What are yall using for enterprise anti-virus?

H

hunter33

Limp Gawd
Joined
Mar 8, 2007
Messages
298
We've been using McAfee Total Virus defense suite for several years but I'm growing weary of file locking problems and the general flakiness of the management suite, Protection Pilot.

What is everyone else using and do you like it? I need something that doesn't consume too many system resources and can be centrally managed.

Thanks
 
I've been wondering this same question....

But I did a search for NOD32, a search for Forefront, a search for Symantec, etc... and found a lot of results :p
 
There are a few topics on this, but we use Microsoft Forefront. I like it alot better than the other products i have used. Very lightweight, does a decent job at finding things, and the reports are borderline too much info(which is good). A new version should be coming out toward the end of the year which will bring substantial improvements.
 
xenios said:
There are a few topics on this, but we use Microsoft Forefront. I like it alot better than the other products i have used. Very lightweight, does a decent job at finding things, and the reports are borderline too much info(which is good). A new version should be coming out toward the end of the year which will bring substantial improvements.
Click to expand...

Guess I could ask this... when a new version comes out, is it included? Since you only have to pay by seat for the Agent and by year for the Management Console, do they give you all the latest updates to the software included in the yearly fee?

Do you have to purchase any of the Forefront software at the beginning?
 
I'm asking because McAfee TVDS is up for renewal and we are thinking of switching to another product. It's easy to find reviews and comparison websites, but first hand IT experience is more valuable.

Thanks
 
My employer uses McAfee, my customer uses Symantec, I use NOD32 personally...
 
Symantec Antivirus right now, gonna push out IBM Fortinet shortly.
 
Symantec End Point 11. Just AV and Spyware though.. the rest of the stuff seems to have a terrible effect on the network

EDIT:

Whoever is using ForeFront Client Security I would be interested in hearing how you deployed it, amount of servers, what all was used, etc. Doesn't have to be here.
 
ciggwin said:
Guess I could ask this... when a new version comes out, is it included? Since you only have to pay by seat for the Agent and by year for the Management Console, do they give you all the latest updates to the software included in the yearly fee?

Do you have to purchase any of the Forefront software at the beginning?
Click to expand...

I could not tell you, our corporation is has volume licensing with software assurance for most microsoft products.
 
calvinj said:
Symantec End Point 11. Just AV and Spyware though.. the rest of the stuff seems to have a terrible effect on the network

EDIT:

Whoever is using ForeFront Client Security I would be interested in hearing how you deployed it, amount of servers, what all was used, etc. Doesn't have to be here.
Click to expand...

For my department i went with a one server solution setup as a VM. With only around 600 clients we did not want to spend money on more hardware. To deploy we used Configuration Manager. Forefront uses WSUS to handle updates, you can also use WSUS to push out the clients as well.
 
xenios said:
For my department i went with a one server solution setup as a VM. With only around 600 clients we did not want to spend money on more hardware. To deploy we used Configuration Manager. Forefront uses WSUS to handle updates, you can also use WSUS to push out the clients as well.
Click to expand...

Which version of SQL Server did you use? We don't have SQL Server so I am hoping to get away with SQL Server 2005 Standard, but the data sheet says requirements include:

Microsoft SQL Server 2005 Enterprise
Edition or Standard Edition with Service
Pack 1 (including Database Services,
Reporting Services, Workstation
Components, and Integration Services)

I'm not familiar with SQL Server - does Standard Edition SP1 include Database Services, Reporting Services, Workstation Components, and Integration Services? Or is this something you need to purchase separately? How many SQL CALs are you using for MFCS?
 
Last edited:
ESET NOD32 Business Edition, we have a 2500 license and it's the cat meow.
 
ciggwin said:
Which version of SQL Server did you use? We don't have SQL Server so I am hoping to get away with SQL Server 2005 Standard, but the data sheet says requirements include:

Microsoft SQL Server 2005 Enterprise
Edition or Standard Edition with Service
Pack 1 (including Database Services,
Reporting Services, Workstation
Components, and Integration Services)

I'm not familiar with SQL Server - does Standard Edition SP1 include Database Services, Reporting Services, Workstation Components, and Integration Services? Or is this something you need to purchase separately? How many SQL CALs are you using for MFCS?
Click to expand...

Those are all options durring install. If you have the standard edition, you are good.
 
We use SEP 11, and we sell our Customers AVG as most of them are Small to medium businesses, and AVG licenses and management are much cheaper then SEP.
 
