Solved

Real World Opinions on vShield integrated AV/Anti-Malware solutions

Posted on 2014-01-22
6
668 Views
Last Modified: 2016-02-25
I am trying to get away from a traditional AV solution on my virtual desktops and servers. We use VMware ESXi for servers as well as View 4.5 - moving to 5.2 soon for VDI. I am looking for a solution that integrates with vShield so I do not have to install a traditional product on the VM's.

I have tested a number of these products in my lab, looking mostly for ease of setup, console that works well, but doesn't take doctorate to manage and things like this. Mostly I have found that they are not hard to install, but management seems overly complex. For example, on one product it seemed that the SE and I spent way too much time getting everything to go green and then too much tweaking to remove "false" errors in the console.

One thing that is hard to test is the ability of these products to do what we really buy them for - protect us from viruses and malware.

I'm looking for some real world opinions based on your experiences with these products to answer the following questions:

1. Does the install make sense and does it minimize downtime?
2. Is the console full featured without being so complex that you never know what's going on for sure? Can I kind of set it and forget it from a configuration standpoint or does it require constant tweaking?
3. Does it do the job of protecting VM's from viruses and malware?

The companies that I am looking at are:

1. Symantec
2. Trend
3. Kaspersky
4. Sophos

Thanx in advance for your expertise.
0
Comment
Question by:jhyiesla
  • 3
  • 2
6 Comments
 
LVL 117

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
ID: 39800777
We've looked at them ALL, and would highly recommend Trend

1. yes
2. yes
3. No. (no product does!)

You need to have an alround solution, on Desktops, SMTP, Exchange, and Web!

We've had real issues at present of malware which installs as part of applications, because users, Tick All the Boxes!

This then downloads, different toolbars, applicatrions, search engines, require the VM to be scrapped!
0
 
LVL 28

Author Comment

by:jhyiesla
ID: 39800833
Andrew thanx for the input.  I probably should have been more clear on point 3.  I know that nothing protects perfectly.  But what I've found is that you usually get one or the other.  Our current traditional AV solution is geared more towards viruses and less towards emerging malware. I'd dump it in a heart beat and use Malwarebytes, but the company readily admits that it doesn't do as good job against viruses and they suggest running MWB in concert with a AV program. This ends up costing me twice as much and increases my resource use on computers that in some cases are already burdened. What I'd like to find with a vShield integrated product, is one that covers the entire gamut, even though I know that it won't, by itself, protect me from everything.
0
 
LVL 117
ID: 39801032
I'm afraid that is not a product which covers all areas.

We recommend different vendors, at different entry points.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 28

Author Comment

by:jhyiesla
ID: 39802787
So, if you're recommending Trend, where does that fall in the virus vs malware debate and what are you using in concert with Trend?
0
 
LVL 117

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE)
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
ID: 39802806
McAfee, Trend, Sophos

I would say virus and some malware (but Malwarebytes, SuperAntiSpyware, Lavasoft, do better jobs!)
0
 
LVL 61

Expert Comment

by:gheist
ID: 39808509
"Tradiitional" av is best security practice...
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

VM backup deduplication is a method of reducing the amount of storage space needed to save VM backups. In most organizations, VMs contain many duplicate copies of data, such as VMs deployed from the same template, VMs with the same OS, or VMs that h…
Last article we focus in how to VMware: How to create and use VMs TAGs – Part 1 so before follow this article and perform the next tasks, you should read the first article how to create the TAG before using them in Veeam Backup Jobs.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
In this video tutorial I show you the main steps to install and configure  a VMware ESXi6.0 server. The video has my comments as text on the screen and you can pause anytime when needed. Hope this will be helpful. Verify that your hardware and BIO…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now