RE: recommendations for centrally managed corporate antivirus solution

["Murda Mcloud" <murdamcloud () bigpond com>]

NOD32 is easy to manage but can be a headache to setup initially. However,
the settings and configurations that you can roll out are quite granular;
one for laptops, one for workstations, one for production, developers etc
etc. 

They update every day which is good and also it is fast and does not have
the Godzilla type footprint that I came to associate with the big yellow
company. No 100% cpu usage and even scans run pretty fast. 
Weekly/monthly/daily scans are also highly configurable with command line
type options.

The management console is getting more and more intuitive. I'm running it on
a W2003 box. You can roll out remotely from the console which is easy. I can
get alerts and check the logs/alert screens for any missing updates or
outbreaks. Easy. I don't find myself worrying or fretting(much) now that
it's been setup.

Now, there is no firewall bundled with it which may be a drawback for you.
The only thing that is not as good as Symantec is support but having said
that, I've hardly had to contact their support since I set it up.

I am very, very glad I dumped big yellow and so are my users whose machines
have spare cycles that aren't being chewed by the AV.

Does it catch everything? I doubt it but then I haven't seen a signature
based solution that does and I imagine this may be a pipe dream.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of illuminaeti () gmail com
Sent: Friday, February 15, 2008 1:39 AM
To: security-basics () securityfocus com
Subject: recommendations for centrally managed corporate antivirus solution

Hi list


On the different networks I manage, I've been using Symantec corporate since
version 7. I've never had any major issues with it until now. 


Version 11, now called "Symantec endpoint Protection" requires IIS and
either MS SQL or the symantec embedded database. I installed a copy on a
test server and it just about crippled it. Network access from clients was
incredibly slow and processor use was hitting %100. I've heard the same
comments from a collegue who installed it on a new server at the customer's
request. The file server was virtually unusable even before the client was
installed on the workstation. Also the new GUI is just plain awful. 


 I don't have the time or resources to tweak settings to get better
performance out of the AV.  

 I've heard good things about NOD32, Sophos and Kaspersky.  I've started
looking around and of course, every website I visit tells me the software
they sell is the best in the universe. 


So, looking for real answers from real users, I thought I'd ask you all
about your experience, positive or negative, with various corporate
antivirus software.


Thanks in advance.