Solved

Symantec Endpoint Protection - Opinions Please

Posted on 2007-11-15
17
8,220 Views
Last Modified: 2013-12-09
We are running Exchange Server 2003 and are thinking about upgrading to the Corporate version of Symantec Endpoint Protection from the Symantec corporate antivirus client.  It would be really helpful to hear some opinions of the product.  Any users out there?
 
Thank you for your input.  
0
Comment
Question by:skbryan
  • 2
  • 2
  • 2
  • +9
17 Comments
 
LVL 9

Accepted Solution

by:
ParadiseITS earned 55 total points
Comment Utility
I used Symantec's product with Exchange 2003 for awhile and found it to be intrusive and overly protective.  I spent too much time looking for quarantined items and tweaking settings.  If you have the time, it's probably a pretty good product.  I would highly recommend steering clear of anything on your Exchange server itself beyond AV and getting an appliance to sit in front of it.  I recommend Barracuda but there are many good devices out there.
0
 

Author Comment

by:skbryan
Comment Utility
Thank you for the input.  Personally, I have NEVER liked Symantec's antivirus solutions.  But I'm on an info finding mission, so your comment is much appreciated.  Heard some good things about ESET NOD32 Antivirus for Microsoft Exchange. . .
0
 
LVL 9

Assisted Solution

by:ParadiseITS
ParadiseITS earned 55 total points
Comment Utility
I like Symantec's AV just fine, BUT my #1 for Exchange would be Trend Micro... but that's my opinion... to counter that, we use Symantec on Exchange here :) but Barracuda in front of it that handles most of the Virus/SPAM heavy lifting.
0
 
LVL 2

Assisted Solution

by:symfw
symfw earned 20 total points
Comment Utility
SEP11 is great. Plain and simple.

It has everything you could possibly want, rolled into one lightweight package with a small footprint.

If you take the time to configure it correctly, then it is the perfect solution. This is they key though. You cannot be a cowboy and simply roll it out without testing it in your environment. It is a powerful product and should be customised to your setup (I.e. Firewall Policy, Centralized Exceptions etc).

If you want to consolodate your AV/Client FW/Anti-Spam etc into one centrally managed package, then get SEP11.
0
 

Expert Comment

by:WCRIS
Comment Utility
SEP11, so far, has been a nightmare.  I see serious problems with this product in its current form.  

First off, there is a known bug that can suddenly shut off all the shares of a server.  In my case, it was my domain controllers.  My network came to a halt because no one could authenticate back to the domain controllers.  There is a fix, but even that fix has been causing some issues.  I am on hold (again) as I type this waiting for Symantec tech support.

The Outlook scanner is also a resource hog.  It made Outlook 2003 almost unusable on our test machines.  We are just rolling out the basic Anti-virus/Anti-Spyware and it is still causing grief.

Seriously look into this product before buying it.  Check out their support forums for others seeing the same thing I am.
0
 
LVL 1

Expert Comment

by:imran786
Comment Utility
We used symantec endpoint security 11, unhappy with it. It is a good product, if your client have enough RAM and min 100 Mbps network.
We thought either buy more RAM for clients or move to eSET (nod32).
So on this renewal we will choose eSET (faster on client with adding RAM).

0
 

Expert Comment

by:fkuijper
Comment Utility
SEP11 is a nightmare.
Upgraded from version 10 to DC on win2003. Encountered a bug that shuts off all access to the shares from the network. Even worse is the fact that is takes a couple of hours to reach that state. At first everything worked fine, after half an hour one users had access problems. After about 2 hours the network came to a grinding halt.

On the clients is seems to work fine, on the server removed everything form SEP11 and installed NOD32, lightwight and works like a charm.
0
 

Author Closing Comment

by:skbryan
Comment Utility
I really appreciate the time that all of you took to answer my question.  Thank you.
0
Why do Marketing keep bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

 
LVL 1

Expert Comment

by:imran786
Comment Utility
0
 

Expert Comment

by:anotheropinion
Comment Utility
ABSOLUTE DISASTER.  After installing this on our Small Business Server 2003, all 8 workstations on the network lost connections to network drives and shared applications.  This was after a very careful, thorough firewall setup.  
If you don't have the luxury of setting up a test environment with a server that launches all the applications your office will be using, DON'T EVEN CONSIDER IT.  Your entire office could lose a whole day of productivity.
Symantec supposedly fixed some of these issues in December, but I'm still going to be sweating bullets while trying this a second time.
0
 
