SIGforum.com    Main Page  Hop To Forum Categories  The Lounge    Corporate Anti-Virus
Go
New
Find
Notify
Tools
Reply
  
Corporate Anti-Virus Login/Join 
I have lived the
greatest adventure
Picture of AUTiger89
posted
We use VIPRE Antivirus (Business and E-Mail) for our workstations and servers, and are up for renewal in December.

What are forumites using? (Strictly for businesses, not for personal use, please.) What are the advantages and disadvantages?




Phone's ringing, Dude.
 
Posts: 6203 | Location: Upstate SC | Registered: April 06, 2011Reply With QuoteReport This Post
Member
posted Hide Post
Sophos. Multi platform, central console isn't terrible.


--
I always prefer reality when I can figure out what it is.

JALLEN 10/18/18
https://sigforum.com/eve/forum...610094844#7610094844
 
Posts: 2427 | Location: Roswell, GA | Registered: March 10, 2009Reply With QuoteReport This Post
A Grateful American
Picture of sigmonkey
posted Hide Post
Same.

Sophos Endpoint, Intercept-X.




"the meaning of life, is to give life meaning" Ani Yehudi אני יהודי Le'olam lo shuv לעולם לא שוב!
 
Posts: 44717 | Location: ...... I am thrice divorced, and I live in a van DOWN BY THE RIVER!!! (in Arkansas) | Registered: December 20, 2008Reply With QuoteReport This Post
Optimistic Cynic
Picture of architect
posted Hide Post
Most of my clients are set up with Amavisd+Spaassassin+ClamAV running under Postfix with Postgrey on the side, pretty much the classic combo in the Unix world. Lately, I've been looking at ASSP to replace the postgrey, amavis, and spamassassin components and have an install at one client running for four months or so. ASSP is very very effective at blocking spam.
 
Posts: 6943 | Location: NoVA | Registered: July 22, 2009Reply With QuoteReport This Post
Member
posted Hide Post
Sophos. Good for several years.
 
Posts: 2384 | Registered: October 24, 2007Reply With QuoteReport This Post
Member
posted Hide Post
Carbon Black, SentinelOne and Windows Defender Advanced Threat Protection
 
Posts: 1188 | Registered: January 04, 2009Reply With QuoteReport This Post
Member
Picture of pbramlett
posted Hide Post
Sophos shop here as well. Endpoint and intercept X. It doesn't suck terribly.




Regards,

P.
 
Posts: 1291 | Location: Alabama | Registered: May 20, 2003Reply With QuoteReport This Post
Republican in training
Picture of DonDraper
posted Hide Post
quote:
Originally posted by AUTiger89:
We use VIPRE Antivirus (Business and E-Mail) for our workstations and servers, and are up for renewal in December.

What are forumites using? (Strictly for businesses, not for personal use, please.) What are the advantages and disadvantages?


McAfee Epolicy Orchestrator (EPO) (now owned by Intel)

We've used it for 9+ years or so, easy to administer, deploy, etc. Integrates wonderfully with Active Directory. Tons of options for configuring policies/settings on the clients. Also use it for full disk encryption on every desktop/laptop. Lots of options we don't even use. Basically one server handling 12,000 nodes (6-700 of those are servers, also a server out in the DMZ handling laptops outside the network). Cons would be it's not cheap.

We don't use it for scanning email (at the server/Exchange level) - we use Proofpoint for that.


--------------------
I like Sigs and HK's, and maybe Glocks
 
Posts: 2289 | Location: SC | Registered: March 16, 2011Reply With QuoteReport This Post
Member
Picture of logrusmaster
posted Hide Post
Depends on what you want and what type of organization you work for.

This is one of those instances where size matters. That and what kind of money you are willing to put into it and what type of auditing you need.

Windows Endpoint Protection doesn't 'suck' anymore and if you are a System Center Shop with an EA hard to beat on a cost front if you configure it properly.


-------------------------
If not me then who? If not now then when?
 
