Welcome to Sign in | Join | Help
in
Home Blog Forums
» Community Zone » Chat » Antivirus choices

Antivirus choices

Last post 07-10-2007, 5:45 PM by ye110wbeard. 9 replies.

Sort Posts: Previous Next

  •  06-24-2007, 11:05 PM 924

    Antivirus choices

    Here's something for the blogsite.  I'm a bit curious what everybody else out there is using for Antivirus.   There are always the Big Players (Symantec, CA, Network Associates, Trend) and a few of the other ones (Kaspersky, AVG, Panda, Avast), and one or two others you wouldn't give to your worst enemy (AntiVir)
     
    I've always been a big Network Associates fan myself, but after a problem encountered on Friday where a low level virus slipped in and ran from excluded folders I need to re-evaluate Antivirus choice.  It's not that my particular choice couldn't catch it.  It's that the excluded folders needed for better performance produced a hole.
     
    Network Associates can always always stop bullets.   (and actually still does, it turned out the Jun 21st update could see the pest and kill it but the exclusoins hampered its efforts.   The virus was hiding and running from within inside normally needed excluded folders like EXCHSRVR and MAILROOT.  
     
    But it seems to want exclusions.   (They all do obviously) to either enhance performance (It takes too long open my file... waaaaa) or to avoid problems (Exchange complaining about missing files that were viruses caught by the file scanner).  I am curious as to what everybody else has chosen and why.
     
    My key questions are.
     
    How well does it perform and allow databases to perform WITHOUT exclusions.
     
    Has anybody taken it to the test (IE:  Combined with Windows Defender what sites can you go to intentionally and how well did it protect the PC)
     
    What were the costs involved.
     
    Can it do hourly updates and run off an internal copy of the manufacturers database (Do the updates once and allow the environment to pull from there or push to IT)
     
    How "manageable" do you find the central console.
     
    Antispam?
     
    Can you manually update it (IE: walk onsite with the update files on a memory key and directly copy them to the appropriate folder) - Especially handy if the internet is down as a result of said pest.
     
    Can you specify certain processes as viruses (even if they aren't)
     
    What is the automation like?   The better ones I find will allow to the specify an "assumed" answer to a cleaning/quarantine question.   The lesser ones keep asking you stupid questions (Should I clean this? - No save it for a special occasion!)
     
     
    Well all else fails, make an offering to the computer gods. Preferably in small unmarked bills.

  •  06-28-2007, 11:00 AM 956 in reply to 924

    Re: Antivirus choices

    Our company uses McAfee which is slow, a resource hog, and the updates always arrive too late.

    The purchase decision was made by our managing(?) partner who knows nothing about IT, except how to open viruses that have not yet been included in an update (3 days later usually - UK timeline). I did supply him with a list of alternatives but he wanted McAfee because he had heard of them, always a sound buying strategy - NOT.

    Many people recommend Kaspersky, check the VB100 site for more info on anti-virus solutions.

  •  06-28-2007, 11:25 AM 958 in reply to 956

    Re: Antivirus choices

    We use McAfee as well.  I have found them better than the Symantec corporate but haven't tried the corporate versions of the other less well known vendors. I hear Trend is good but from past experience I'm not a fan of Sophos.  I think at the end of the day all of them have the quirks.  I know the McAfee versions quite well so am pretty happy with it to some level at least
    cheers
    Andy

  •  06-28-2007, 12:28 PM 959 in reply to 958

    Re: Antivirus choices

    We Use Trend Micro, it's ok, I'll be honest I never really tried to work out how good it is :) I let one of the other guys worry bout AV.

     Andy its funny you mention Sophos (and the fact you dont like it) because a few years ago, I used it religiously at one place, I love it..... I havent used it recently, but I used to think it was the best AV by FAR ! - so thats kinda odd Indifferent

  •  06-28-2007, 3:40 PM 961 in reply to 924

    Re: Antivirus choices

    I did hear this afternoon that Sophos could be in trouble as a vendor, but I'm not sure of the rumours validity. If it is true then obviously don't look at them as a supplier.

  •  07-01-2007, 11:24 PM 973 in reply to 961

    Re: Antivirus choices

    Interesting you mentioned that about MCafee (hog).  I noticed on the site there are two "Corporate Versions".   A newer one geared towards Small Business where the email scanning is offlloaded (like Frontbridge) via changing the SMTP connector.   The virus Scanner they provide on that version is a twin to the stuff you buy in the stores.  

    IMHO, absolute GARBAGE.

    The real Corporate stuff from Network Associates (Mcafee) goes by the name of "Active Virus Defense" and used to be known as "Total Virus Defense".   I found 8.5 nowhere near the resource hog 8.0 was.   But a recent virus outbreak involving a low level w32/rahack virus has made me re-examine options.

    It was a perfect example of how the ones that get you now are not the "Blasters", it's the ones that "slip in the back door".   This was (For anybody using Radmin, drop it now as a result of this) a Radmin hacking virus.   It's hack a very popular Remote access program from Famatech.com called Remote Administrator.

    I would suspect the next variant on something like this will be one hacking VNC connection points in the same manner.

    Neat and scary eh?

     

    Well all else fails, make an offering to the computer gods. Preferably in small unmarked bills.

  •  07-02-2007, 3:06 AM 975 in reply to 973

    Re: Antivirus choices

    I was at one of McAfee's buildings in the UK last year and one of the viruses they are waiting for hops PCs attached to open wireless points as there are so many about unprotected.  It would be great in the city...
    cheers
    Andy

  •  07-09-2007, 4:27 AM 1016 in reply to 924

    Re: Antivirus choices

    Another issue I have had with McAfee recently (fixed last week) is that Groupshield had reduced our Exchange servers to nothing more than expensive ovens! This would appear to be due to the amount of RPC calls it makes.

    Users were continually complaining of pop-up warnings from Outlook and having problems with any mail related task. Now I have uninstalled it the users are smiling and happy! Fortunately we have an e-mail scanning system in place which also scans e-mail for viruses etc.

  •  07-10-2007, 3:23 AM 1022 in reply to 1016

    Re: Antivirus choices

    We had problems with Groupshield on a box with the anti spam plugin.  Resoruces just built to 100% in use then it fell over.

    I can imagine each vendor has its own problems tho so I still feel happy to stay with them.
     

    cheers
    Andy

  •  07-10-2007, 5:45 PM 1024 in reply to 1022

    Re: Antivirus choices

    I found the issues I had the most were simply along the longs of the pushed Antivirus had the Mailscanning component included and enabled in OUtlook (which is a little overredunant in Exchange).

     Later versions of Groupshield 6 were solid.  I found the odd performance hit in earlier versions and the initial connection to Exchange 2000 (And of course as service packs came out).   You tend to run into that with all the good (and bad) antivirus anyhow.   Norton Corporate support panicked when we installed a version designed for Exchange 2000 on Exchange 2003.

     

    Well all else fails, make an offering to the computer gods. Preferably in small unmarked bills.
View as RSS news feed in XML


All postings are provided "AS IS" with no warranties, and confer no rights.
Microsoft product screen shot(s) reprinted with permission from Microsoft Corporation.
Copyright TheLazyAdmin Inc. All Rights Reserved 2004-2008