New Section – Share Your Opinion #1 – Antivirus and Endpoint Protection

The cons:

Think about rolling out version XYZ to an environment with hundreds of thousands of hosts. By the time you finish, you will be lagging behind at least two versions, given the frenetic release of new product versions by Symantec.  I understand that they work to offer the new solution brought by their latest acquisition, but confess that it’s a bit frustrating that your deployment is already obsolete by the time you finish. Even if your network is not that massive, I find it appaling that major releases come out in such periods of time.

The management console is another thing that might give you headaches some times, mainly because some caching issues (for example, if you re-image a desktop, its “ghost” will appear as outdated, and you might spend a couple of hours trying to locate the machine on your network.

Another thing that can drag you to an extent is the fact that the management console (well, at least the version I have) is not able to tell you if a certain desktop has the firewall enabled or not.If you are going through PCI DSS and your QSA asks for that information, you might be left with our hands tied. All you can say is that the endpoint firewall is enabled across the board, but not necessarily identify what devices had it or not.

The veredict:

The product as a whole is recommended. Apart from all the cons illustrated here, as well as other factors you might consider such as price, local support and the package offered by the vendor, I certainly recommend the adoption of Symantec AV by your enterprise. It is a honest solution, and whilst not perfect, it certainly does the job.

-Adriano

 

What about you? What’s your experience with endpoint protection solutions (McAfee, Trend Micro, etc)? Do the security community a favor and share your thoughts by commenting below! 🙂

 

PS: this article is not sponsored by any vendor whatsoever, nor reflects the opinion of the company I work for. It is the pure reflection of my experience with the product.

Its also worth mentioning that by implementing it you won’t necessarily have the same good/bad experiences I had. Hence, your opinion about the product in the comments section is much appreciated!

 

If you liked this post, do not forget to read the polemic 6 Reasons Why You Should NOT Work With Information Security, and the post dedicated to Information Security Interview Questions.

Pages: 1 2

No related content found.

Filed Under: From me to youShare your opinion

Tags:

RSSComments (5)

Leave a Reply | Trackback URL

  1. James R. Marcus says:

    Lots of interesting opinions here. I’m pretty shocked at how many people are still using Symantec. For the years I used Symantec I was surprised how much got through,and I felt their support sucked. I have also used TrendMicro. But my favorite is McAfee EPO/AV. It didn’t kill performance on my machines, and although it was definitely an enterprise product I didn’t feel that it was over-bloated. Definitely takes some effort to learn. I use it in a PCI-DSS Level 1 Service Provider environment.

  2. Fernando Bacchin says:

    My company uses Symantec AV solution since version 7. I’m in charge of it’s operation since version 10 , have done the rollout to SEP11 and now preparing to 12.

    I’ve worked with CA and McAfee software before and would say that their security level (in terms of signature-based protection) are pretty much the same. Symantec support seems to be better and buying their premium or BCS support doesn’t change too much.
    I agreed with you regarding version-changing, Symantec does it with such a frequency that I hate it !

    Symantec software is also a memory/cpu eater, but that’s something your end-user will get used to after a while.

    In general, I believe there’s a reason for a company to be #1 and when you have to decide which way to go for a huge environment you cannot assume the risk of choosing such a beginner company as Sunbelt .

    They may be the best on performance but they do not have (yet) a structure to support a global company with thousand endpoints. And this is something you must consider when making a decision for your business.

    My opinion.

  3. Fernando Bacchin says:

    My company uses Symantec AV solution since version 7. I’m in charge of it’s operation since version 10 , have done the rollout to SEP11 and now preparing to 12.

    I’ve worked with CA and MacAfee software before and would say that their security level (in terms of signature-based protection) are pretty much the same. Symantec support seems to be better and buying their premium or BCS support doesn’t change too much.

    I agreed with you regarding version-changing, Symantec does it with such a frequency that I hate it !

    Symantec software is also a memory/cpu eater, but that’s something your end-user will get used to after a while.

    In general, I believe there’s a reason for a company to be #1 and when you have to decide a solution for huge environments you cannot assume the risk to choice such a beginner company as Sunbelt .

    They may be the best on performance but they do not have (yet) a structure to support a global company with thousand endpoints. And this is something you must consider when making a decision for your business.

    My opinion.

  4. Naveen Sharma says:

    Hi,

    I have never come across VIPRE in the enterprise environments but will be interesting to see the managemet support tools and vendor support.

    Sopos is yet another promising product. Irrepective you the product, Software whitelisting is another tools avilable which has management capability via group policies.

    Regards

    Naveen

  5. I have used all kinds of AV solutions over the decades of experience that I have — and over the last several years, I have firmly dispensed with both symantec and McAfee for similar reasons. These programs are HUGE, over-bloated resource hogs and absolutely kill performance on the systems they reside upon.

    About 2 years ago, I ran tests personally on about 10-12 different AV packages to test them for performance, ability to eliminate threats, etc. While many were good, the one that came out on the top for me is VIPRE — it is an amazing product and does an exceptional job of keeping your resources available for the USER instead of hogging it all for itself to run.

    I have deployed VIPRE to my clients and they have been SO happy to get rid of McAfee and Symantec (both of which I used to resell) and the performance impovement they had was so significant that they felt they had new servers and workstations.

    Anyway, that’s my 2 cents…for what it’s worth…

    Gregory Powell
    CISSP, MCSE, MCP+I,
    CompTIA A+, Security+, Network+