Announcement

Collapse
No announcement yet.

need some anti-virus opinions

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • need some anti-virus opinions

    ok I'm a systems administrator for a company with about 300 users spanned over 5 states.We use Mcafee for a virus solution currently.I honestly don't like symantec or Mcafee I find them both useless for protection.My users call me up and send me in computers infected all the time.I find that mcafee lets alot of infections through.I want to propose a different solution to my it manager
    and I was curious what you guys would suggest.I was thinking Kaspersky.So please let me know what you guys suggest and maybe a ballpark what it would cost to implement it in my environment.Thanks guys
    MCITP: EA

    MCITP: SA

  • #2
    Re: need some anti-virus opinions

    I've used Mcafee quite a lot of time and it's a very good Antivirus solution.
    However make sure you keep the AV software at least about 8.0 (patch 13) or higher.
    Combining this with ePO 3.6 or higher will give you a fantastic product.
    I haven't seen any false positives with Mcafee as look as you configure it correctly. Also I've noticed many many times that Mcafee has a faster updating meganism then for example Trend.

    I've worked with a Trend Micro gateway scanner (for HTTP/SMTP/FTP) which was configured to pull his updates every 15 minutes. In the back I used Mafee Groupshield for Exchange and when a new urgent virus was released, Mcafee was the first which catches the virus. About 3 hours later Trend took over. Mcafee was configured to update every 3 hours.

    Symantec should be removed as quickly as possible from the market. I think it's a horrible product.
    Karspersky is also a very good product. And also NOD32 is.
    You say that mcafee is useless but as you could noticed I don't agree.

    Eventually their aren't any good or bad AV products. All has their good and their bads except Symantec which has only their bads. It all come down on personal flavor.

    I like mcafee, others like Trend etc.
    In the end this can turn out in a useless discussion.
    Last edited by Dumber; 8th August 2008, 15:10.
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: need some anti-virus opinions

      Originally posted by Dumber View Post
      I've used Mcafee quite a lot of time and it's a very good Antivirus solution.
      However make sure you keep the AV software at least about 8.0 (patch 13) or higher.
      Combining this with ePO 3.6 or higher will give you a fantastic product.
      I haven't seen any false positives with Mcafee as look as you configure it correctly. Also I've noticed many many times that Mcafee has a faster updating meganism then for example Trend.

      I've worked with a Trend Micro gateway scanner (for HTTP/SMTP/FTP) which was configured to pull his updates every 15 minutes. In the back I used Mafee Groupshield for Exchange and when a new urgent virus was released, Mcafee was the first which catches the virus. About 3 hours later Trend took over. Mcafee was configured to update every 3 hours.

      Symantec should be removed as quickly as possible from the market. I think it's a horrible product.
      Karspersky is also a very good product. And also NOD32 is.
      You say that mcafee is useless but as you could noticed I don't agree.

      Eventually their aren't any good or bad AV products. All has their good and their bads except Symantec which has only their bads. It all come down on personal flavor.

      I like mcafee, others like Trend etc.
      In the end this can turn out in a useless discussion.

      We use 8.5 with patch 1.I can see that mcafee seems to be working for you and I'm glad to hear it but for my environment it is letting too much through.I will look into our configuration here and see if it is set too open.Thanks for your help.
      MCITP: EA

      MCITP: SA

      Comment


      • #4
        Re: need some anti-virus opinions

        Nod32 2.7 was a great product, Nod32 3.0 has been a failure.

        First on two occasions so far, one being just last week they have released bad signatures that have locked up critical servers.

        Next, the product was released in January and up until a few months ago (versions older than 3.0.657) it was not compatiable with Windows Server, it caused random lockups. The fix was never explained and it still causes Windows to throw errors in the Event Log. Microsoft and ESET have been pointing fingers at each other over this. Just imagine, you roll out Nod32 and your servers start to drop, only way to get them back online is a hard reboot.

        The product proxies all HTTP connections, naturally this can cause problems and the only way to disable it (undocumented) is to exclude everything that would use an HTTP connection.

