Need an advice on corporate antivirus.

JBrown

Hello guys and girls,

We are currently using eTrust 8.x antivirus and not happy with it at all. It does not catch even well known trojans and worms proactively as it promises. Way too much hype about this anti virus.

What do you guys use in your current environment and what would you suggest based on your experience? I need something with a good Admin Management panel, so I can push the policies from central management and collect data on clean/deleted/ failed mallware on well over 1500 workstations.
Since we usually ghost the images and install the antivirus in the image itself the remote/ Group policy based install options are useless to me.

I also have to say that some weeks ago I tested nod32 version 3.x and liked its capabilities and Admin panel, but did not like its reporting features. It did clean 25 test workstations over 2 weeks period but when the report was ran it did not show up correctly what exactly it cleaned. Had to hunt down each machine separately to see what kind of virus/worm/trojan did it clean there.

Basic requirements are:
OS running: Windows Vista
Good proactive/ on-demand cleaning
Good central management admin panel
Good policy management / lock down options
Huge plus: reporting services that show; how many viruses cleaned/ how many workstations/ which ones / types of viruses.

dynamik

Hm, I was going to suggest ESET, but I guess that's out. Have you looked at Kaspersky at all? I like them in general, but I haven't used them in a large environment like that. Might be worth looking into though.

120nm4n

TrendMicro. It's got a great management console, it's easy to migrate your systems between two AV servers, and so far we haven't had any problems with virus detection. The built in reporting is pretty detailed, as well.

NightShade03

I like Symantec's Endpoint Protection Suite which is awesome at protection, they are always ahead of the curve, awesome management and policy console. My only complaint with them is that they use a tremendous amount of resources, so ontop of Vista it might be a heavy loadset

Bokeh

We are looking to migrate to Sunbelt Software's Vipre. Several folks here use it for personal use, and like the low overhead, etc. Good product.

brad-

Anyone use/has used MS Forefront Client Security?

dynamik

brad- wrote: »

Anyone use/has used MS Forefront Client Security?

Not personally, but I've heard really good things about it. Price seems to be the biggest complaint.

/usr

eTrust is horrid. I've had nothing but hassle out of the personal and corporate versions.

Give Kaspersky a shot, they offer a free trial for all versions. Deploy it to a few workstations and check out the capabilities. I use it here and have been incredibly pleased with it. I believe it will do everything you're asking, plus more. I have it deployed on around 40 workstations and 8 servers, including Exchange 2007.

Don't get overwhelmed by the interface at first. The Admin "books" for the product are around 300-400 pages each, if that tells you anything as far as what's available for you to work with.

I think you'll be pleased with not only the individual workstation deployments and what they are able to do, as well as the management console (deployment, reporting, etc.). It also runs on workstations using a very minimal amount of resources. In my experience, around 50 MB or less doing on access file scanning and running all other features. Obviously it would be more when you're doing a full system scan, but I've found it uses about the same, if not less, than AVG free, which doesn't even begin to measure up to Kaspersky's features.

Hope this helps.

cjthedj45

NightShade03 wrote: »

I like Symantec's Endpoint Protection Suite which is awesome at protection, they are always ahead of the curve, awesome management and policy console. My only complaint with them is that they use a tremendous amount of resources, so ontop of Vista it might be a heavy loadset

I would agree with the above. We have just rolled out Symantec endpoint and so far seems very good nice management console easy to roll out and manage. I have found this much better than the Mcafee we were using.

aordal

Kaspersky Enterprise ROCKS! I just finished rolling it out to about 1600 clients about 1 month ago. We were running Trend Micro prior to the rollout (not a big fan). Was really impressed with the Admin consolse for KAS as well as the ability to remotely deploy. Check it out..

Lamini

I been using Endpoint for couple years on standalones, beats Antivirus. it has server / client versions. has real time scanning, self updates, notifications on network intrusions, etc

HBSS was chosen by DoD and is being enforced but i believe that its DoD only. i have all the downloads and its full blown all in one AV/hips/nips/reporting system.

crrussell3

brad- wrote: »

Anyone use/has used MS Forefront Client Security?

I work as a contract employee for a City Government and we use MS Forefront. Have nothing bad to say about it except that it didn't catch a computer that got infected with Personal AV (pav.exe) with up to date defenitions.

Otherwise we script the install after we drop an image via altiris. Easy to manage, etc.

JBrown

As I see there is no real corp anti-virus that would satisfy all. I just finished installing Avira's AntiVir Pro 9 and SMC ( Avira Security Management Console) and will be testing it over next couple of weeks.

Next one on the is TrendMicro and Kaspersky. I use to hear a lot of horrible stories about Kaspersky being resource hog, any idea if that is true for the corporate version too ?


PS: I am choosing corp anti-virus based on av-comparatives.org, any idea how trustworthy they are ?

dynamik

AV Comparatives is awesome

RTmarc

dynamik wrote: »

AV Comparatives is awesome

+1

ESET didn't have the strongest reporting functionality in the world - especially in the custom reporting category - but the fact that I didn't have to doubt whether or not my machines were safe with it made up for that.

Plus, I pushed out a policy that had an automated email message fired off to the helpdesk system each time a machine encountered malware which added to the reporting environment. Even though I didn't get it with ESET's reporting engine, I could get it with the helpdesk reporting engine.

Just something to think about. There are ways to reach the level of reporting you are after.

NinjaBoy

We use Panda for our organisation, we were impressed with it so much that we were contracted to install/deploy it in two other organisations. It doesn't slow down the client machines like alot of other solutions. Plus the price was right.

We have also used AVG Enterprise, while the admin console & client part was very nice, upgrading between major versions was a pain (eg 7 to 8 ).

Sophos, we used it a few years ago, and found that while the admin console was ok, the clients if they weren't dual core struggled and alot of people complained. Don't know if they have improved.

Wanted to go with McAfee, as that was what we were using at my last place, but the cost was 3x the cost of Panda.

-Ken

JBrown

I almost finished testing the Avira's Antivir Pro 9 and looks like we have a kind of a winner.
I really liked nod32's layered policy feature but I have to say that Antivir's configs are not that bad either. I setup "Simple scan" and "Crazy scan" configs and can switch at any moment depending on the Security environment.
Now i have to wait what other departments have to say.