What are some good options for managing about 200 computers on a microsoft network

So the network i'm now managing has about 200 or so computers on it, active directory users, and viruses and malware are popping up on several of the local machines.  What is the most practical way to solve malware and virus issues on a network of this kind of scale, thanks for any advice.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

There are plenty of combined malware/virus systems out there.  Symantec is one of the best.  I have heard really good things about Kaspersky and it's priced very well.  Both of these have centralized management so everything can be pushed out, including virus def updates.
Symantec is always an option, but I've found the client application to be pretty resource heavy and the enterprise solution is pricey.  I would recommend either Sophos or Kaspersky.  Both of these solutions offer remote install and status monitoring through an administrative console.  I believe they also both offer remove removal of any previously installed anti-virus software.  An important thing to look out for would be whether or not the version of the product you're buying has the malware piece included.  The base models of these products just offer anti-virus.  It's clear you are looking for more than just that.  Best of luck.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ffleismaSenior Network EngineerCommented:
beyond reactively resolving the issues of infected workstations, also consider applying security policies for your office.

1. block non-work related sites (torrent sites, peer sharing, etc.
2. remove admin rights to users, this would avoid having them installing applications your IT team doesn't know about.
3. remove non-work related applications.
4. apply patches and updates after careful evaluation.
lists goes on. I'm not really a security expert but from all the companies I've work for, they usually have a security policy that the employees have to adhere to.
Are You Protected from Q3's Internet Threats?

Every quarter, WatchGuard's Threat Lab releases a security report that analyzes the top threat trends impacting companies around the world. For Q3, we saw that 6.8% of the top 100K websites use insecure SSL protocols. Read the full report to start protecting your business today!

I agree with ffleisma.  If you are serious about securing a network of 200 end-points, then there is much more to be done than simple AV.
Yeah, I agree with everything said so far.  Virus scanning and Malware is part of the solution.  You should have policies in place, also.  Unfortunately, we can only suggest a few policies, like what ffleisma mentioned.  We can't flesh out an entire GP plan, so if you are unfamiliar, you have some reading to do.  lol

Another useful tool is WSUS for managing Windows Updates.  With 200 computers, you don't want everyone getting their updates off your bandwidth.  You can use WSUS to download once and distribute internally.  This also helps keep the installations standard.  

Good luck.
Hi, I agree with everything so far.

For ease of use, price and level of support I would suggest Sophos.

I find that the real time scanner does not affect the speed of the machine very much and the control centre for central management is easier to configure.

I did a lot of research into which AV to sell when I started my business and  decided on Sophos.  I was glad I made this choice as it was able to clean a nasty virus, rather than delete the infected files so didn't render the machine dead. The customers existing McAfee setup killed the machines so we swapped to Sophos.

If you are in the UK, let  me know as I can offer a good discount and have decent notes on configuration to get it working perfectly.

THanks for the sales pitch.  FOr the same reasons, Kaspersky is very popular.  
When I carried out my research I found that Kaspersky was higher up various charts for catching  viruses, but I have found Sophos to be almost as good, but Sophos is far cheaper than Kaspersky. Hence the informed decision to go with Sophos.

I have experience of McAfee and found the latest version more difficult to manage and felt it slowed the pc down a bit more than Sophos, plus many years ago had a version of McAfee caused a lot of problem for a large city bank I was working for, hence my dislike for McAfee.  I have not tried the corporate version of Kaspersky yet, so  don't know about the ease over management, or performance.

I just wanted to give you an answer with some reasoning behind it. But some would call that a sales pitch.

Choose the option that you feel is best for your company.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Security

From novice to tech pro — start learning today.