Re: Enterprise AV

[Valery Baranov <val.baranov () revlon com>]

In-Reply-To: <CC26322EC1A3BA418C6C4C02F1D1DF084BA2 () leia hoth alvalearning com>

Greetings,
I see nodoby mention a Kasperski AV. It's a really good AV product with a good anti-trojan performance for both Windows 
and Linux. Look at "http://www.kasperskylabs.com"; for further details. AVP/KAV is a winners of almost all of virus 
recognition tests (along with DrWeb).
This product exists for Windows (all versions), Linux Mail and File servers, *nix Mail Servers, Novell NetWare, Lotus 
Notes/Domino, MS Exchange, Anti-Spam, PDAs, *nix, etc. (daily updates). Kaspersky also has daemon-mode scanner which is 
efficient. I've used this product in a production environment and would recommend this one for implementation.


Regards,
        Val

A NOTE: I don't work for Kasperski Lab, nor am I a paid endorser.


> From: "Gregory M. Brown" <gbrown () alvalearning com>
> To: <security-basics () securityfocus com>
>
> Greetings.
> The AV front is very competitive indeed.  On my network, I evaluated 6
> different companies.  Since there are so many "options", I took about a
> month to do my evaluating.  E-mail security, ease of definition updates,
> competitor removal capabilities and an enterprise console were all
> relevant to my situation.  Trend Micro has to get kudos for best attempt
> at my business.  Cool t-shirts and an expensive lunch...  Their product
> is extremely reliable and well respected.  However, it is horrifically
> expensive.  Norton was not so expensive, but it is not my preferred AV
> solution because of its history.  McAffee just simply is not for me.
> CA won the day.  It's amazingly simple.  I paid $8.75/ node!  This
> includes plug-ins for Exchange, perimeter and gateway devices (important
> to a MS VPN as users can configure "split-tunneling"), as well as PDA's.
> I got a 2 year maintenance agreement for "free"!  The only drawback is
> support.  Their call center is in India, so language is kind of an
> issue.  Their documentation rocks- very little support has been needed
> so far.  Not one virus/worm has made it into my network.  It's funny, a
> Canon rep was onsite pitching me this 12 billion dollar copier, fax,
> tanning bed, coffee maker etc. during the height of msblaster.  I asked
> him how his network was in the face of this worm.  He said, "... we're
> offline from NY to LA."  Makes ya wonder why I was turned down a job at
> Canon USA, considering security specialists there make in excess of
> $200,000!  Don't do what Canon did.  They had McAffee and it failed
> them.  I also heard Norton could isolate the worm, but was unable to
> remove it.  I don't work for CA, nor am I a paid endorser.  I'm just a
> minimum wage IT director who likes spending weekends rollerblading and
> skiing here in Colorado, not battling stubborn worms and inefficient AV
> software.
> gb
>
>
> -----Original Message-----
> From: Tim Syratt [mailto:tims () syratt com]=20
> Sent: Thursday, September 11, 2003 3:42 PM
> To: jburzenski () americanhm com
> Cc: security-basics () securityfocus com
> Subject: Re: Enterprise AV
>
> Hi jason,
>
> I asked this question to a few people only recently..
>
> An organisation I work for uses Sophos, its a great product and very
> reliable. (although msblaster did catch us out, but they had a virus
> definition 1 hr after I alerted them)
>
> The trouble with SOphos is that its VERY expensive if you want the
> enterprise solution which will update your virus def's for you, without
> having to download and roll them out.
>
> The last network I built will be going with Norton Antivirus, because I
> can just subscribe to the auto updates and have it update for me, for
> about $300.00AUD (5 users).  One person I spoke to said that it activly
> stopped a few scripts running (IE exploits), which Sophos doesn't appear
> to do.
>
> HTH!
>
> Regs,
> Tim
>
> On Thu, 11 Sep 2003 jburzenski () americanhm com wrote:
>
> > Does anyone have any recent experience deploying one of the major AV
> tools
> > (McAfee ePO, Symatec Enterprise Manager, SOPHOS SAV, or other?) to an
> > enterprise?  I am currently evaluating several of these products and
> would
> > like to hear how others are managing.
> >
> > In particular I am concerned with, ease of deployment, usefulness of
> 'out of
> > box' reporting, multi-platform support (winA-winZ only), unexpected
> > problems, and of course costs.  Any experience or words of advice
> would be
> > appreciated.
> >
> > Thanks,
> >
> > Jason Burzenski
> ------------------------------------------------------------------------
> ---
> > Captus Networks
> > Are you prepared for the next Sobig & Blaster?
> >  - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
> >  - Precisely Define and Implement Network Security
> >  - Automatically Control P2P, IM and Spam Traffic
> > FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
> > http://www.captusnetworks.com/ads/42.htm
> ------------------------------------------------------------------------
> ----
> >
>
>
> ------------------------------------------------------------------------
> ---
> Captus Networks=20
> Are you prepared for the next Sobig & Blaster?=20
> - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans=20
> - Precisely Define and Implement Network Security=20
> - Automatically Control P2P, IM and Spam Traffic=20
> FIND OUT NOW -  FREE Vulnerability Assessment Toolkit=20
> http://www.captusnetworks.com/ads/42.htm
> ------------------------------------------------------------------------
> ----
>
>
> ---------------------------------------------------------------------------
> Captus Networks 
> Are you prepared for the next Sobig & Blaster? 
> - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
> - Precisely Define and Implement Network Security 
> - Automatically Control P2P, IM and Spam Traffic 
> FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
> http://www.captusnetworks.com/ads/42.htm
> ----------------------------------------------------------------------------

---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------