Posts: 618 | Location: Earth | Registered: August 15, 2005Reply With QuoteReport This Post
Seeker of Clarity
Picture of r0gue
posted Hide Post
quote:
Originally posted by SigJacket:
Sophos. Multi platform, central console isn't terrible.


Same. Isn't terrible. The full disk encryption deployment has been more trouble than I'd have preferred.




 
Posts: 11474 | Registered: August 02, 2004Reply With QuoteReport This Post
Member
Picture of K0ZZZ
posted Hide Post
Trend Micro and Symantec.

As one of them security engineers, I like having 2 different solutions because nothing catches them all. If you start seeing alerts coming from one side, you know the other side just isn't detecting the infection yet.

If you want to go all out, check out CheckPoint's solutions.


... Chad



http://shotworkspro.com - Much better than scrap paper!
 
Posts: 786 | Location: Colorado Springs, CO | Registered: December 14, 2009Reply With QuoteReport This Post
I have lived the
greatest adventure
Picture of AUTiger89
posted Hide Post
Sorry I didn't clarify our needs.

We are a Windows shop.

We have around 10 workstations; a couple XP boxes, mostly Windows 10, but a few remaining Windows 7 boxes.

We have around 8 servers, two of which are clustered hypervisors with multiple VMs. Most of the servers are running Windows Server 2012 R2, but we have 3 still running Server 2003.




Phone's ringing, Dude.
 
Posts: 6203 | Location: Upstate SC | Registered: April 06, 2011Reply With QuoteReport This Post
Member
Picture of PeterGV
posted Hide Post
It's complicated.

First, you need to stop viruses from arriving via emails and click-through links in email. So you need a really good email spam/AV scanner. We use MessageLabs (now Symantec) for incoming mail ahead of O365 Advanced Threat Protection. We've found his very good (he said, knocking on wood). But it's expensive.

For on the workstation, we use the ever-evolving Security Essentials from MSFT. We've found it sufficiently good, and it will be getting even better in the next release of Windows (Redstone 3, scheduled for release in October).
 
Posts: 1318 | Location: New Hampshire | Registered: April 24, 2012Reply With QuoteReport This Post
quarter MOA visionary
Picture of smschulz
posted Hide Post
quote:
Originally posted by AUTiger89:
Sorry I didn't clarify our needs.

We are a Windows shop.

We have around 10 workstations; a couple XP boxes, mostly Windows 10, but a few remaining Windows 7 boxes.

We have around 8 servers, two of which are clustered hypervisors with multiple VMs. Most of the servers are running Windows Server 2012 R2, but we have 3 still running Server 2003.



What is your objective (other than the obvious)?

Effectiveness? > several work well
Installation? > Roll out to clients or install on each machine
Gateway AV? > never have to touch a machine
Monitoring, updating on a console?
Cost and license maintenance? AV is not all that expensive to begin with

I've used Symantec Endpoint but it is a mess on install, maintenance, etc.
Issues I've had was client roll out problems, creating excess logs that fill up the hard drive and upgrade headaches.
When it works it works well.

I am trying out the Malwarebytes Corp version(s) now. I always liked the effectiveness of their product. The admin console needs a little work though but is getting better.

FWIW, XP machines > especially and W2003 machines need to go.

I had a client that likes to "run until the wheels fall off".
They had several XP machines and no real AV plan.
Despite several warnings ~ they got a bad mass mail virus and ended up getting on a bunch of email black lists (they had a 2003 Exchange Server).
It was expensive to clean and to migrate them off to O365 and W10 desktops but I had to say "I told you so".
No problems after the maintenance.

So it's not JUST the AV program ~ it is much more complicated (security).
 
Posts: 23418 | Location: Houston, TX | Registered: June 11, 2006Reply With QuoteReport This Post
  Powered by Social Strata  
 

SIGforum.com    Main Page  Hop To Forum Categories  The Lounge    Corporate Anti-Virus

© SIGforum 2024