Security Basics mailing list archives
RE: Enterprise AV
From: "Gregory M. Brown" <gbrown () alvalearning com>
Date: Fri, 12 Sep 2003 10:08:36 -0600
Greetings. The AV front is very competitive indeed. On my network, I evaluated 6 different companies. Since there are so many "options", I took about a month to do my evaluating. E-mail security, ease of definition updates, competitor removal capabilities and an enterprise console were all relevant to my situation. Trend Micro has to get kudos for best attempt at my business. Cool t-shirts and an expensive lunch... Their product is extremely reliable and well respected. However, it is horrifically expensive. Norton was not so expensive, but it is not my preferred AV solution because of its history. McAffee just simply is not for me. CA won the day. It's amazingly simple. I paid $8.75/ node! This includes plug-ins for Exchange, perimeter and gateway devices (important to a MS VPN as users can configure "split-tunneling"), as well as PDA's. I got a 2 year maintenance agreement for "free"! The only drawback is support. Their call center is in India, so language is kind of an issue. Their documentation rocks- very little support has been needed so far. Not one virus/worm has made it into my network. It's funny, a Canon rep was onsite pitching me this 12 billion dollar copier, fax, tanning bed, coffee maker etc. during the height of msblaster. I asked him how his network was in the face of this worm. He said, "... we're offline from NY to LA." Makes ya wonder why I was turned down a job at Canon USA, considering security specialists there make in excess of $200,000! Don't do what Canon did. They had McAffee and it failed them. I also heard Norton could isolate the worm, but was unable to remove it. I don't work for CA, nor am I a paid endorser. I'm just a minimum wage IT director who likes spending weekends rollerblading and skiing here in Colorado, not battling stubborn worms and inefficient AV software. gb -----Original Message----- From: Tim Syratt [mailto:tims () syratt com] Sent: Thursday, September 11, 2003 3:42 PM To: jburzenski () americanhm com Cc: security-basics () securityfocus com Subject: Re: Enterprise AV Hi jason, I asked this question to a few people only recently.. An organisation I work for uses Sophos, its a great product and very reliable. (although msblaster did catch us out, but they had a virus definition 1 hr after I alerted them) The trouble with SOphos is that its VERY expensive if you want the enterprise solution which will update your virus def's for you, without having to download and roll them out. The last network I built will be going with Norton Antivirus, because I can just subscribe to the auto updates and have it update for me, for about $300.00AUD (5 users). One person I spoke to said that it activly stopped a few scripts running (IE exploits), which Sophos doesn't appear to do. HTH! Regs, Tim On Thu, 11 Sep 2003 jburzenski () americanhm com wrote:
Does anyone have any recent experience deploying one of the major AV
tools
(McAfee ePO, Symatec Enterprise Manager, SOPHOS SAV, or other?) to an enterprise? I am currently evaluating several of these products and
would
like to hear how others are managing. In particular I am concerned with, ease of deployment, usefulness of
'out of
box' reporting, multi-platform support (winA-winZ only), unexpected problems, and of course costs. Any experience or words of advice
would be
appreciated. Thanks, Jason Burzenski
------------------------------------------------------------------------ ---
Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm
------------------------------------------------------------------------ ----
------------------------------------------------------------------------ --- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- Enterprise AV jburzenski (Sep 11)
- Re: Enterprise AV Tim Syratt (Sep 11)
- Re: Enterprise AV Jimi Thompson (Sep 12)
- <Possible follow-ups>
- RE: Enterprise AV Nick Duda (Sep 11)
- RE: Enterprise AV Gregory M. Brown (Sep 12)
- Re: Enterprise AV Robert Mezzone (Sep 15)
- Re:Enterprise AV wladas.meskelis (Sep 15)
- Re: Enterprise AV Valery Baranov (Sep 15)