Re: recommendations for centrally managed corporate antivirus solution

["Jason P. Rusch" <saltynetguru () infosec-rusch com>]

I can confirm that EPO 3.6 works well, the learning curve is wide if yuo
want to get into to alot of details, but if you dig deep you can do alot
with it. Be careful to learn it or it can really cause you nightmares.
As far as EPO 4.0  . . STAY AWAY FROM MCAFEE EPO 4.0, DO NOT USE EPO
4.0. Just a big recommendation, if you do not believe me google research
on it, bloated, slow and the GUI is a mess. I tested EPO 4.0 on a lab
network and quickly decided a BIG NO to it. 

Just wanted to warn fellow EPO admins, DO NOT UPGRADE, stay on 3.6

My suggestions; 
Mcafee EPO 3.6
Trend Micro
Symantec 10 (not 11)

Or just don't use Windows, thats what I do personally =)



On Thu, 2008-02-14 at 14:47 -0500, Patrick Hendrick wrote:
> We use McAfee ePolicy Orchestrator to manage about 1500 devices at both 
> the server level and the workstation level. It takes some getting used 
> to but once it's configured management is very quick and easy and 
> reporting is the same. I'm still on version 3.6.1 and haven't jumped to 
> the latest so I can not speak to that. I personally find it annoying 
> that AV vendors want to give you the world wrapped up in one product 
> instead of sticking to what you are looking for... anti-virus.
>
> If you have any questions about this product I'd be happy to try to help 
> answer them.
>
> illuminaeti () gmail com wrote:
> > Hi list
> >
> >
> > On the different networks I manage, I've been using Symantec corporate since version 7. I've never had any major 
> > issues with it until now. 
> >
> >
> > Version 11, now called "Symantec endpoint Protection" requires IIS and either MS SQL or the symantec embedded 
> > database. I installed a copy on a test server and it just about crippled it. Network access from clients was 
> > incredibly slow and processor use was hitting %100. I've heard the same comments from a collegue who installed it 
> > on a new server at the customer's request. The file server was virtually unusable even before the client was 
> > installed on the workstation. Also the new GUI is just plain awful. 
> >
> >
> >  I don't have the time or resources to tweak settings to get better performance out of the AV.  
> >
> >  I've heard good things about NOD32, Sophos and Kaspersky.  I've started looking around and of course, every 
> > website I visit tells me the software they sell is the best in the universe. 
> >
> >
> > So, looking for real answers from real users, I thought I'd ask you all about your experience, positive or 
> > negative, with various corporate antivirus software.
> >
> >
> > Thanks in advance.
-- 


---
Sincerely 

Jason P. Rusch, CISSP, CISM, CISA
Certified Information Security Consultant
Wesley Chapel, FL 33543 
saltynetguru () infosec-rusch com 
www.infosec-rusch.com

"There is no patch for stupidity"

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of, or
taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you
received this in error, please contact the sender and delete the
material from any computer.

Attachment: smime.p7s
Description: