Enterprise AV

bigredshark

bigredshark

bigredshark

Man of Honour
Joined
30 Jun 2005
Posts
9,515
Location
London Town!
So we're reviewing our AV solution (first time in, um, forever actually...) and I'm hopelessly out of touch with the market, so what's everyone using, what works?

We're current with Sophos and I won't touch Symantec with barge pole...obviously messagelabs for email as well...
 
We use Sophos at the moment and when I looked around a few months ago, it seemed that Sophos was still one of, if not the best around. I'm still not a fan of its interface (seems slow to me), but its doing the job quite well at the moment.

We decided to stick with Sophos for another 12 months and then do another review and see what comes up.
 
Depends on how many users your looking at covering, when you say enterprise i assume in the thousands, in this situation ive found Symantec to be at the top of the list in terms of management and the client is quite lightweight as well.

For smaller deployments products from Trend like Neatsuite have always come out on top mainly due to there ease of use, the two ive had a lot of difficulties with are Sophos and McAfee.
 
Actually the requirement is fairly odd, we are only deploying AV for the servers. (Desktop AV isn't my concern). In the region of 350 servers to protect for this environment so probably still enterprise level numbers...
 
McAfee EPO 8.5 here for desktops and servers (I'm not the admin but he likes it, and it works). Support seems decent as do bolt on packs for spyware and personal firewall etc etc
 
bigredshark said:
Actually the requirement is fairly odd, we are only deploying AV for the servers. (Desktop AV isn't my concern). In the region of 350 servers to protect for this environment so probably still enterprise level numbers...
Click to expand...

In that case i would lean towards Symantec, are the severs geographically distributed? It may come into play when placing Update/Management servers.

Regards
 
bigredshark said:
Do you know if it's changed much, I used it in a previous role about 3 years ago and it wasn't nice to manage...
Click to expand...

The last version i used was 10 i cant comment on 11 though. Deployment seemed relatively painless, there some issues based around the removal of existing antivirus software but once it was up and running it became fairly painless to look after, the client base was around the 300 mark. I think the main differences is that full support has been added for Vista/Server 2008 as well as spyware/greyware/adware integration into the client.
 
Just come from a 14k / 300+ server environment using Mcafee with EPO and let me tell you i'd rather stick needles in my eyes than use that rubbish again.

We even had Mcafee webexed into the server to sort it out. He sorted it by blowing away the 30+ distributed repositories without even asking us causing the 14k or so clients to hit the central AV server for updates.

The network chaps were obviously over the moon about that, and some of the sites on 256k connections and without their own DC's could not login for over 24 hours.....

Don't touch it.
 
From my experience.....

Mcafee: Stolly sums that up nicely.
Trend: good management tools, good install methods, low impact to systems, low number of bad patches but expensive and slow to add new viruses to pattern updates.
Symantec Quick to support new OS, lots of pattern updates, reasonable roll out method but aweful management platform that hasn't changed in ages, poor detection of malware and high system impact.
Kaspesky Good level of detection, low system impact, reasonable management, aweful roll out method and prone to bad pattern releases.

As you can see there isn't one good AV company. It isn't a bad idea to mix them. Go for one product on the desktops, laptops, servers and another one on perimeter (smtp connectors, bridgeheads, proxies etc).
 
Last place I was in used Mcafee on desktops and Trend on the servers (I think it was Trend anyway).

Current place use Mcafee all the way through, not had a problem with it personally.
 
We use Sophos, and apart from the fact savservice can be a PITA on rare occasions we'll be renewing it.

I don't mind its interface either, infact I quite like enterprise console...
 
McAfee EPO Server 4 with VirusScan 8.5i patch 6.1 on the servers and desktops. I like EPO. Its not without its quirks but it makes management a damn sight easier. I spend 5 minutes a day checking it now, thats all! :D

That said we have a total PC population of 60 or so..... ;)
 
We have Symantec here. However, to be honest i am not too impressed with it as said above it does have a high system impact plus its let a few things through of late.

I am looking to move to Sophos at the mo, How easy / hard is a network roll out on it?

Andy
 
We use Symantec Endpoint Protection - i've experienced a lot of issues with it on our site and on others, but all but one of those issues was really down to our support team not having a strong enough knowledge of the product (due to the fact that it was relatively new). However, the one time it was their screw up resulted in all of the client PCs sitting in endless reboot cycles in both normal and safemode, all because of a bad virus definition release. The fallout from that was not enjoyable. It took them 4 days to release a patch for the issue too, so we had to sit on old definitions for a while. Was worse than any major virus outbreak i've witnessed to date.

Symantec support can be hit and miss too, i've had guys that i've just hung up on as they're wasting my time, then other times i've had guys that are absolutely amazing and really know their stuff. So I guess your own personal experience of a product can severely taint your opinion on it.
 
You must log in or register to reply here.
Back
Top Bottom