I'm using Trend Micro. The deployment client sucks. It does a good job but doesn't do enough with reporting.
 
We use Symantec Endpoint 11, and honestly I think it is awful at catching malware. We're looking to move to a different product when renewal time comes up.
 
F-Secure. It wasn't my choice, but at least the push installs work well.
 
xenios said:
Those are all options durring install. If you have the standard edition, you are good.
Click to expand...

Another happy and satisfied Forefront user here. I deployed on one server, (VM) with 1 vCPU and 4GB's of RAM and a local SQL 2005 Standard installation. This setup should be good for up to 3k clients before I think about performance issues.

WSUS is on a seperate server. The client installation is nice because once you have your WSUS infrastructure in place and you apply a forefront policy to an OU, the computer will install the client for you.
 
valkon said:
Another happy and satisfied Forefront user here. I deployed on one server, (VM) with 1 vCPU and 4GB's of RAM and a local SQL 2005 Standard installation. This setup should be good for up to 3k clients before I think about performance issues.

WSUS is on a seperate server. The client installation is nice because once you have your WSUS infrastructure in place and you apply a forefront policy to an OU, the computer will install the client for you.
Click to expand...

I love WSUS. I would be lost without WSUS, but I shouldn't HAVE to use WSUS to push out my av updates nor should I have to eat the cost of sql 2005 std or ent. Ouch...

Just my 2 cents on it.
 
For the client installation I've seen three ways to push out the client. The first and IMO the best is WSUS. The second is by a login script, but that sucks. The third is through a third party tool, http://fcscompete.codeplex.com/
WSUS works so damn well, why wouldn't you use it?

As for forefront on SQL, yeah that can be a negative to the product. But if you already have a seperate SQL 2005 installation, you can use that instead of a local install.
 
Speaking of MSE/MFCS I put MSE on a computer that had a bunch of malware/virus infections and I actually had to install Malwarebytes in order to fully remove the threat. MSE did not pick up on 100+ files that were infected and enabling the malware/virus to run on the user account. Only after Malwarebytes was I able to remove the threat.

Has anyone using MFCS had issues where malware/viruses were not detected and you had to use another program to remove the threats? I am seriously considering a MFCS purchase but if it isn't up to par then I'll have to get something else.
 
ciggwin said:
Speaking of MSE/MFCS I put MSE on a computer that had a bunch of malware/virus infections and I actually had to install Malwarebytes in order to fully remove the threat. MSE did not pick up on 100+ files that were infected and enabling the malware/virus to run on the user account. Only after Malwarebytes was I able to remove the threat.

Has anyone using MFCS had issues where malware/viruses were not detected and you had to use another program to remove the threats? I am seriously considering a MFCS purchase but if it isn't up to par then I'll have to get something else.
Click to expand...

My experience has actually been the opposite...MSE has been picking up buggers that most other AV programs are missing. MWB seems to be staying ahead of everyone..as far as detection.
 
ciggwin said:
Speaking of MSE/MFCS I put MSE on a computer that had a bunch of malware/virus infections and I actually had to install Malwarebytes in order to fully remove the threat. MSE did not pick up on 100+ files that were infected and enabling the malware/virus to run on the user account. Only after Malwarebytes was I able to remove the threat.

Has anyone using MFCS had issues where malware/viruses were not detected and you had to use another program to remove the threats? I am seriously considering a MFCS purchase but if it isn't up to par then I'll have to get something else.
Click to expand...


You got samples for me?

This posting is provided "AS IS" with no warranties, and confers no rights.
 
Ranma_Sao said:
You got samples for me?

This posting is provided "AS IS" with no warranties, and confers no rights.
Click to expand...

In my opinion..this is important..regardless of what product you're using. How many people here submit samples to their fave AV vendor? With MSE, it's pretty easy..in the Help drop down menu...so that Ronma can peel it apart and get the detection added.
 
I'm going to install Forefront on my Windows 2008 R2 environment at home and see how I like it. Up until now I've been using Avira, which is about to expire.
 
We are in the stages of upgrading from SAV10 to SEP11. We will be using the following:

- Core files (required)
- Antivirus and Antispyware -> includes an option for AntiVirus Email Tools
- Proactive Threat Protection -> includes options for Proactive Threat Scan and Application Control and Device Control
- Network Threat Protection -> includes an option for Firewall and Intrusion Prevention

I guess I'll see what joys this brings to my network :D
 
You must log in or register to reply here.
Back
Top