Alternatives to Mcafee via EPO?

Raumarik · 16 Apr 2010 at 21:37

Guys,

Work use Mcafee via EPO, now I hate to say it but it's bloomin awful and drags my clients to a halt with it's resource hogging. Does anything use an alternative? It'd have to be centrally manageable obviously.

Hopefully to convince my boss to look at another solution, although I doubt he'll go for it as from what I've heard our licenses have been bought. They use it elsewhere in the organisation already so we were told to stick to it

Nikumba · 16 Apr 2010 at 22:07

We use EPO and McAfee at work and we do not have any problem with it slowing our kit down and most of it is deployed on 1Ghz celeron with 512Mb ram running POS software.

When they slow down is it the same time of the day? Is it only a select few machines?

I would look at the policies being applied by the EPO server for when update and scans are running.

Other than Symantec/Norton I do not believe there is another decent centrally managed AV solution.

Also what version of EPO and McAfee are you using? As 8.0 of the client has reached EOL and is no longer getting updates as of 31st March 2010

Kimbie

Ev0 · 16 Apr 2010 at 22:38

Most of the credible av solutions can be centrally managed.

Sophos comes highly recommended.

Trojan · 16 Apr 2010 at 22:58

I assume the slowing to a halt occurs only when VirusScan Enterprise is running?

ruffneck · 19 Apr 2010 at 19:07

No problems with using McAfee with EPO here either, infact its one of the better AV solutions I've used.

Little_Crow · 20 Apr 2010 at 10:29

Nikumba said:
Also what version of EPO and McAfee are you using? As 8.0 of the client has reached EOL and is no longer getting updates as of 31st March 2010

Kimbie

^This^
Got stung with the EOL on some 8.0 clients and our Netware estate too.

What version of EPO are you running? there are plenty of updates for epo server, mcafee and the epo agent you may just have hit a bug.

anything I don't mind · 20 Apr 2010 at 11:28

i find mcafee to be some what useless and the mcafee processes do take up a lot of ram.

I have not found a solution to replace it. How many times i have seen virus infections and mcafee didn't even detect it...

Best way would be to prevent local admin rights on the clients and then have an list of allowed .exe that can run on the clients. This is difficult to manage though.

The main security hole is email as these days you can inject code into pdf and word documents that won't be detected by virus scanners working of definitions. A strict email policy and someone intelligent actually releasing the blocked emails is best. Also keep the browsers up to date, which is difficult in some environments because some apps don't work with latest browsers.

i worked for a few places that disabled active x and flash in the browser completely and only enabled it by request and then disabled it again.