I Need New Business A/V

[lxskllr]

I'm in a small business, and I've been tasked with choosing a new A/V suite. We've almost downsized out of existence, so needless to say, money is a major object. Our license for AVG will expire in about 1 month, and I'm reluctant to pay(or recommend others pay) for their lackluster product. We can renew the subscription with them for about $500, or pick something else.

My first choices are Antivir, NOD32, and somewhat reluctantly Norton :^D. We need to protect 10 users, and a server that services 10 users. I need some input as to what the best route might be. As we all know, business security is priceless, but unfortunately money's been a big issue lately... So much so, that I'm the ad hoc IT guy :^/

I'm not used to dealing with business class software. If it were a personal PC, I would choose Antivir in a second...Being a business, there's more to consider...

The server is Win2000 Server, and most of the machines are XP Pro, with 1 2kpro thrown into the mix.

All opinions for a relatively inexpensive solution are welcome.

 

[blackangst1]

I wouldnt be so leery about Symantec's product anymore. Its definatly not the same as 2005/06/07. Reviews have been great, and resources minimal. Everyone has their own personal favorite, and objectively there is minimal difference between the three you mentioned. I prefer Symantec. Ive used them for years, and admittedly occasionally visit sketchy sites and have yet to be infected. (Yes I know its anecdotal).

I know retail you can get a 3 license pack for something like $20...so less that $100 for all 10?

edit: This is in the NIS2009 thread below yours: A three machine license of NIS 2009 is on sale for $9.99 AR at Office Depot through the 20th

 

[lxskllr]

Originally posted by: blackangst1
I wouldnt be so leery about Symantec's product anymore. Its definatly not the same as 2005/06/07. Reviews have been great, and resources minimal. Everyone has their own personal favorite, and objectively there is minimal difference between the three you mentioned. I prefer Symantec. Ive used them for years, and admittedly occasionally visit sketchy sites and have yet to be infected. (Yes I know its anecdotal).

I know retail you can get a 3 license pack for something like $20...so less that $100 for all 10?

edit: This is in the NIS2009 thread below yours: A three machine license of NIS 2009 is on sale for $9.99 AR at Office Depot through the 20th

That's why I'm considering Symantec. Last year they wouldn't have been an option, but I like what I've heard about the 09 release. I'll be trialing any software if we switch, so I can tell if it'll work.

The cost wouldn't be as big a deal if it weren't for the server. That just about doubles the cost of any solution I choose. That's assuming that it works the same as the server O/S itself(you pay for every user connected).

That's one of the things I didn't really specify, but am interested in. Is there a way of getting around the server A/V requirement? If the server were Linux, I'd feel comfortable enough just scanning with ClamAV every night, and keeping normal A/V on the workstations. As it is though, I think the server should run A/V also. Is there a (legal)way around this problem?

 

[blackangst1]

Originally posted by: lxskllr

Originally posted by: blackangst1
I wouldnt be so leery about Symantec's product anymore. Its definatly not the same as 2005/06/07. Reviews have been great, and resources minimal. Everyone has their own personal favorite, and objectively there is minimal difference between the three you mentioned. I prefer Symantec. Ive used them for years, and admittedly occasionally visit sketchy sites and have yet to be infected. (Yes I know its anecdotal).

I know retail you can get a 3 license pack for something like $20...so less that $100 for all 10?

edit: This is in the NIS2009 thread below yours: A three machine license of NIS 2009 is on sale for $9.99 AR at Office Depot through the 20th

That's why I'm considering Symantec. Last year they wouldn't have been an option, but I like what I've heard about the 09 release. I'll be trialing any software if we switch, so I can tell if it'll work.

The cost wouldn't be as big a deal if it weren't for the server. That just about doubles the cost of any solution I choose. That's assuming that it works the same as the server O/S itself(you pay for every user connected).

That's one of the things I didn't really specify, but am interested in. Is there a way of getting around the server A/V requirement? If the server were Linux, I'd feel comfortable enough just scanning with ClamAV every night, and keeping normal A/V on the workstations. As it is though, I think the server should run A/V also. Is there a (legal)way around this problem?

For the server protection, I'll leave that to a more knowledgeable person.

 

[Bradtechonline]

I just implemented NOD32 3.0 into my server environment which is a mixture of about everything..

Novell
NT
2000/2003/2008 Server
BSD
Linux (CentOS),(SuSE)

I have internal virus signature servers turned up, and do all this in a virtualized environment.. If you want to go down this route I would recommend it..

