Announcement

Collapse
No announcement yet.

AV recommendations for 2008 & R2?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • AV recommendations for 2008 & R2?

    I know a lot of this will come down to personal preference and there may be some heated discussions involved.

    I am looking for recommendations for an AV solution to replace McAfee 8.7/ePO on some 50 servers (mainly 2008/R2) + clients The issues I have are:
    1) McAfee does not hook into Windows Security Centre so cannot report it is up to date -- hence NAP goes out the window
    2) When installed on HyperV VMs, 8.7 does not complete full scan, just hangs "running". Oddly enough 8.5 does work OK (at least on Win2003 VMs) and completes scans, but I dont know how long it will be supported for.

    Other requirements: Exchange 2007 scanning if possible, must have management console.

    Suggestions / Recommendations please, with some backup rather than "just try ..." -- I have an open mind at the moment.
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

  • #2
    Re: AV recommendations for 2008 & R2?

    Tom,

    Personally I would like to suggest to stick with McAfee.
    Have you installed the latest patch for McAfee?
    https://kc.mcafee.com/corporate/inde...ent&id=KB69105

    It's pretty easy to deploy with ePO.
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: AV recommendations for 2008 & R2?

      OK, will try Patch 4 -- currently on Patch 3
      Still looking for an alternative solution as the McAfee contract is up in January
      Last edited by Ossian; 3rd November 2010, 10:52.
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: AV recommendations for 2008 & R2?

        Personally I still like McAfee more then other products I used so far.
        It's one of the better management consoles, easy deployment and patching etc.

        Symantec, well no...
        Microsoft, Not as good as McAfee in detection however updating via WSUS is nice.
        Still though, not as nice reporting and you need a horrifying system (SQL Server) and some have servers for management and deployment

        Endpoint protection (I believe it includes AV?) according Gartner 2009

        (Source) http://resources.mcafee.com/content/EndptMQReport

        And the same image over here: http://www.sophos.com/security/topic/gartner-2009.html
        Last edited by Dumber; 3rd November 2010, 13:51.
        Marcel
        Technical Consultant
        Netherlands
        http://www.phetios.com
        http://blog.nessus.nl

        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
        "No matter how secure, there is always the human factor."

        "Enjoy life today, tomorrow may never come."
        "If you're going through hell, keep going. ~Winston Churchill"

        Comment


        • #5
          Re: AV recommendations for 2008 & R2?

          I'd recommend Trend and Sophos.

          Trend have just released Deep Security 7.5 which you might want to take a look at.

          From what i can gather its a virtual appliance that sits and scans all traffic for your VM's removing the need for AV on them directly. It also lookslike it will run and be able to be managed from the sme console for physical machines.

          I'm not sure however if it hooks into the Security Centre.

          Sohpos i used a few years ago in the NHS in Scotland and it just worked flawlessly with minimal impact on servers or clients. I haven't used it for a while though so it may not be that same.

          Comment


          • #6
            Re: AV recommendations for 2008 & R2?

            We use Sophos and it is fine. Intelligent scanning, nice central management system and easy deployment. It also claims to remove existing security software, though how effective this is I have no idea as I have never needed to use that aspect of the deployment process.
            A recent poll suggests that 6 out of 7 dwarfs are not happy

            Comment


            • #7
              Re: AV recommendations for 2008 & R2?

              I would recommend TrendMicro as AV solution. It does a decent job in AV field, less powerful than McAfee in things like endpoint protection and compliance.

              McAfee is a good solution. Have you tried their support regarding your issues? From personal experience it can be expensive to change AV provider, you have to buy instead of renew (100% vs 20% of price). But I'm sure you have a calc.exe
              Regards,
              Leonid

              MCSE 2003, MCITP EA, VCP4.

              Comment

              Working...
              X