AV product - servers, vm's ect

LizardKing · 2 Mar 2016 at 11:29

Just wondering what people use these days, currently we have sophos and its up for renewal soon.

Traditional we just use the endpoint protection all round but now it seems to be the trend to have an appliance to offload the processing to leaving an agent less deployment.

Were only a small outfit with plenty of VM's but only the basic Vsphere essentials deployed and a few free esxi servers scattered round so don't feel we could really make use of vshield ect.

LizardKing · 2 Mar 2016 at 11:35

100 desktops 50 servers (Dev outfit)

LizardKing · 3 Mar 2016 at 10:41

rotor said:
Pretty much everything I've ever heard about the ESXi integrated AV solutions is that they are TERRIBLE with a capital T. 100 desktops and 50 servers is not inconsequential. I'd get SEP, depending on what price you can get. An outbreak of something like ransomware would absolutely cripple the business, so it's worth investing a little bit.

Oh there's no question it wont be renewed

or at least with something of equivalent standing!

kitkat9933 said:
I actually work for a cyber security software distributor and what we sella lot of is Webroot for standard enterprise companies. We do have a premium end endpoint protection level product called confer that is truly high end but comes with the premium price as well. Both work on a very lightweight sensor on the endpoint itself with a cloud management console.

If you are interested in either feel free to pm me and I will be able to assist. Perhaps even give a good level of discount

Both are vastly superior to your traditional endpoint products like Sophos which rely on archaic signature based detection, which are pathetically ineffective against modern APTs which are oftern specifically targeted and hence unclassified and/or polymorphic. Both utilise both signature and behaviour based detection methods, among other capacbilities.

Just looking at Webroot now, looks very interesting, just a shame you can only take the reviews with a pinch of salt as they all seem to have an agenda to push.
How does its pricing work? ie does in differentiate between desktop / server OS? I might take you up on that offer if it comes in similar to sophos (~£16 per endpoint currently)

cheers!

LizardKing · 4 Mar 2016 at 13:50

Now got Webroot running a trial on a few machines,
Looks good and easy enough to get up and running, it makes Sophos look like the Michelin man and Sophos isnt exactly bloaty when up and running.
So far so good but with all things AV proof is in it actually stopping something!
That may be a while, I can probably count on 1 hand the amount of actual legit mal/virus that got flagged by Sophos by our endpoints. (thanks to the Proxy/Email gateways)