Full Disclosure mailing list archives
Re: looking for enterprise AV solution
From: James Rankin <kz20fl () googlemail com>
Date: Wed, 27 Oct 2010 11:36:24 +0100
Ditto on the belt and braces approach. I've had a lot of good experiences with Sunbelt's Vipre product. It is extremely easy to deploy and manage in the enterprise. On 27 October 2010 11:32, Jamie Riden <jamie.riden () gmail com> wrote:
On 26 October 2010 19:26, bk <chort0 () gmail com> wrote:(resending from correct account) On Oct 26, 2010, at 6:55 AM, Mikhail A. Utin wrote:Folks, We are looking an enterprise level AV-software <snip>. Any advising?Signature-based AV is a dead technology. Updates don't get releaseduntil hours after you're already infected, so all it really ends up doing is being a resource-suck on your CPUs and hard-disk access.My recommendation: Buy whatever has the highest composite score for easeof management, limited resource consumption, and affordability.Anyone who says "get Vendor X" or "get Brand Y" without telling you whatselection criteria they used is a tool. How do you know if what is important to you was also important to them in making the selection? If you've got a decent perimeter, it should keep the threats out for some time, but I tend to agree. AV these days is starting to be more about detection than prevention - it will at least highlight that you have a problem so you can deal with it. Think of it as part of your intrusion detection if it helps. Oh, and somewhere I used to work ran two separate AV products on the mail gateway, and then a third on desktops on servers. I suspect this was more about licensing models (couldn't do per-seat for email as we had >100k email addresses) than paranoia, but it did help out considerably to have independent engines. cheers, Jamie -- Jamie Riden / jamie () honeynet org / jamie.riden () gmail com http://uk.linkedin.com/in/jamieriden _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question."
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- looking for enterprise AV solution Mikhail A. Utin (Oct 26)
- Re: looking for enterprise AV solution Jason Nada (Oct 26)
- Re: looking for enterprise AV solution opticfiber (Oct 26)
- Re: looking for enterprise AV solution R0me0 *** (Oct 26)
- Re: looking for enterprise AV solution opticfiber (Oct 26)
- Re: looking for enterprise AV solution Brian Keefer (Oct 27)
- Re: looking for enterprise AV solution Josh Browning (Oct 27)
- Re: looking for enterprise AV solution phillip () bailey st (Oct 27)
- Re: looking for enterprise AV solution Michal (Oct 27)
- <Possible follow-ups>
- Re: looking for enterprise AV solution bk (Oct 26)
- Re: looking for enterprise AV solution Jamie Riden (Oct 27)
- Re: looking for enterprise AV solution James Rankin (Oct 27)
- Re: looking for enterprise AV solution Jamie Riden (Oct 27)
- Re: looking for enterprise AV solution Elazar Broad (Oct 27)
- Re: looking for enterprise AV solution Jason Nada (Oct 26)