Security Basics mailing list archives
RE: CA eTrust AV
From: SMiller () unimin com
Date: Tue, 9 Nov 2004 15:44:18 -0500
We all wish that malware names were consistent. But if you are switching vendors on the premise that everyone except CA is using the same naming convention, you are mistaken. See the Tower of Babel section on the 10/31 SANS ISC page: http://isc.sans.org/diary.php?date=2004-10-31 Note that there is no greater resemblance between the Trend and Symantec nomenclature than any other two of the five listed vendors chosen at random. Regarding effectiveness, I believe that there is little to consistently distinguish the principal vendors there, either. When av-test.org was keeping their server and client test suites up to date, they typically had the CA at or near the top for detection, but there was not a tremendous amount of variation. Their basic maintenance plan tech support does suck road-kill through bar-straws, but that is a broad spectrum IT vendor issue, not something that is confined to CA. I do frequently hear criticisms of Symantec for being late on detecting a new virus or worm, but I regard that as rumor. I am currently using eTrust for desktops and GP servers, Trend Scanmail on the mail server. There is also a smattering of Symantec through the organization. Since we put Postini Perimeter Manager outside our SMTP address 2 months ago, Scanmail has not found a single infected message, so we will probably not renew it (it *did* do a very good job while it was needed). I will probably stick with the CA AV product for servers and clients if only because of our investment in configuring and supporting it. Speaking of that investment and the consequential vendor "lock-in", are you sure you want to increase that inertia by buying a package that integrates spyware detection? For my money, that process is where virus remediation was 7 or 8 years ago, with lots of changes and shake-outs to come. I plan to keep those products separate for now. My advice is to select an established vendor on the basis of quality of support, ease of administration, or TCO, not some ephemeral attribute such as names. YMMV. Scott A. Miller Manager of Information Systems Support Unimin Corporation Unimin CANADA Ltd/Ltee "Ryan Behan" <RBehan@csmcorp.c om> To "Dan Tesch" 11/09/2004 09:05 <dan.tesch () comcast net>, "Security AM Basics" <security-basics@lists.securityfocu s.com> cc Fax to Subject RE: CA eTrust AV We have 200 PCs, 30 Servers, 1 Distribution server. We are switching to Symantec, we have been dissatisfied with CA's AV product. I've seen web scans from Trendmicro and trial versions of AVG and Symantec pick up viruses that CA either didn't deem a virus or just wasn't clever enough to discover it. CA is affordable though, and it does stop viruses, but Symantec is now offering Spyware detection which is a considerable threat/nuisance to us. If you have a small business I would request a Webex with them(CA) and see how you feel about it. It's not a terrible product but I don't completely Etrust it. The biggest gripe I have with CA is it's nomeclature for threats, it's never anything like Trend or Symantec, which leaves us baffled when we're trying to investigate a possible infection. Ryan -----Original Message----- From: Dan Tesch [mailto:dan.tesch () comcast net] Sent: Monday, November 08, 2004 4:36 PM To: Security Basics Subject: Re: CA eTrust AV Yes, I use it. I have previously used the Symantec Corporate product which I liked and found pretty easy and intuitive to use. I would agree that the support is dreadful, I also use CA BrightStor and that support leaves something to be desired also. The eTrust took a long time to get completely set up on a network of 1 distribution server, 10 servers and about 30 desktops - I'd estimate about 50 - 60 hours to get it where I was really happy with it. I can say now that it is working pretty much OK but I have a new machine I just added to the network running XPSP2 and I can't get the remote install to work and I suspect the SP2 - anyone have a fix for that?
Do any of you use CA eTrust Antivirus 7 or 7.1 ? We have 4000 users. Product seems effective but CA support is
dreadful.
Cannot get simplest of answers. I have a senior engineer teaching their Helpdesk about the product. Anybody have good or bad experience of this product ? Thanks in advance.
This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal.
Current thread:
- RE: CA eTrust AV justin . schlegel (Nov 08)
- <Possible follow-ups>
- RE: CA eTrust AV Kathmann, Nicholas (Nov 08)
- Re: CA eTrust AV Nicholas Diotte (Nov 08)
- RE: CA eTrust AV Horn Michael (Nov 09)
- RE: CA eTrust AV Lett, Craig (Nov 09)
- Re: CA eTrust AV Robert Mezzone (Nov 09)
- Re: CA eTrust AV Robert Mezzone (Nov 09)
- RE: CA eTrust AV Ryan Behan (Nov 09)
- Re: CA eTrust AV Dan Tesch (Nov 09)
- RE: CA eTrust AV SMiller (Nov 09)
- RE: CA eTrust AV Kris Wingard (Nov 09)