        The products marketing focues on its strengths in detecting unknown viruses. They call this their "Advanced Hueristics" feature. Unfortunetly unless you disable this feature it will eat your CPU cycles and render your computer useless. So in a way its succesful, you can't catch a virus if you can't use your computer.

        On top of that its plauged by 100% CPU usage bugs. You don't notice this on dual core CPUs since it will only take up one but on older systems your only choice is to disable Real Time scanning.

        Finally, their tech support sucks, no explanation needed its a typical tech support center.

        Read their support forum before thinking of Nod32. http://www.wilderssecurity.com/forumdisplay.php?f=88

        McAfee I haven't dealt with since the 1990's. It was so bad back then it will be anoter decade before I give them another chance.

        Symantec as Dumber said shouldn't exist. Symantec's focus has been inflating their product portfolio instead of development advancements.

        Comment


        • #5
          Re: need some anti-virus opinions

          antivirus considerations on a forum are usually a religious holy war.

          my own fave is trend micro, not because it is so grand, but because it does what it has to and is very light on the desktops.

          SAV, McAffee, KAV - they are all too heavy, and anyhow a proper security policy will get you rid of most viruses

          1. proper stateful firewall
          2. proxy server to filter out dangerous sites
          3. email front end, to remove viruses before they enter the LAN that holds the exchange server
          4. proper GPs to prevent the users from using removable media too much, and not letting them install dangerous software
          5. get rid of IE as extensively as possible
          6. EDUCATE THE USERS on web security concepts.
          ________
          California Dispensaries
          Last edited by DYasny; 6th March 2011, 19:20.
          Real stupidity always beats Artificial Intelligence (c) Terry Pratchett

          BA (BM), RHCE, MCSE, DCSE, Linux+, Network+

          Comment


          • #6
            Re: need some anti-virus opinions

            Originally posted by Meekrobe View Post
            McAfee I haven't dealt with since the 1990's. It was so bad back then it will be anoter decade before I give them another chance.
            LOL let me guess... Mcafee 4.x?
            Yeah well, that was really terrible. I've seen quite a lot of bluescreens those days.
            From 7.0 and up they made some really major improvements, though it's quite heavy on a client. But if you have recent systems you wouldn't even notice it.
            And yes I'm sure about this. However Again, If you don't configure it right, you will have some "leaks" into it. But this is applicable for every virusscanner.

            However if you have some doubts about mcafee you'll never would like it although they are doing a great job. Choose one of the others but skip Symantec.

            Nod32 used to be quite good... Are they falling down the road?
            Marcel
            Technical Consultant
            Netherlands
            http://www.phetios.com
            http://blog.nessus.nl

            MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
            "No matter how secure, there is always the human factor."

            "Enjoy life today, tomorrow may never come."
            "If you're going through hell, keep going. ~Winston Churchill"

            Comment


            • #7
              Re: need some anti-virus opinions

              My vote is trend as well. I think the management console is nice and their support responds very quickly when needed.
              MCITP:SA, MCSA 2003, MCP, CCNA, A+, Net+, Security+

              Comment


              • #8
                Re: need some anti-virus opinions

                I have tried Symantec and McAfee and found both to be resource hungry. Also, McAfee's interface became difficult to navigate which is a big minus in my book. Symantec - eurgh - it allowed viruses into my network.

                I presently use Sophos Enterprise. The interface is intuitive, easy to setup and flexible. The only downside is that the firewall is not compatible with 2003 (which is stated at the outset). In combination with this we use MessageLabs. MessageLabs is an awesome service.

                So using MessageLabs for filtering web-bound threats (including email), and Sophos for local threats and it's heuristics for anything else, I am pretty happy.

                Edit:
                Sophos Support has so far been superlative.
                A recent poll suggests that 6 out of 7 dwarfs are not happy

                Comment


                • #9
                  Re: need some anti-virus opinions

                  Any opinions on AVG 8.0? I'm currently giving it a try (currently have very outdated Symantec). So far I find the client really bogs my computer logon time, and haven't played much with the Admin console yet. Any people with experience with this product? I'm on a small network with Win Server 2k3 and less than 50 users, some of whom are remote/roaming.

                  Comment

                  Working...
                  X