We use VIPRE Antivirus (Business and E-Mail) for our workstations and servers, and are up for renewal in December.

What are forumites using? (Strictly for businesses, not for personal use, please.) What are the advantages and disadvantages?

Sophos. Multi platform, central console isn't terrible.

Same.

Sophos Endpoint, Intercept-X.

Most of my clients are set up with Amavisd+Spaassassin+ClamAV running under Postfix with Postgrey on the side, pretty much the classic combo in the Unix world. Lately, I've been looking at ASSP to replace the postgrey, amavis, and spamassassin components and have an install at one client running for four months or so. ASSP is very very effective at blocking spam.

Sophos. Good for several years.

Carbon Black, SentinelOne and Windows Defender Advanced Threat Protection

Sophos shop here as well. Endpoint and intercept X. It doesn't suck terribly.

quote:

Originally posted by AUTiger89:
We use VIPRE Antivirus (Business and E-Mail) for our workstations and servers, and are up for renewal in December.

What are forumites using? (Strictly for businesses, not for personal use, please.) What are the advantages and disadvantages?

McAfee Epolicy Orchestrator (EPO) (now owned by Intel)

We've used it for 9+ years or so, easy to administer, deploy, etc. Integrates wonderfully with Active Directory. Tons of options for configuring policies/settings on the clients. Also use it for full disk encryption on every desktop/laptop. Lots of options we don't even use. Basically one server handling 12,000 nodes (6-700 of those are servers, also a server out in the DMZ handling laptops outside the network). Cons would be it's not cheap.

We don't use it for scanning email (at the server/Exchange level) - we use Proofpoint for that.

Depends on what you want and what type of organization you work for.

This is one of those instances where size matters. That and what kind of money you are willing to put into it and what type of auditing you need.

Windows Endpoint Protection doesn't 'suck' anymore and if you are a System Center Shop with an EA hard to beat on a cost front if you configure it properly.

quote:

Originally posted by SigJacket:
Sophos. Multi platform, central console isn't terrible.

Same. Isn't terrible. The full disk encryption deployment has been more trouble than I'd have preferred.

Trend Micro and Symantec.

As one of them security engineers, I like having 2 different solutions because nothing catches them all. If you start seeing alerts coming from one side, you know the other side just isn't detecting the infection yet.

If you want to go all out, check out CheckPoint's solutions.

Sorry I didn't clarify our needs.

We are a Windows shop.

We have around 10 workstations; a couple XP boxes, mostly Windows 10, but a few remaining Windows 7 boxes.

We have around 8 servers, two of which are clustered hypervisors with multiple VMs. Most of the servers are running Windows Server 2012 R2, but we have 3 still running Server 2003.

It's complicated.

First, you need to stop viruses from arriving via emails and click-through links in email. So you need a really good email spam/AV scanner. We use MessageLabs (now Symantec) for incoming mail ahead of O365 Advanced Threat Protection. We've found his very good (he said, knocking on wood). But it's expensive.

For on the workstation, we use the ever-evolving Security Essentials from MSFT. We've found it sufficiently good, and it will be getting even better in the next release of Windows (Redstone 3, scheduled for release in October).

quote:

Originally posted by AUTiger89:
Sorry I didn't clarify our needs.

We are a Windows shop.

We have around 10 workstations; a couple XP boxes, mostly Windows 10, but a few remaining Windows 7 boxes.

We have around 8 servers, two of which are clustered hypervisors with multiple VMs. Most of the servers are running Windows Server 2012 R2, but we have 3 still running Server 2003.

What is your objective (other than the obvious)?

Effectiveness? > several work well
Installation? > Roll out to clients or install on each machine
Gateway AV? > never have to touch a machine
Monitoring, updating on a console?
Cost and license maintenance? AV is not all that expensive to begin with

I've used Symantec Endpoint but it is a mess on install, maintenance, etc.
Issues I've had was client roll out problems, creating excess logs that fill up the hard drive and upgrade headaches.
When it works it works well.

I am trying out the Malwarebytes Corp version(s) now. I always liked the effectiveness of their product. The admin console needs a little work though but is getting better.

FWIW, XP machines > especially and W2003 machines need to go.

I had a client that likes to "run until the wheels fall off".
They had several XP machines and no real AV plan.
Despite several warnings ~ they got a bad mass mail virus and ended up getting on a bunch of email black lists (they had a 2003 Exchange Server).
It was expensive to clean and to migrate them off to O365 and W10 desktops but I had to say "I told you so".
No problems after the maintenance.

So it's not JUST the AV program ~ it is much more complicated (security).