Real World Opinions on vShield integrated AV/Anti-Malware solutions

I am trying to get away from a traditional AV solution on my virtual desktops and servers. We use VMware ESXi for servers as well as View 4.5 - moving to 5.2 soon for VDI. I am looking for a solution that integrates with vShield so I do not have to install a traditional product on the VM's.

I have tested a number of these products in my lab, looking mostly for ease of setup, console that works well, but doesn't take doctorate to manage and things like this. Mostly I have found that they are not hard to install, but management seems overly complex. For example, on one product it seemed that the SE and I spent way too much time getting everything to go green and then too much tweaking to remove "false" errors in the console.

One thing that is hard to test is the ability of these products to do what we really buy them for - protect us from viruses and malware.

I'm looking for some real world opinions based on your experiences with these products to answer the following questions:

1. Does the install make sense and does it minimize downtime?
2. Is the console full featured without being so complex that you never know what's going on for sure? Can I kind of set it and forget it from a configuration standpoint or does it require constant tweaking?
3. Does it do the job of protecting VM's from viruses and malware?

The companies that I am looking at are:

1. Symantec
2. Trend
3. Kaspersky
4. Sophos

Thanx in advance for your expertise.
LVL 28
jhyieslaAsked:
Who is Participating?
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
We've looked at them ALL, and would highly recommend Trend

1. yes
2. yes
3. No. (no product does!)

You need to have an alround solution, on Desktops, SMTP, Exchange, and Web!

We've had real issues at present of malware which installs as part of applications, because users, Tick All the Boxes!

This then downloads, different toolbars, applicatrions, search engines, require the VM to be scrapped!
0
 
jhyieslaAuthor Commented:
Andrew thanx for the input.  I probably should have been more clear on point 3.  I know that nothing protects perfectly.  But what I've found is that you usually get one or the other.  Our current traditional AV solution is geared more towards viruses and less towards emerging malware. I'd dump it in a heart beat and use Malwarebytes, but the company readily admits that it doesn't do as good job against viruses and they suggest running MWB in concert with a AV program. This ends up costing me twice as much and increases my resource use on computers that in some cases are already burdened. What I'd like to find with a vShield integrated product, is one that covers the entire gamut, even though I know that it won't, by itself, protect me from everything.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
I'm afraid that is not a product which covers all areas.

We recommend different vendors, at different entry points.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
jhyieslaAuthor Commented:
So, if you're recommending Trend, where does that fall in the virus vs malware debate and what are you using in concert with Trend?
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
McAfee, Trend, Sophos

I would say virus and some malware (but Malwarebytes, SuperAntiSpyware, Lavasoft, do better jobs!)
0
 
gheistCommented:
"Tradiitional" av is best security practice...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.