Suggestions for Corporate or Enterprise level Antiviurs

I have search for this question, but they seem to be out of date now.  I am looking for suggestion on a corporate or enterprise level virus protection.  We are currently using Norton Corp. 10 which will be out of date as of 8/08.  We have a 50 user network with 6 servers.  Five of which are MS 2003 and one MS 2000.
The servers are: 1-Exchange 2003, 1-MSQL2005, 1-MSQL2000, 1-Blackberry, 1-Terminal, 1-Document.  Two of the servers are DC's.  All workstation are XP Pro SP2.  All are sitting behind a Pix 515.  I would like to have a central management, network protection and anti spamming would be nice, but most I have found don't work or are resource hogs.  I will not consider McAfee, very bad experiences with them many times over.  If I don't have to attend a university, I might consider MicroTrend.  The Symantec's I have tried in the last year have real proven to be resource hogs themselves and I am hoping someone has tried one that isn't since I am use to them.  Any comments will be helpful.
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

We are NEVER going to reach a concensus on EE with regards to the "best" security software - simply because there is no "best" package. Yes, there are packages which are going to meet your requirements the most and there will be the packages which you like compared with other packages, but there is no best solution to a question like this.

The first move I would make would be to totally uninstall your Symantec / Norton security product from your system. It's good in my opinion that it's about to expire - Their products have always been plagued with issues, such as the constant use of system resources, CPU and RAM.

A combination of security products is usually the best way of protecting yourself, rather than putting all your security eggs in one basket as you tend to do with the "Internet Security" products marketed by the best known security firms. In many cases, these complete packages don't actually work as effectively as if you spread the load between several programs.

For anti-virus, I would recommend Grisoft's AVG. AVG 8's Network Edition provides centralised support for the reporting on and monitoring of all the stations running AVG Anti-Virus on the network. You can even deploy AVG remotely over the network, without the user seeing anything on screen. Make sure you only run one virus scanner though, since multiple AVs can conflict and cause issues - you'll have to completely wipe out the Symantec AV first.
The advantages to this version of AVG is that it is not only an AV, but also anti-spyware and anti-rootkit is built-in as standard. It utilises an email scanner too - allowing you to scan all incoming emails at the client levlelevel, as well as Exchange level, to detect viruses. Obviously you'll need AVG's special versions - for Email and SQL Server.
NOD32 is another good alternative I have heard a lot of good stories about - I have no knowledge of it personally though.

For anti-spyware, you can use a mix of programs for maximum detection. MS' Windows Defender package, is pretty good at detecting most spyware problems, restricting potentially dangerous software until you give your approval and monitoring changes to the registry. I use it everywhere now and like it a lot, since it is free and runs all the time with little to no input from the end-user. (Updates come in with Windows Update).

AVG has its own built-in anti-spyware too - having both of these products doing all these checks is no harm and is probably a good idea.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
I forgot to add that AVG also has a Web and LinkScanner. It integrates with, for example, Google search results and shows you whether it is safe or not to view a web page. With the paid licenses, you also get a very good technical support service too.
The only REAL feedback I have to offer is DITCH Symantec... I've employed several versions of their products over the years (including their current SEP product.)  All resource hogs, and many of them have proven to be unreliable/innefective.

I am currently considering Trend Micro for my shop.  I have heard good things (in the field, not just tech rags) about their product.  One of our vendors quoted their "neatsuite" product at $21 US per user (not host.)  e.g.  20 users, 1 server, 20 licenses... 20 users 10 servers, still 20 licenses.

for the record...
I have absolutely nothing nice to say about Symantec's products.
Check Out How Miercom Evaluates Wi-Fi Security!

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom on how WatchGuard's Wi-Fi security stacks up against the competition plus a LIVE demo!

