Solved

New Anitvirus/Malware software

Posted on 2009-07-09
22
559 Views
Last Modified: 2013-11-22
We have a client with a Windows 2003 server and about 10 XP workstations and we were looking into upgrading or changing their antivirus software and possibly adding a malware blocking program as they have had problems with malware and viruses.  They are currently running Mcafee virus scan enterprise 8.0.0 on the server and workstations and I am pretty sure there is a newer version out there.  I am also not sure it has always been updating as it should.  They also have the free version of malwarebytes on the pc's and can run a scan anytime they want manually.  Does anyone have any good suggestions or experience with a newer possibly improved antivirus solution (if it is a Mcafee upgrade or something else).  As well as a malware protecting program that runs like an antivirus solution catching a quarantining spyware/malware before it infects the pc that runs in the background not just on a user initiated scan?  Doesn't have to be a corporate solution, could just be something each workstation runs locally if need be.
Thanks  
0
Comment
Question by:IndyNCC
  • 5
  • 4
  • 4
  • +6
22 Comments
 
LVL 6

Accepted Solution

by:
tgtcat69 earned 74 total points
ID: 24816154
I have had great luck with Eset

www.eset.com

0
 
LVL 66

Assisted Solution

by:johnb6767
johnb6767 earned 71 total points
ID: 24816180
Keep in mind Malware Bytes Free isnt licensed for corporate use. I like the SuperAntiSpyware Professional, which has a lifetime license for a single purchase price. Theier admin console should be comeing out soon.....
I also prefer AVG 8 Network edition.

AVG Anti-Virus Network Edition
http://www.avg.com/product-avg-anti-virus-network-edition
I havent found a good all in one solution yet, as they are both still unique areas.....
0
 
LVL 6

Assisted Solution

by:ahmad2121
ahmad2121 earned 71 total points
ID: 24816349
http://www.spywareterminator.com/

is one of the best malware blockers I know of. It has something called HIPS which creates a database of all the running apps on the PC (if you enable it, it will ask for every app initially). The create thing about that is, once anything else is run it will warn you if you want.

It also has one of the best scanners I know of. The quick scan lasts less than 30 seconds and catches most problems. It has a built in scheduler that can run everyday.

After using it, I have never used anything else. It has a built in open source av (clamav), but I cannot comment on its quality.

NOD32 is one of the best AVs out there. It is a little expensive, but combined with spywareterminator, I think its a good combo.

I know other corporations use Sophos, and Symantec AV (not norton).

Bottom line is, nothing is perfect. Find the one you like and stick with it. With any AV, you will at some point have to get your hands dirty.
0
 
LVL 18

Assisted Solution

by:awawada
awawada earned 71 total points
ID: 24816897
We use Panda Managed Office Protection and install this to every costummer: http://www.pandasecurity.com/uk/enterprise/solutions/managedprotection/
0
 
LVL 6

Expert Comment

by:tgtcat69
ID: 24816950
Just my $0.02

With no offense to awawada, we used Panda for a couple years and wouldn't go back.  Granted, we did not have any problems with malware or viruses, but the administrative side for it is a pain.

There was a /. article a few weeks ago that discussed this very thing, but I'm unable to find it
0
 

Author Comment

by:IndyNCC
ID: 24817515
Thanks for the suggestions so far, I am going to check with the client and see how much they want to spend and try to find a suitable solution that will hopefully keep them virus and malware free.
0
 
LVL 18

Expert Comment

by:awawada
ID: 24817797
tgtcat69 Panda Managed Office Protection is NEW! It the replacement of Panda Web Admin. any experience? the administrative side is the easiest way i saw ever :-)
0
 
LVL 6

Expert Comment

by:tgtcat69
ID: 24817823
Oh...I beg your pardon, I read it incorrectly.    I do not have any experience with that....do you have a link?
0
 
LVL 18

Expert Comment

by:awawada
ID: 24817896
tgtcat69 some videos for you, here you can see how easy it is now (panda has also learned from administrative problems):
http://www.youtube.com/watch?v=9F8U_bRvCvo
http://www.youtube.com/watch?v=3PAiK5_EY2o
0
 
LVL 6

Expert Comment

by:tgtcat69
ID: 24817914
Looks pretty slick...I wonder if we can upgrade to that with our current license

Thanks again
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 71 total points
ID: 24817924
IndyNCC--" I am also not sure it has always been updating as it should. "
That could be a key to some of the client's problems.  Many AV programs now automatically update, but since I have not tried all, I cannot tell you which.  Doesn't McAfee?
Another key could be to use several antimalware programs since no one does the whole job.
1)  SpywareBlaster would be one to add.  It works only in a limited area, but plugs a few holes and is compatible with other antimalware programs.
2)  HOSTS file.  This can prevent inadvertent access to sites that load malware.  
3)  The setting options in IE Tools|Internet Options|Security and Privacy tabs should be used.
You have asked about proactive Antimalware programs.  Eset (already mentioned by tgtcat69) is one. Kaspersky is another.  See this article
http://kingofgng.com/eng/2009/06/21/av-comparatives-tests-antivirus-software-proactive-defenses/
0
 
