We help IT Professionals succeed at work.

Best AV for 2008 R2 64bit

thomasguidry
thomasguidry asked
on
We are a school district and at the end of every school we get hit with a virus. We've already tried two products Lightspeed and Forefront. Neither were able to stop viruses. We are looking for the most recommended AV solution to protect 100+ servers. Management would not be open to anything from Symantec. We did have MacAfee at point that the company liked, but had to get rid of due to cost. I've seen suggestions of Panda and AVG. My biggest concern is that the AV be able to stop emergent threats, not necessarily old ones.
Comment
Watch Question

Author

Commented:
I should add that we are a Microsoft shop with mostly 2003 R2 servers in the middle of phased (and slow migration to 2008 R2
Actually I saw BitDefender is the best
Technology and Business Process Advisor
Most Valuable Expert 2013
Commented:
Antivirus questions pop up frequently and you'll get as many opinions as you do comments... there is no consensus in my experience... other than... to some extent... a consensus that Symantec stinks worse than most or it doesn't.  I believe it does.

That said...

You need to understand that in MOST cases, you cannot stop threats that have not been seen by the A/V vendor.  You will never be satisfied with any product you get because frankly, they all stink.  The one I've been recommending and using at various clients is Sunbelt Software's VIPRE Enterprise.  It's a fairly inexpensive product with a good deployment and management console.  In places I've installed it, comments have GENERALLY been that it has caught things that their prior products missed (including tools like AVG and Malware bytes).  BUT, that said, it is far from perfect.  There is nothing that gets 100% anymore... there's nothing that gets 90% anymore.  In general, most products protect you from about 80% of the bad stuff out there.  Maybe product x does 78% and product y does 82% but in general, don't expect better than 80%.  If you have a time machine and want to go back to 1995, then yes, most products caught 95-99%.  Not today.

A good security configuration will see appropriate firewall rules, user account privilages, multiple protection points (meaning your firewall/router will also be a virus scanner and will use a different engine than the one used by your computers/workstations/servers.

It's a losing battle... understand this, be smart, and you'll be reasonably protected.... but not perfectly... perfectly doesn't exist.
Commented:
I work at a High School & early last year the government canned the national agreement with CA's eTrust after multiple schools got hit with viruses and very large repair bills. We never got hit (can only assume that AV management was pretty slack at their end).
The new agreement is with Symantec using Symantec Enterprise Protection (SEP). The software is quite powerful & easy to manage and roll out.

A managable product is best in any workplace/school as you can see the status of any computer with updates, etc and reporting can quickly pinpoint when & where a virus initiated - therefore with a bit of tracking can find out WHO infected the system.

Of course if no-one manages the product then it's useless.

One option you could look at is maybe Microsoft's solutions with say OneCare - you may be eligable for a charity/schools based pricing and even get OVL/MVLS (google it). Although it's 'their' software it contains multiple sub-licenced engines from the likes of Trend Micro, Symantec and so on so you can scan randomly or sequentially with different engines to better spot threats.
Lee W, MVPTechnology and Business Process Advisor
Most Valuable Expert 2013

Commented:
The problem I have with Symantec is that they don't work when it counts.  I dabble in programming and I can create checkboxes and dropdown options that imply I can do everything under the sun... problem is, when it comes to coding them to work properly... well... I'm sure symantec could do it... if they gave their programming staff the budget the marketing staff has... their marketing is AWESOME.  Their programming is ... well... I don't like to use profanity here.

Commented:
Yeah - it can be a pain in the arse. This one isn't as bad though at the admin end. The Client is quite vague however (which can be good in a deployed environment) as most can be done from the management console.

See what MS has as I'm sure that they would have Group Policies and so on for deployment with their software (or maybe something similar to the WSUS interface).
Keith AlabasterEnterprise Architect
Top Expert 2008

Commented:
No offence but Forefront does stop viruses extremely well as do other products such as Sophos. However, they do need to be deployed properly

Commented:
Thanks - Forefront was the one I was thinking of from Microsoft. It's capable of being managed via WSUS too (WSUS is another topic altogether if you're not sure what it is.)

Author

Commented:
None
Lee W, MVPTechnology and Business Process Advisor
Most Valuable Expert 2013

Commented:
If you're not going to give an A grade you should provide an explanation as to why.  We volunteer our time to help you and the points are the "Thank You" for doing so.

