange.com/Applications/Q_21134450.html
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 12270870
My view on virus software is that it will never protect against zero day attacks.
For example, someone writes a virus, but your system is exposed until a patch is written - average 6-7 days.
You really need some personal firewalls / host IPS to add that extra layer of protection.
0
 
LVL 15

Expert Comment

by:Cyber-Dude
ID: 12274638
Used them both; Symantec is a better software, more stable and more reliable.

If you want the reasons for that; just say so... I have a list.

Cyber
0
 
LVL 3

Expert Comment

by:4ceReconSniper
ID: 12275108
i recommend avast! or sophos they are both good and i used it i have no problems at all, you can have avast for free
0
 
LVL 15

Expert Comment

by:Cyber-Dude
ID: 12275145
Avast is Great!!! just dont sleep neer the server with the speakers on... otherwise youed go deep underground whenever you got a virus...

:)))

Cyber
0
 

Expert Comment

by:dcaurelien
ID: 12276896
i would recommend using Sophos, with Sophos update client this will update the IDE files on demand so you will allways be protected, best AV i have used to date
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 4

Accepted Solution

by:
ferg-o earned 100 total points
ID: 12277528
Depends what you are after. We have been able to quickly demonstrate ROI to clients with McAfee's ePO, which makes it an easy sell to management.

As far as detection goes I do not see much between the better products.

In terms of zero-day attacks McAfee VS8.0i has some great port blocking features that can mitigate potential virus/worm/mass-mailer damage without requiring a desktop firewall on every machine. But they are all good at what they do - heuristics on all of them are valuable and available. They don't have such a large enterprise market share for nothing. Ask your Symantec integrators about that.

Asides from that - my experience is that CA products are only as good as CA's sales focus. They have over 1000 products apparently. One day security, one day storage, the next day who knows?  Symantec is an excellent security company, their main issues are internal and to do with rapid expansion and a very wide focus.

They know where their bread & butter is however - and that is SAV & NAV.

So my suggestion is go with the people in the yellow suits, or look at McAfee.

Rgds.




0
 
LVL 4

Expert Comment

by:ferg-o
ID: 12277556
Apologies for responding to my own post - however Trend & Cisco are also teamed up together to do similar things to SYMC NAC at a network level.

May want to look into whether Symantec or Trend are carrying the concept through to production and at what level.

Rgds...



0
 
LVL 6

Assisted Solution

by:knoxj81
knoxj81 earned 50 total points
ID: 12278542
I strongly disagree with the choice of AVAST very poor detection rate. Also Sophos is an okay choice. However, when choosing a Antivirus product, the only choice is the BEST.Below I'll provide you with the best security products, with free alternitives as well.

Antivirus:
Kaspersky Antivirus 5.0 (new version) http://www.kaspersky.com/personal
This program is the best by far. It updates every 3 hours, scans web browser scripts also.
I've tested many other virus scanners through the years and this is by far the best.

AVG is also a great virus scanner (more for home user) not to mention they have a wonderful FREE edition.
http://www.grisoft.com/us/us_dwnl_free.php

Firewall:
Sygate Personal Firewall Pro - Compared to ZoneAlarm or Nortons which both have tons of exploits to drop their service like a fly. Sygate is the choice for a software firewall.

Sygate has a home editon for free as well.  www.sygate.com

Spyware/Adware/Malware/Dataware:
AD-AWARE - www.lavasoftusa.com
If you can afford it by the PRO version, the extra feature AD-WATCH is well worth it for it monitors your registry and notifies you of any changes made allowing you to ALLOW or REJECT the request on the fly.

RegistryProt 2.0 - http://www.diamondcs.com.au/index.php?page=regprot
This is a free program to monitor all changes to registry. This is a must in security for you windows machine. Big help in eliminating spyware, Trojans, backdoors, etc..

BHO Demon - www.majorgeeks.com/download3550.html  (mirrored)
This is a must now-a-days if your running Internet Explorer! BHO is used in a lot of the recent IE exploits as well as keyloggers. Windows XP SP2 offers something along these lines, but why trust M$.

Intrusion Detection:
IDS ( Intrusion Detection System ): - snort.org
I was reading my Windows & .NET Magazine, and it has a great article on SNORT. Setting it up and everything. Page 51! Or you can buy the book SNORT 2.1 Second Edition. This program is absolutly promising, this is for extreme paranoid users & advanced users.

Backup Browser:
Mozilla Firefox – mozilla.com
It’s always a good idea to have a backup browser. Incase your default browser has exploits and your waiting for patches, or maybe your default browser isn’t working.

References:
http://isc.sans.org/index.php?off=diary -Everyday info on the latest exploits/virus/security issues.
http://eeye.com - perfect for advisories and the best security software.
www.majorgeeks.com - Every program a nerd could think of!!
www.sygate.com – Great Software firewall.
www.kaspersky.com – Best AV on the market.
www.lavasoftusa.com – Best spyware removal program.
http://www.grisoft.com – Wonderful FREE AV.

Good Luck,

Jorden
0
 
LVL 6

Assisted Solution

by:cwkhang
cwkhang earned 50 total points
ID: 12283548
take a look on these

ICSA Labs AV Laboratory Testing Report for August 2004
http://www.icsalabs.com/html/communities/antivirus/notes/tr0804.shtml

virus bulletin: a summary of the most comparative test
http://www.virusbtn.com/vb100/archives/products.xml?table
0
 
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 50 total points
ID: 12285556
I would also take a look at the Symantec Internet Security Threat Report -

http://enterprisesecurity.symantec.com/content.cfm?articleid=1539

This is ESSENTIAL reading and summises the attack/virus trends that Symantec have seen over the last 6 months.  Even Symantec admit there is a window of vulnerability, between virus release and patch release...

You have to put in your details before you can pull it down, but it's well worth it (that includes all you other experts reading this !!).
0
 
LVL 6

Expert Comment

by:knoxj81
ID: 12298970
The links proves that AVAST is no good.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now