Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Recommendations: Anti-Virus (email and local PC), Anti-Spam, Web Filtering

Posted on 2009-03-28
13
Medium Priority
?
490 Views
Last Modified: 2013-11-22
Hi, all
I am looking for 'different' solutions for our current site AV, etc.

This is an easy question in that I'm looking for maybe 2 to 4 corporate level solutions (see subject title) that are taken seriously by industry.

Trend Micro supply our anti-spam (Messagelabs).  Trend also supply our web filtering software (Websense) and PC-based AV (Trend Micro OfficeScan).


I'm receptive to a catch-all service as well as separation.

Can anyone make any recommendations (not from salespeople, of course!)?
I'll split the points if need be.

Thanks and hear from you soon.
stillspangle

0
Comment
Question by:stillspangle
  • 3
  • 3
  • 2
  • +4
13 Comments
 
LVL 14

Assisted Solution

by:Ehab Salem
Ehab Salem earned 160 total points
ID: 24011842
Good Antivirus systems are much and a replacement to what you have is easy (Symantec, AVG, Nde32...), but in my opinion Websense as a web filtering product is unmatched specially ifyouwant to integrate with a proxy/frewall.
0
 
LVL 28

Assisted Solution

by:jhyiesla
jhyiesla earned 440 total points
ID: 24012336
We've used Symantec Corp for years and have been reasonably happy with it.  For a good web filter, we've tried several, but eventually settled on the iPrism appliance from St. Bernard. For email filtering look at Postini, a SAAS vendor now owned by Google.  They also offer web filtering as well as secure email and email archiving and discovery.  We opted to not go with their web filtering for my internal users because the iPrism just made more sense in our environment, but we are using it for our clients who need that, but don't go through our network. We are giving a serious look to their email archiving and discovery as well as their secure email package. We have also tried and used for several years the SurfControl product for web filtering which is what we were using when we went to the iPrism device.

The Postini email filtering also does antivirus checking against our incoming emails. I still run antivirus against our email server just because it's a part of the corp package, but it's been ages since any virus infected email has gotten passed Postini.   The St. Bernard appliance also does antivirus checking of web sites, but we weren't able to use it because we had an older appliance that wouldn't handle it.. we have just recently upgraded and will be implementing that as well.

Just remember that a layered approach to corp security is the best and it's best to not depend on one thing for all your protection.
0
 
LVL 38

Assisted Solution

by:younghv
younghv earned 560 total points
ID: 24017864
I've never found anything better than iPrism (mentioned above) for managing your web traffic - or worse than the various Symantec/Norton products for any security function.

I would never hesitate to install iPrism and there is nothing that would induce me to install Symantec (93 quick reasons right here: http://www.experts-exchange.com/Virus_and_Spyware/Anti-Virus/Anti-Virus/Symantec/).

Describe the topography (size, #/type of hosts, geographic/physical lay-out) of your network and we can give you a better recommendation.

0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
LVL 1

Assisted Solution

by:pressonj
pressonj earned 160 total points
ID: 24041577
AV - ESET NOD 32
Web Filter - Websense
Anti Spam - Websense Email Security
0
 

Author Comment

by:stillspangle
ID: 24049106
Hi
Thanks for your input so far.

We are a large, 2-site, school.  We have 2100+ students and 250 staff.  We have around 700 networked PCs.  We have some students who bring in their own laptops to access the few wireless APs we currently have installed (we are planning to go wireless on 1 site and, as a result, we are also investigating WLAN Controller access, etc)

Hope this helps.
PS: Points raised because of the help so far.
0
 
LVL 38

Accepted Solution

by:
younghv earned 560 total points
ID: 24049193
For a network as large (and diverse) as yours, I would recommend the ePO product from McAfee.
Your biggest challenge is going to be those personal laptops coming in and McAfee has a great ability to evaluate the 'current' levels of AV DAT files for other AV solutions.

Are you going to have any protection in place to 'block' connectivity to your network unless the in-coming device has all current patches and AV protection? Cisco PIX has a function that will allow you to verify this information - before assigning an IP address.

Regarding the 'WebSense' recommendations - our higher headquarters put that in place a few years back without alerting us in advance and it took some of my technicians about 2 hours to figure out how to completely evade it.

In my experience, iPrism is a much more robust solution - and I've never heard of anyone getting around it (hardware trumps software every time).
0
 
LVL 6

Assisted Solution

by:netnounours
netnounours earned 160 total points
ID: 24049270
Hello,

I would stay with trend for the PC/Servers. I like the proxy service in OfficeScan 8.

For web filtering, I am a real fan of iPrism (ease of use/configure, reporting, excellent customer support).
Anti-spam : Proofpoint appears to be accurate, moderately easy to configure/calibrate and, too, they have a great technical service.
I hope this helps
0
 
LVL 28

Assisted Solution

by:jhyiesla
jhyiesla earned 440 total points
ID: 24049305
I would echo the sentiments about iPrism. It's been a good solution for us.  We have around 450 PCs. Used to use SurfControl, which is a good product, but kept running into minor support issues and went looking for a reasonably priced hardware solution.

Postini's filtering service is fairly nice as well. As I think I mentioned above, we're going to start using that for our clients because they don't touch our network so we can't do the iPrism for them. We looked at the Postini solution before going to iPrism and just felt it wasn't as good a fit for our environment.
0
 
LVL 1

Expert Comment

by:pressonj
ID: 24051185
The only way that your technicians could evade Websense is if it was not installed correctly.  This applies for nearly all products.
0
 
LVL 38

Expert Comment

by:younghv
ID: 24052346
@pressonj - WebSense is easily by-passed by a variety of methods - whether or not it is installed correctly. If you do a little research on the topic you will find that this is true (we cannot discuss specifics here on EE).

Not only does iPrism put a hardware block in place to manage web access - the best part from an Administrator's point of view is that any user can simply 'click a button' to request access to a blocked site, and then the Administrators can simply 'click a button' to allow it - permanently or just temporarily.

In the old days we called it "Infantry Simple", because even I could figure out how to manage it.
:)
0
 
LVL 20

Assisted Solution

by:jimmymcp02
jimmymcp02 earned 200 total points
ID: 24072786
my 2 cents.
 
I use symantec products for my networks. I have Sav corp 10.1.5 and symantec mail foundation for exchange and im happy with both produtcs.
Also i use mxlogic as a front end spam filter which works great no issues so far we cut our inbound spam mail by almost 90 percent. we have not had a virus outbreak for 6 years.
 
Note that im also using juniper to lock down all of my sites.
Mail security for echange
http://www.symantec.com/business/mail-security-for-microsoft-exchange
I dont think you can buy sav corp anymore so you are kind of stuck with end point im not going to provide feedback on that product since i have stop testing before rolling it out to my computers
spam filter
http://www.mxlogic.com/ 
0
 
LVL 28

Expert Comment

by:jhyiesla
ID: 24072846
As of last year, Symantec was running licenses for EP, but you could still license 10.1.x from them.  If you want to go the Symatnec route, call them or your VAR to check.
0
 

Author Closing Comment

by:stillspangle
ID: 31563988
Thanks, all
No single answer, but the full range of comments has been really helpful.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forget those services on TV trying to sell you software – that’s step one.  Almost all of the software you need should be available for free.  The tricky part is doing the work.  If you are not comfortable performing these steps yourself, contact a …
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question