Recommendations: Anti-Virus (email and local PC), Anti-Spam, Web Filtering

Hi, all
I am looking for 'different' solutions for our current site AV, etc.

This is an easy question in that I'm looking for maybe 2 to 4 corporate level solutions (see subject title) that are taken seriously by industry.

Trend Micro supply our anti-spam (Messagelabs).  Trend also supply our web filtering software (Websense) and PC-based AV (Trend Micro OfficeScan).

I'm receptive to a catch-all service as well as separation.

Can anyone make any recommendations (not from salespeople, of course!)?
I'll split the points if need be.

Thanks and hear from you soon.

Who is Participating?

Improve company productivity with a Business Account.Sign Up

younghvConnect With a Mentor Commented:
For a network as large (and diverse) as yours, I would recommend the ePO product from McAfee.
Your biggest challenge is going to be those personal laptops coming in and McAfee has a great ability to evaluate the 'current' levels of AV DAT files for other AV solutions.

Are you going to have any protection in place to 'block' connectivity to your network unless the in-coming device has all current patches and AV protection? Cisco PIX has a function that will allow you to verify this information - before assigning an IP address.

Regarding the 'WebSense' recommendations - our higher headquarters put that in place a few years back without alerting us in advance and it took some of my technicians about 2 hours to figure out how to completely evade it.

In my experience, iPrism is a much more robust solution - and I've never heard of anyone getting around it (hardware trumps software every time).
Ehab SalemConnect With a Mentor IT ManagerCommented:
Good Antivirus systems are much and a replacement to what you have is easy (Symantec, AVG, Nde32...), but in my opinion Websense as a web filtering product is unmatched specially ifyouwant to integrate with a proxy/frewall.
jhyieslaConnect With a Mentor Commented:
We've used Symantec Corp for years and have been reasonably happy with it.  For a good web filter, we've tried several, but eventually settled on the iPrism appliance from St. Bernard. For email filtering look at Postini, a SAAS vendor now owned by Google.  They also offer web filtering as well as secure email and email archiving and discovery.  We opted to not go with their web filtering for my internal users because the iPrism just made more sense in our environment, but we are using it for our clients who need that, but don't go through our network. We are giving a serious look to their email archiving and discovery as well as their secure email package. We have also tried and used for several years the SurfControl product for web filtering which is what we were using when we went to the iPrism device.

The Postini email filtering also does antivirus checking against our incoming emails. I still run antivirus against our email server just because it's a part of the corp package, but it's been ages since any virus infected email has gotten passed Postini.   The St. Bernard appliance also does antivirus checking of web sites, but we weren't able to use it because we had an older appliance that wouldn't handle it.. we have just recently upgraded and will be implementing that as well.

Just remember that a layered approach to corp security is the best and it's best to not depend on one thing for all your protection.
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

younghvConnect With a Mentor Commented:
I've never found anything better than iPrism (mentioned above) for managing your web traffic - or worse than the various Symantec/Norton products for any security function.

I would never hesitate to install iPrism and there is nothing that would induce me to install Symantec (93 quick reasons right here:

Describe the topography (size, #/type of hosts, geographic/physical lay-out) of your network and we can give you a better recommendation.

pressonjConnect With a Mentor Commented:
Web Filter - Websense
Anti Spam - Websense Email Security
stillspangleAuthor Commented:
Thanks for your input so far.

We are a large, 2-site, school.  We have 2100+ students and 250 staff.  We have around 700 networked PCs.  We have some students who bring in their own laptops to access the few wireless APs we currently have installed (we are planning to go wireless on 1 site and, as a result, we are also investigating WLAN Controller access, etc)

Hope this helps.
PS: Points raised because of the help so far.
netnounoursConnect With a Mentor Commented:

I would stay with trend for the PC/Servers. I like the proxy service in OfficeScan 8.

For web filtering, I am a real fan of iPrism (ease of use/configure, reporting, excellent customer support).
Anti-spam : Proofpoint appears to be accurate, moderately easy to configure/calibrate and, too, they have a great technical service.
I hope this helps
jhyieslaConnect With a Mentor Commented:
I would echo the sentiments about iPrism. It's been a good solution for us.  We have around 450 PCs. Used to use SurfControl, which is a good product, but kept running into minor support issues and went looking for a reasonably priced hardware solution.

Postini's filtering service is fairly nice as well. As I think I mentioned above, we're going to start using that for our clients because they don't touch our network so we can't do the iPrism for them. We looked at the Postini solution before going to iPrism and just felt it wasn't as good a fit for our environment.
The only way that your technicians could evade Websense is if it was not installed correctly.  This applies for nearly all products.
@pressonj - WebSense is easily by-passed by a variety of methods - whether or not it is installed correctly. If you do a little research on the topic you will find that this is true (we cannot discuss specifics here on EE).

Not only does iPrism put a hardware block in place to manage web access - the best part from an Administrator's point of view is that any user can simply 'click a button' to request access to a blocked site, and then the Administrators can simply 'click a button' to allow it - permanently or just temporarily.

In the old days we called it "Infantry Simple", because even I could figure out how to manage it.
jimmymcp02Connect With a Mentor Commented:
my 2 cents.
I use symantec products for my networks. I have Sav corp 10.1.5 and symantec mail foundation for exchange and im happy with both produtcs.
Also i use mxlogic as a front end spam filter which works great no issues so far we cut our inbound spam mail by almost 90 percent. we have not had a virus outbreak for 6 years.
Note that im also using juniper to lock down all of my sites.
Mail security for echange
I dont think you can buy sav corp anymore so you are kind of stuck with end point im not going to provide feedback on that product since i have stop testing before rolling it out to my computers
spam filter 
As of last year, Symantec was running licenses for EP, but you could still license 10.1.x from them.  If you want to go the Symatnec route, call them or your VAR to check.
stillspangleAuthor Commented:
Thanks, all
No single answer, but the full range of comments has been really helpful.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.