Recommendations: Anti-Virus (email and local PC), Anti-Spam, Web Filtering

Posted on 2009-03-28
Last Modified: 2013-11-22
Hi, all
I am looking for 'different' solutions for our current site AV, etc.

This is an easy question in that I'm looking for maybe 2 to 4 corporate level solutions (see subject title) that are taken seriously by industry.

Trend Micro supply our anti-spam (Messagelabs).  Trend also supply our web filtering software (Websense) and PC-based AV (Trend Micro OfficeScan).

I'm receptive to a catch-all service as well as separation.

Can anyone make any recommendations (not from salespeople, of course!)?
I'll split the points if need be.

Thanks and hear from you soon.

Question by:stillspangle
  • 3
  • 3
  • 2
  • +4
LVL 14

Assisted Solution

by:Ehab Salem
Ehab Salem earned 40 total points
ID: 24011842
Good Antivirus systems are much and a replacement to what you have is easy (Symantec, AVG, Nde32...), but in my opinion Websense as a web filtering product is unmatched specially ifyouwant to integrate with a proxy/frewall.
LVL 28

Assisted Solution

jhyiesla earned 110 total points
ID: 24012336
We've used Symantec Corp for years and have been reasonably happy with it.  For a good web filter, we've tried several, but eventually settled on the iPrism appliance from St. Bernard. For email filtering look at Postini, a SAAS vendor now owned by Google.  They also offer web filtering as well as secure email and email archiving and discovery.  We opted to not go with their web filtering for my internal users because the iPrism just made more sense in our environment, but we are using it for our clients who need that, but don't go through our network. We are giving a serious look to their email archiving and discovery as well as their secure email package. We have also tried and used for several years the SurfControl product for web filtering which is what we were using when we went to the iPrism device.

The Postini email filtering also does antivirus checking against our incoming emails. I still run antivirus against our email server just because it's a part of the corp package, but it's been ages since any virus infected email has gotten passed Postini.   The St. Bernard appliance also does antivirus checking of web sites, but we weren't able to use it because we had an older appliance that wouldn't handle it.. we have just recently upgraded and will be implementing that as well.

Just remember that a layered approach to corp security is the best and it's best to not depend on one thing for all your protection.
LVL 38

Assisted Solution

younghv earned 140 total points
ID: 24017864
I've never found anything better than iPrism (mentioned above) for managing your web traffic - or worse than the various Symantec/Norton products for any security function.

I would never hesitate to install iPrism and there is nothing that would induce me to install Symantec (93 quick reasons right here:

Describe the topography (size, #/type of hosts, geographic/physical lay-out) of your network and we can give you a better recommendation.

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.


Assisted Solution

pressonj earned 40 total points
ID: 24041577
Web Filter - Websense
Anti Spam - Websense Email Security

Author Comment

ID: 24049106
Thanks for your input so far.

We are a large, 2-site, school.  We have 2100+ students and 250 staff.  We have around 700 networked PCs.  We have some students who bring in their own laptops to access the few wireless APs we currently have installed (we are planning to go wireless on 1 site and, as a result, we are also investigating WLAN Controller access, etc)

Hope this helps.
PS: Points raised because of the help so far.
LVL 38

Accepted Solution

younghv earned 140 total points
ID: 24049193
For a network as large (and diverse) as yours, I would recommend the ePO product from McAfee.
Your biggest challenge is going to be those personal laptops coming in and McAfee has a great ability to evaluate the 'current' levels of AV DAT files for other AV solutions.

Are you going to have any protection in place to 'block' connectivity to your network unless the in-coming device has all current patches and AV protection? Cisco PIX has a function that will allow you to verify this information - before assigning an IP address.

Regarding the 'WebSense' recommendations - our higher headquarters put that in place a few years back without alerting us in advance and it took some of my technicians about 2 hours to figure out how to completely evade it.

In my experience, iPrism is a much more robust solution - and I've never heard of anyone getting around it (hardware trumps software every time).

Assisted Solution

netnounours earned 40 total points
ID: 24049270

I would stay with trend for the PC/Servers. I like the proxy service in OfficeScan 8.

For web filtering, I am a real fan of iPrism (ease of use/configure, reporting, excellent customer support).
Anti-spam : Proofpoint appears to be accurate, moderately easy to configure/calibrate and, too, they have a great technical service.
I hope this helps
LVL 28

Assisted Solution

jhyiesla earned 110 total points
ID: 24049305
I would echo the sentiments about iPrism. It's been a good solution for us.  We have around 450 PCs. Used to use SurfControl, which is a good product, but kept running into minor support issues and went looking for a reasonably priced hardware solution.

Postini's filtering service is fairly nice as well. As I think I mentioned above, we're going to start using that for our clients because they don't touch our network so we can't do the iPrism for them. We looked at the Postini solution before going to iPrism and just felt it wasn't as good a fit for our environment.

Expert Comment

ID: 24051185
The only way that your technicians could evade Websense is if it was not installed correctly.  This applies for nearly all products.
LVL 38

Expert Comment

ID: 24052346
@pressonj - WebSense is easily by-passed by a variety of methods - whether or not it is installed correctly. If you do a little research on the topic you will find that this is true (we cannot discuss specifics here on EE).

Not only does iPrism put a hardware block in place to manage web access - the best part from an Administrator's point of view is that any user can simply 'click a button' to request access to a blocked site, and then the Administrators can simply 'click a button' to allow it - permanently or just temporarily.

In the old days we called it "Infantry Simple", because even I could figure out how to manage it.
LVL 20

Assisted Solution

jimmymcp02 earned 50 total points
ID: 24072786
my 2 cents.
I use symantec products for my networks. I have Sav corp 10.1.5 and symantec mail foundation for exchange and im happy with both produtcs.
Also i use mxlogic as a front end spam filter which works great no issues so far we cut our inbound spam mail by almost 90 percent. we have not had a virus outbreak for 6 years.
Note that im also using juniper to lock down all of my sites.
Mail security for echange
I dont think you can buy sav corp anymore so you are kind of stuck with end point im not going to provide feedback on that product since i have stop testing before rolling it out to my computers
spam filter 
LVL 28

Expert Comment

ID: 24072846
As of last year, Symantec was running licenses for EP, but you could still license 10.1.x from them.  If you want to go the Symatnec route, call them or your VAR to check.

Author Closing Comment

ID: 31563988
Thanks, all
No single answer, but the full range of comments has been really helpful.

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to remove Odin ransomware ? 11 217
optimal method deal ransomware in files folders 9 150
SPAM and Ransomware and Backup 11 135
EmsisoftAntiMalware is it trusted reliable 4 44
PREFACE The purpose of this guide is to explain what the SEPC Status Utility is and how it works. I have written the utility using AutoIt and have included the source code for your review. You are welcome to modify the code to your liking, but I wi…
Operating system developers such as Microsoft ( and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question