Author

Commented:
Well I was looking for names of companies for testing etc, while you did give a good explanation on how to do security, that wasn’t really what I was looking for.

The second poster did mention one but still mentioned a company that I specifically said in the OP that our company would not consider.

The others didnt get any credit because when you say statements like "no offense" you are actually being very offensive.
Lee W, MVPTechnology and Business Process Advisor
Most Valuable Expert 2013

Commented:
I DID provide the name of a company - even suggested the pricing would be good:
"The one I've been recommending and using at various clients is Sunbelt Software's VIPRE Enterprise."

If we didn't (seem) to provide what you were looking for, why not post back and request more information BEFORE accepting answers?  Again, I get virtually nothing for this and I spent time that I normally charge people for answering your question.  When people don't take the time to participate in their own questions and don't "reward" me for my efforts, it is not an incentive for me to continue to provide guidance in the future.  I can't speak for everyone, but I'm sure many people (and many of the top people here) feel the same way.

Author

Commented:
I did see that, but as said I was hoping for a bit more than that. I'm sorry for being vague

The reason I accepted the answer is because one poster was going to make me very mad, and I didnt want to continue this topic.

Honestly, I'm not sure what the difference is between an A or B answer as far as this website is concerned, I thought the points were more worth it to posters than the grades of their answers. If it means that much to you I dont mind having a mod change yours from an B to an A, as long as the other one remained a B.
Keith AlabasterEnterprise Architect
Top Expert 2008

Commented:
I take a different view to Lee as I am not interested in your points, to me they are a bit of fun which is probably why I only have about four million points compared to Lee's 'loads of millions'. However, I am interested in how you perceive the term 'no offence' as offensive. Maybe the phrase has a different meaning in America or wherever you are as opposed to here in the UK - I note you have used the US spelling of 'offence'. In the UK it suggests that a reader should take the comment as a literal statement, not a criticism or derogatory comment.

It is unfortunate that many questions asked here are by people who have no knowledge of the subject that categorises their question. It is also impossible to guage the question-askers experience in a given subject by 'looking' at their question. A question asker can be an absolute expert or a complete novice - we have no way of

In your original post you stated that Forefront was unable to stop viruses; a statement that is not reflected in any of the reports from reputable bodies such as Forrester, Gartner or the like who see Forefront as increasing its market share. true, they do not compete at the same take-up level as the traditional suppliers but they now have a proven track record in stopping viruses hence my comment that the products need to be installed correctly to function properly.

Like Lee, I use my spare time free of charge to help people who ask for help on a number of different sites and forums regardless of their technical acumen. If my factual statement offends then I'll apologise as I have no axe to grind either way. if thats enough then great, if its not, I can live with it.
 
....and Sophos does a great job too.




Author

Commented:
"No offensive" is merely a pretext to say something offensive while trying to shield yourself from the consequences of your words. I say that regardless of the cultural context spoken in.

As far as Forefront, while it may have the ability to stop some viruses, it is not stopping the viruses that are plaguing our network, and it is not due to configuration issues despite what you may think or the evidence you have to the contrary. We've been dealing with Conficker for over a year now while ensuring that FF always had the latest definition updates. To add insult to injury Forefront does not remove files that have been dropped onto our systems by these viruses once we've gotten MS to send definition that do stop the virus (in this particular case, Quakbot). Survey's and statistics mean nothing to a company when a product does not perform to expected standards.
Lee W, MVPTechnology and Business Process Advisor
Most Valuable Expert 2013

Commented:
I don't need points per se - as Keith points out, I have millions.  The points to me are fun - if I didn't care about them, there are plenty of other places I could answering questions, but for the most part, EE is it.

The grades affect the total number of points I receive.  I believe it's only fair to give experts the opportunity for the A grade and when they don't get it, explain why.  When you explain why, people better understand how to improve next time.  For some people (not for me) the points are a way of maintaining a free membership, so if you aren't fair in your grading, you can literally be affecting that person's ability to use this site as they have been.

Author

Commented:
I was not aware that the points where a percentage based on the grade. I apologize for the confusion.
Lee W, MVPTechnology and Business Process Advisor
Most Valuable Expert 2013

Commented:
To clarify for future reference, on a 500 point question, a person who has their single comment selected as the "answer" (not a split), gets:
"A" Grade: 2000 points. (4x multiplier)
"B" Grade: 1500 points. (3x multiplier)
"C" Grade: 1000 points. (2x multiplier)