I have to say I follow suit with fhmc, regarding Symantec and Norton Anti-Virus software.
Casey HermanCitrix EngineerCommented:
We sold SAV version 10 to customers until we found out that it was going away.  I have ran into Symantec's new Endpoint Protection and find that it is a piece of crap aka... productivity inhibitor.
Macaffe in the past we have found that depending on how your business operates (ex.  accounting system with custom ports and slaved printers in a unix environment or something)  can cause a lot of extra trouble shooting.  It seems to be a good AV but tends to slow things down a bit and has a pretty tight firewall on it.  Can be a pain at times.  Not to mention if you ever switch that it never completely uninstalls.   Trend Micro is pretty good and also can be a hog at times.  The version that I have used of AVG has been pretty good until this new version 8 came out.  It is seems to be a hog as well.  Have not used their corporate version.  The winner for us was Sophos Corporate.  The interface is easy to use.  The reports that you get are very detailed.  Also if you have a virus it is good about alerting you and telling you what and where it is.  Saves time on tracking problems down.  I would suggest checking it out.   It has not done us any wrong yet.  It also trys to uninstall the brower crap like mywebsearch and other semi malicous browser hacks if you tell it too.

Network Engineer
HackitxAuthor Commented:
So far this is great, thanks guys.  I was considering Microtrend, but everyone I knew that used it said it was complicated and tend to cause unusual problems with DB's.

I have used grisoft on desktops, but did not know they had a network version.

Casey where can I get more info on Sophos?  How is it on resources?
We're using SAV Corporate 10.x and you know if it works I say just stay with it.  Heck, I still have some PCs that are running 7.6 which hasn't been supported for years and we seem to be fine...although I do admit that I need to get them moved over...but I have a lot more than 50 users and unfortunately other projects in the works.
Casey HermanCitrix EngineerCommented:
Sophos is very lightweight for an AV... Yea trend is good but hard to use.   SAV corporate 10 cannot be continued to much longer because they are going to stop giving out licenses for it soon.  Then force everyone to use Endpoint protection aka productivity inhibitor.....  It will work without the license but will not download any new updates when it expires.

Anyone who thinks the NAV/SAV line of products should be used needs to drop over into the "Symantec" Zone and help solve the 161 Open Questions sitting there.

A totally unacceptable line of products, and has been for about 8-9 years. They have completely missed the boat on a whole string of malware outbreaks, starting with Melissa in about 1999.

Whoever recommended AVG (up above) deserves some points on this question. Very strong product, easily managed for a network this size, and the price will be right.
SAV is not without it's problems.  I think that it's one of those products that you either love or hate. I actually fall into both camps depending on what day it is :).

Now that Endpoint is out that is where they are going and they may stop selling licenses for the old product, but that doesn't mean that support will go away.  I checked on a Symantec forum and one person commented that tech support had told him that the current version of 10.x will continue to be supported until 2010.  

I've been interested in something "better" for my network (450 nodes), but have never really run into anything that seemed any better that would make me go through the hassle of converting.  However the asker only has 50 nodes which would be easier to do.
HackitxAuthor Commented:
The reason I started on this is I read on Symanted that Corp 10 will not longer have virus updates available starting 8/08.  If I am wrong please tell me.  Tech support is useless if I can not longer get updates.
Are you talking about updates to the program or signature updates?  I still get signature updates for the few machines that are still running 7.6.
I assume what the author is talking about their license with Symantec is due to expire on 8/08. The updates for Norton Antivirus will still be available, but the Norton software installed on the author's network will not be legally licensed to run any more.

Hackitx, as you can see above, there is a wide variety of recommendations for security software - you are going to have to evaluate each one and decide which one you want to go for. AVG, Sophos, Nod32, Trend Micro... you name it, they've all been recommended.

My recommendation's still with AVG as per my first post.

HackitxAuthor Commented:
Sorry guys, I thought I read it was signiture update where being discontinued.
I wouldn't have thought so - since the Symantec products are unfortunately a widely used AV - but I wouldn't run it past them.
For the asker as well as others with a question about SAV.  I just spoke with someone in the sales area at Symantec.   They are still supporting and selling new licenses for SAV Corporate edition 10.x. According to this salesman, you can still continue to use your product legally and you will continue to be able to get fact they are still selling new subscriptions to the product.  End of support on this currently is indefinite and he said that I should be able to continue to have full support through sometime in 2009.

So, I'm not sure that I would go out and buy SAV corporate 10.x if you don't already own it, but I know that I'm keeping what I have and will examine EP 11 as well as other solutions when the appropriate time comes....

And we did keep renewing our licenses with Symantec over the years and although I was legally able to go to 8 and 9 we did contnue to use 7.6, until we started to move to 10 and I was able to get signature updates and the like, although it I would have had a technical support question getting that support would have been iffy.
HackitxAuthor Commented:
Interesting, thanks.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.