LVL 27

Assisted Solution

by:David-Howard
David-Howard earned 71 total points
ID: 24818753
We recently rid ourselves of Norton and replaced it with Microsofts ForeFront. The program is small, easy to install, updates regularly and provides both virus and malware protection.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 24821314
As a McAfee Enterprise user, it's a shame it wasn't setup correctly.  If they are still paying their annual license for McAfee, you can use their Grant number to access the secure page to download the latest versions of their software.  VSE has just moved from 8.5i to 8.7i, but you require to use the admin service called ePO to manage all the new versions of software.  I am still using the older basic product called Pro Pilot, which only allows control up to 8.5, but i also have the Anti-Spyware plugin added to my VSE installs.

If they are not paying anything for McAfee, then their licenses will have expired, and they will likely be required to remove the product.  You can check with a good McAfee vendor, and they can advise you on the current situation.  Its not a perfect setup, in the past i have used SuperAntiSpyware and SpyBot with any malware issues, but by enlarge, the suite to cover the servers and user systems, is not bad, and easy to manage.  At home however, i am a big fan of AVG, the browser/web rpotection is astonishing, and proper small updates daily - McAfee's DAT updates can be up to 100MB, if you miss several of the incremental ones, and have to download the full file.

Remember to check if the software (usually free-ware) is ok for business/commercial purposes.
0
 

Expert Comment

by:stalacite
ID: 24822375
My organisation too is running McAfee VirusScan Enterprise and SCM3200 (for spam and intrusion prevention) but unfurtunately, we keep getting spam mails or no mails at all, never had an easy day at work due to virus. I run an AD network though not tightly implemented but even most of the machines on the domain get infected with viruses. A good thing our critical apps ain't running on windows. can anyone advise on implementation or alternative solution. there are no proxies on my network
0
 
LVL 6

Expert Comment

by:tgtcat69
ID: 24823184
@ stalacite...I would open a new question.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 24823234
stalacite:

you need to be in control of your VSE deployment so you know that all the systems are up to date, and that you have deployed the latest agent, patches and hotfixes (8.5i is up to patch 8 and 8.7i is up to patch 1).  Also your servers would normally run the same VSE product, with Groupshield on your mail server, Webshield if you have a proxy server for web access.

the SCM product sounds like its not doing the job right, but i have no experience of this.  Your ISP should be able to offer some help on your mail filtering, but we use Postini only, so we never get anything dodgy.  As for sorting out your web traffic, i would recommend OpenDNS, its service is very good, free and includes content filtering service.
0
 

Author Comment

by:IndyNCC
ID: 24823468
I'll check on their Mcafee license situation, so if they were to stick with Mcafee your saying it is time to upgrade or change versions?  Has 8.0.0 gone out of date?  We have had good luck with Postini for the spam filtering.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 24824232
yes 8.0 is nearly EOL as of 31st Dec 2009, with 8.5i as the new minimum, and that will likely be dropped in the next 6 months, as 8.7i is now up and running (tho you do need ePO 4.0 to deploy it). you should be able to continue using it in the short term until you can get a good plan/upgrade in place.  McAfee also plan on starting new type of DAT and updating method from January 2010, which will likely render 8.0/8.5i obsolete, as they will likely only cater for the new 8.7 version.

In the meantime to keep using version 8.0, you should have it patched to P16, Scan Engine 5300 and have the latest agent applied via your admin console (ePO or Pro Pilot), if you need the patch file let me know i still have them archived.

You can get the latest SuperDAT which includes the DAT files and Engine update here (but test thisfirst as am not sure if 8.0 is able to run these later SDATs) - http://www.mcafee.com/apps/downloads/security_updates/dat.asp?region=uk&segment=smb

0
 

Author Comment

by:IndyNCC
ID: 24839163
Thanks I will check with them and see if they want to upgrade now or wait and figure out exactly what they have.  Where would I find their grant or license number to see if they are eligible for the upgrades?  Is it saved somewhere in the server software or will we need to find a piece of paper with the info on it that would have come with the software?
0
 
LVL 20

Assisted Solution

by:Iain MacMillan
Iain MacMillan earned 71 total points
ID: 24839535
Your grant letter used to be a paper letter with anti-tampering logo watermark on it, these days (in the last 2 years), its been an electronic email with PDF to the person at the company who is in charge of buying or managing the software licenses.

You can contact McAfee direct to find out who the contact would be, and if you have a current grant letter & code - http://www.mcafee.com/us/about/contact/index.html, i'm sure someone in the customer support team should be able to find the company and tell you the information you know, unless you know of any reseller they may have gone through.
0
 

Author Comment

by:IndyNCC
ID: 25016202
That's fine to split it up, I am still waiting on the client to decide if they want to spend the money right now to upgrade/renew, looks like they will probably stick with mcafee but we looked into some of the other suggestions as well.
Thanks,
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now