LVL 1

Expert Comment

by:brasso_42
Comment Utility
I am not sure about this product, my first attempt of a rollout ended with the BIG BUG, thats right the one that stops then network working, file shares, databases, authentication you name it. Now I waited for the fix and yes it did work. I have run this on a site for 2 months and the support has gone through the roof. They run office 2007 with BCM and it is constantly crashing outlook. I have not pin pointed this to Symantec but it is the only difference on the networks that I am supporting. I have always used Symantec and it has always been reliable but this version I do not trust. I have over 60 sites to upgrade but I am not going to yet. I am now going to try to remove Symantec endpoint and see if this sorts out my office problems, I will let you know. If this does work bye bye Symantec one big problem is not good. Number 2 and I will shift my business. Anyone else having office 2007 related issues with endpoint??
0
 
LVL 6

Expert Comment

by:montezz
Comment Utility
I hope some poor soul does not take the advise of the accepted answer. SEM IS A TERRIBLE PRODUCT. I am poasting my notes I used to justify replacing this horrifying miserable excuse for an endpoint protection tool:
1-      Labbed fine
2-      In production, Server crashed during install of last client set. Supports answer was to re-install, which destroyed existing database
3-      Since there is no way to import clients from old server to new, we had to manually modify workstations. CS was able to cobble together a script using System Internal tools to import all of our XP PCs but all Win2000 had to be touched.
4-      About 20% Outlook clients were not able to open attachments after rollout. Ends up this is a bug in MP1 (the latest at the time) if you installed the Outlook scanning option but had it disabled (as the install instructions advise you to do). The fix involved installing a hotfix on each machine. The hotfix was not even an msi, it was an exe. This is not really a factor since SEPM broke SMS, so we couldnt push packages out (see item 6).
5-      Several PCs have a bug that created a hidden full system scan. Support acknowledged this bug and advised the only way to resolve this is to edit the registry on effected machines.
6-      SEPM broke IIS and after re-installing IIS, which broke all of our other IIS applications on the server. Support advised the only way to get SEPM working again is to re-install, which will probably break IIS again&
7-      SEP is a huge resource hog and is slowing PCs
8-      Symantec Support clearly outsources support to places that do not speak English well.
9-      Several PCs are now effected by the 0xc000007b problem Symantec  acknowledges this problem but blames other software vendors see: https://forums.symantec.com/syment/board/message?board.id=endpoint_protection11&message.id=6712#M6712
0
 
LVL 11

Expert Comment

by:Serge Fournier
Comment Utility
nightmare on client, did not install on servers
unless you do not install the new fire wall on clients (smc.exe)

this firewall decided to scan all transaction on the network, and laggin it to hell, for client with a cpu older than 1 year


0
 
LVL 18

Expert Comment

by:Johnjces
Comment Utility
Long closed thread, but we have used SEP 11 for one year and I hate it. HEAVY product. When it scans a clients PC, you can't work on it. When using the SEP Manager, it fills your hard drive space with unneeded files and uses 100% of the CPU for a pretty prolonged period of time. (They since made a fix for the files filling your hard drive however).

Using the SEP Manager if you updated Java you were in for surprises. (They fixed that too).

In short, I felt like a beta tester.

On the other side of the coin, their tech support people have been great.

A new year and a new contract. I'm trying something else.

John
0
 

Expert Comment

by:hswiseman
Comment Utility
Just going through a hideous experience with 11.03 which I had waited for hoping I would not have the troubles others have had. Also in a SBS 2003 R2 environment. Could never get the management console to work/authenticate. Other parts like Live Update console installed perfectly well. Tried usign sql instead of embedded, incluidng own instance. This product is not fit for this purpose. Crashed exchange services severall times, numnerous server restarts, reinstalls, etc etc etc. Crashes all remote access to server, not way to allow safe entry. Misery on uninstalls that stall crash and cannot be completed upon restart without reinstall and reuninstall. I want my money back.
0
 
LVL 1

Expert Comment

by:brasso_42
Comment Utility
We have become experts at fixing this mess and now have a lot of sites live which have no issues (my engineers have even started to like the product).  If your in the UK and want help feel free to contact us

http://www.blazenetworks.co.uk

0
 
LVL 18

Expert Comment

by:Johnjces
Comment Utility
Glad this "popped up" again....

Just as a side not here, we have dumped Symantec and have gone with eSet.

No dogware here. Lite and it has stopped even the spy and other MalWare. Symantec NEVER seemed to find or catch such stuff.

Anyway, easy management interface, not Java version specific and just clean.

John
0

Featured Post

The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
how to add IIS SMTP to handle application/Scanner relays into office 365.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now