Symantec was implemented in 2006 by a previous systems administrator, and I convinced my Director to go over to NOD32 after showing him the log files of netsky lying dormant in files across shares.. Then scanning the same shares with Symantec up to date, and it missing it.. Then scanning it with my copy of NOD32, and it picking it up..

 

[Phynaz]

Ignore Brad, he's talking about a product that's four years old.

 

[videogames101]

Originally posted by: Phynaz
Ignore Brad, he's talking about a product that's four years old.

NOD32 is still just as amazing, and I highly doubt Norton could catch-up to what I consider best AV available in 1 or 2 years.

 

[Chiefcrowe]

I use symantec, and about to upgrade to the latest version. but then again we get a pretty good deal on licensing, so it depends on what kind of price you can get.
If you can get a better price for nod32 or kaspersky, i'd recommend those and since you're already leaning towards nod, get that one.

 

[RebateMonger]

Regarding Symantec's EndPoint Protection software, I did my first install of Symantec's EndPoint Protection Manager (in Managed Mode) on Christmas Eve. Note that I said "Managed Mode", which has to overcome tons of issues that a simple Non-Managed mode installation won't have to face.

The install didn't go well. Symantec takes the unusual step of using BOTH IIS and Tomcat to host necessary management web sites on Server 2003, and they don't ask you what ports to use for Tomcat. Neither do they test ports to see if something is already listening on a required port, which turned out to be a problem.

The first indication of a problem was when I tried to generate an installer package for the clients. The Migration and Deployment Wizard never finished. Then I found that the EndPoint Protection Manager Service was shutting down 30 seconds after startup. I read through the Symantec troubleshooting help and did web searches, and found that others had reported the same problem, but couldn't find an immediate solution.

Calling Symantec, I quickly got a knowledgable person from India who walked through troubleshooting with me. I'd told him that I was concerned because that Server was running a Tomcat site for another application. Indeed, manual configuration of the Tomcat port turned out to be the fix. I'd done my own check for port listeners, but somehow missed the Tomcat issue. In my defense, it took me a while to realize that Symantec's product was using BOTH ISS and Tomcat and there's no mention of the Tomcat port and no option to customize it during the install process.

After getting the Management site working on the Server, Remote Deployment to the first desktop client didn't work. The Symantec support guy suggested that the new software probably hadn't been able to fully remove the previous Symantec Corporate AV client. We had to uninstall the EndPoint client, manually delete several folders and make changes to the Registry to fully get rid of the previous Symantec Corporate 9.x client. He said that it's often better to manually uninstall previous Symantec Corporate AV software. That actually had been my original plan, but he'd wanted to let the EndPoint Protection Manager try to do the removal.

Installing the Manager and two clients took several hours and I'll have to go back the day after Christmas and manually remove all the rest of the AV clients in the office before I attempt to install the rest of the SEP clients.

On the postiive side, this ISN'T the worst AV install I've ever done. Computer Associate's eTrust takes the cake there, with about ten TCP ports needing to be opened to make remote management work, and with numerous Licensing Server issues. An install of CA's SBS Protection Suite never did work, even after hours of telephone support.

Trend Micro's Client Server Messaging Suite (now called something else) is pretty easy to install and license. Just be sure to disable the Secure channel internal website if using ISA Server, or you'll be re-installing the Trend Software. Unfortunately, it has a mediocre record of malware detection (but still better than AVG's lackluster record).

I hate installing ALL coporate AV software. Especially since I have to install and manage many different makes of AV software, each with its own special weirdness.

 

[carnage519]

Originally posted by: Phynaz
Ignore Brad, he's talking about a product that's four years old.

I have the newest Symantec, and Norton 2009. NOD32 or Kaspersky are far superior still.

 

[compman25]

Originally posted by: carnage519

Originally posted by: Phynaz
Ignore Brad, he's talking about a product that's four years old.

I have the newest Symantec, and Norton 2009. NOD32 or Kaspersky are far superior still.

Can you back that up please?

 

[Czar]

We run Trend Micro at work, so I recomend trend, easy to work with and manage.

We used to run the old symantec, replaced with with trend. But personly I liked the symantec interface, how to install new clients and see the status of all the computers, only thing I hated was the memory footprint it took on the clients.

But frankly, today all the products are good enough. Windows patch management is the most important part to prevent viruses from spreading.