Solved

Suggestions for Corporate or Enterprise level Antiviurs

Posted on 2008-06-14
19
786 Views
Last Modified: 2013-11-22
I have search for this question, but they seem to be out of date now.  I am looking for suggestion on a corporate or enterprise level virus protection.  We are currently using Norton Corp. 10 which will be out of date as of 8/08.  We have a 50 user network with 6 servers.  Five of which are MS 2003 and one MS 2000.
The servers are: 1-Exchange 2003, 1-MSQL2005, 1-MSQL2000, 1-Blackberry, 1-Terminal, 1-Document.  Two of the servers are DC's.  All workstation are XP Pro SP2.  All are sitting behind a Pix 515.  I would like to have a central management, network protection and anti spamming would be nice, but most I have found don't work or are resource hogs.  I will not consider McAfee, very bad experiences with them many times over.  If I don't have to attend a university, I might consider MicroTrend.  The Symantec's I have tried in the last year have real proven to be resource hogs themselves and I am hoping someone has tried one that isn't since I am use to them.  Any comments will be helpful.
0
Comment
Question by:Hackitx
  • 5
  • 4
  • 4
  • +3
19 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 64 total points
ID: 21786499
We are NEVER going to reach a concensus on EE with regards to the "best" security software - simply because there is no "best" package. Yes, there are packages which are going to meet your requirements the most and there will be the packages which you like compared with other packages, but there is no best solution to a question like this.

The first move I would make would be to totally uninstall your Symantec / Norton security product from your system. It's good in my opinion that it's about to expire - Their products have always been plagued with issues, such as the constant use of system resources, CPU and RAM.

A combination of security products is usually the best way of protecting yourself, rather than putting all your security eggs in one basket as you tend to do with the "Internet Security" products marketed by the best known security firms. In many cases, these complete packages don't actually work as effectively as if you spread the load between several programs.

For anti-virus, I would recommend Grisoft's AVG. AVG 8's Network Edition provides centralised support for the reporting on and monitoring of all the stations running AVG Anti-Virus on the network. You can even deploy AVG remotely over the network, without the user seeing anything on screen. Make sure you only run one virus scanner though, since multiple AVs can conflict and cause issues - you'll have to completely wipe out the Symantec AV first.
http://www.grisoft.com/us.product-avg-anti-virus-network-edition
The advantages to this version of AVG is that it is not only an AV, but also anti-spyware and anti-rootkit is built-in as standard. It utilises an email scanner too - allowing you to scan all incoming emails at the client levlelevel, as well as Exchange level, to detect viruses. Obviously you'll need AVG's special versions - for Email and SQL Server.
NOD32 is another good alternative I have heard a lot of good stories about - I have no knowledge of it personally though.

For anti-spyware, you can use a mix of programs for maximum detection. MS' Windows Defender package, is pretty good at detecting most spyware problems, restricting potentially dangerous software until you give your approval and monitoring changes to the registry. I use it everywhere now and like it a lot, since it is free and runs all the time with little to no input from the end-user. (Updates come in with Windows Update). http://www.microsoft.com/athome/security/spyware/software/default.mspx

AVG has its own built-in anti-spyware too - having both of these products doing all these checks is no harm and is probably a good idea.

-tigermatt
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21786504
I forgot to add that AVG also has a Web and LinkScanner. It integrates with, for example, Google search results and shows you whether it is safe or not to view a web page. With the paid licenses, you also get a very good technical support service too.
0
 
LVL 7

Assisted Solution

by:fhmc
fhmc earned 62 total points
ID: 21786639
The only REAL feedback I have to offer is DITCH Symantec... I've employed several versions of their products over the years (including their current SEP product.)  All resource hogs, and many of them have proven to be unreliable/innefective.

I am currently considering Trend Micro for my shop.  I have heard good things (in the field, not just tech rags) about their product.  One of our vendors quoted their "neatsuite" product at $21 US per user (not host.)  e.g.  20 users, 1 server, 20 licenses... 20 users 10 servers, still 20 licenses.

http://us.trendmicro.com/us/products/enterprise/neatsuite/index.html?WT.mc_id=200707_02_04



for the record...
I have absolutely nothing nice to say about Symantec's products.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21786675
I have to say I follow suit with fhmc, regarding Symantec and Norton Anti-Virus software.
0
 
LVL 10

Assisted Solution

by:Casey Herman
Casey Herman earned 62 total points
ID: 21786717
We sold SAV version 10 to customers until we found out that it was going away.  I have ran into Symantec's new Endpoint Protection and find that it is a piece of crap aka... productivity inhibitor.
Macaffe in the past we have found that depending on how your business operates (ex.  accounting system with custom ports and slaved printers in a unix environment or something)  can cause a lot of extra trouble shooting.  It seems to be a good AV but tends to slow things down a bit and has a pretty tight firewall on it.  Can be a pain at times.  Not to mention if you ever switch that it never completely uninstalls.   Trend Micro is pretty good and also can be a hog at times.  The version that I have used of AVG has been pretty good until this new version 8 came out.  It is seems to be a hog as well.  Have not used their corporate version.  The winner for us was Sophos Corporate.  The interface is easy to use.  The reports that you get are very detailed.  Also if you have a virus it is good about alerting you and telling you what and where it is.  Saves time on tracking problems down.  I would suggest checking it out.   It has not done us any wrong yet.  It also trys to uninstall the brower crap like mywebsearch and other semi malicous browser hacks if you tell it too.

