Without naming, for last two days, we are spending nights in office, manually cleaning over 1500 PCs for the Sality variant was not caught by our Antivirus and Level 2 support from the principal was worthless. Needless to say, the guys fare in the leaders quadrant of Gartner. A standalone utility by kaspersky came to the rescue though I am beginning to feel if the russian link exists here, for the virus tries to establish http connections in Russia.
Now, I am wondering, what should be the strategy behind choosing an antovirus solution? Should we look at Microsoft FCS for it claims to have multiple engines built into it? By the way, I read reports that various Forefront client customers too suffered from this Sality outbreak.
Something like GFI, which too claims to have various antivirus engines built into it?
Though we use combination of two solutions, differing at the mail gateway box but same for desktops and servers. What do you guys suggest!! It's been a real nightmare this time!!