Sincerely,
 
Casey
Network Engineer
0
 

Author Comment

by:Hackitx
ID: 21786761
So far this is great, thanks guys.  I was considering Microtrend, but everyone I knew that used it said it was complicated and tend to cause unusual problems with DB's.

I have used grisoft on desktops, but did not know they had a network version.

Casey where can I get more info on Sophos?  How is it on resources?
0
 
LVL 28

Assisted Solution

by:jhyiesla
jhyiesla earned 62 total points
ID: 21786785
We're using SAV Corporate 10.x and you know if it works I say just stay with it.  Heck, I still have some PCs that are running 7.6 which hasn't been supported for years and we seem to be fine...although I do admit that I need to get them moved over...but I have a lot more than 50 users and unfortunately other projects in the works.
0
 
LVL 10

Expert Comment

by:Casey Herman
ID: 21787423
Sophos is very lightweight for an AV... Yea trend is good but hard to use.   SAV corporate 10 cannot be continued to much longer because they are going to stop giving out licenses for it soon.  Then force everyone to use Endpoint protection aka productivity inhibitor.....  It will work without the license but will not download any new updates when it expires.


http://reviews.cnet.com/software/sophos-anti-virus-3/4505-3513_7-21274729.html

http://www.sophos.com/

Casey
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 38

Expert Comment

by:younghv
ID: 21788058
Anyone who thinks the NAV/SAV line of products should be used needs to drop over into the "Symantec" Zone and help solve the 161 Open Questions sitting there.

A totally unacceptable line of products, and has been for about 8-9 years. They have completely missed the boat on a whole string of malware outbreaks, starting with Melissa in about 1999.

Whoever recommended AVG (up above) deserves some points on this question. Very strong product, easily managed for a network this size, and the price will be right.
0
 
LVL 28

Expert Comment

by:jhyiesla
ID: 21789488
SAV is not without it's problems.  I think that it's one of those products that you either love or hate. I actually fall into both camps depending on what day it is :).

Now that Endpoint is out that is where they are going and they may stop selling licenses for the old product, but that doesn't mean that support will go away.  I checked on a Symantec forum and one person commented that tech support had told him that the current version of 10.x will continue to be supported until 2010.  

I've been interested in something "better" for my network (450 nodes), but have never really run into anything that seemed any better that would make me go through the hassle of converting.  However the asker only has 50 nodes which would be easier to do.
0
 

Author Comment

by:Hackitx
ID: 21789699
The reason I started on this is I read on Symanted that Corp 10 will not longer have virus updates available starting 8/08.  If I am wrong please tell me.  Tech support is useless if I can not longer get updates.
0
 
LVL 28

Expert Comment

by:jhyiesla
ID: 21789753
Are you talking about updates to the program or signature updates?  I still get signature updates for the few machines that are still running 7.6.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21791185
I assume what the author is talking about their license with Symantec is due to expire on 8/08. The updates for Norton Antivirus will still be available, but the Norton software installed on the author's network will not be legally licensed to run any more.

Hackitx, as you can see above, there is a wide variety of recommendations for security software - you are going to have to evaluate each one and decide which one you want to go for. AVG, Sophos, Nod32, Trend Micro... you name it, they've all been recommended.

My recommendation's still with AVG as per my first post.

-tigermatt
0
 

Author Comment

by:Hackitx
ID: 21794939
Sorry guys, I thought I read it was signiture update where being discontinued.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21795338
I wouldn't have thought so - since the Symantec products are unfortunately a widely used AV - but I wouldn't run it past them.
0
 
LVL 28

Expert Comment

by:jhyiesla
ID: 21795446
For the asker as well as others with a question about SAV.  I just spoke with someone in the sales area at Symantec.   They are still supporting and selling new licenses for SAV Corporate edition 10.x. According to this salesman, you can still continue to use your product legally and you will continue to be able to get updates...in fact they are still selling new subscriptions to the product.  End of support on this currently is indefinite and he said that I should be able to continue to have full support through sometime in 2009.

So, I'm not sure that I would go out and buy SAV corporate 10.x if you don't already own it, but I know that I'm keeping what I have and will examine EP 11 as well as other solutions when the appropriate time comes....

And we did keep renewing our licenses with Symantec over the years and although I was legally able to go to 8 and 9 we did contnue to use 7.6, until we started to move to 10 and I was able to get signature updates and the like, although it I would have had a technical support question getting that support would have been iffy.
0
 

Author Comment

by:Hackitx
ID: 21796332
Interesting, thanks.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now