Small Network Antivirus solution

[UltimaParadox]

Currently I am managing a 20-uer group on Symantec AV version 10. We have rolled out Symantec Endpoint Protection 11 onto a test system, and I can say I am more than dissapointed. It is a resource hog plain and simple, and it has got to the point, where I would like to turn elsewhere.

Basically I am looking for suggestions for an easy to manage small business anti-virus solution.

I am currently looking at McAfee, NOD32, Kaspersky, TrendMicro, and BitDefender. If anyone has any experiences with any of these at the business level let me know, or if you have any better alternatives.

Centralized management is a must!

 

[YeOldeStonecat]

Esets NOD32 Enterprise Edition
or
Kaspersky

Either..better protection...and better workstation performance (less performance hit) than your current product.

 

[Captain Colonoscopy]

I was actually just going to start a thread called Symantec Endpoint Protection sucks when I found this one. I too have migrated two of our smaller clients to the new SEP product and found it to be a complete bloated pig. It is like the bastard offspring of Norton Anti-Virus and Windows Vista, a pretty pig that shits in your house .. . . . I find it funny that Symantec does not recommend installing the endpoint manager on a server that also runs exchange, yet they sell the SMB package for companies that run SBS2003 servers . . . . that includes exchange . . . . its horrible. Just this morning I had to uninstall SEP on a server because it decided this morning that all network clients were threats and blocked connections to all of them. This is after running okay, aside from the sluggishness, for the last three days.....

Anyway, I am currently starting evaluations for corp AV solutions that can be centrally managed. We have about 25 different SMB clients that will be needing to renew their licensing with Symantec or be moved to other products.

I'll post what I find. Right now I will be looking at AVG, nod32 and probably kapersky.

 

[hawk82]

I've been running Trendmicro Officescan on clients who have more than 5+ workstations and an available server to run the Console on. I've found it works pretty darn well. Includes virus + spyware protection. Lots of options that you can adjust to your liking. Pricing isn't too bad.

 

[YeOldeStonecat]

I'll post what I find. Right now I will be looking at AVG, nod32 and probably kapersky.

Recommend going with NOD or Kaspersky. AVG is simply middle of the pack as far as detection rates..over the past couple of years. av-comparatives.org

Wrapping up installing an SBS2K3 server into an existing 2K3 domain right now...about to install NOD32 and XMON in a few more minutes. Then start to shove POP3 users PSTs into Exchange and get them going.

 

[XOR != OR]

Esets NOD32 Enterprise Edition
or
Kaspersky

Either..better protection...and better workstation performance (less performance hit) than your current product.

I didn't realize how true this was until I made the switch at one of the orgs I support. The next day I had nothing but compliments about how much faster "the network is". Users did notice the difference and were appreciative.

 

[Captain Colonoscopy]

I started looking at all those and NOD32 immediately popped out as the best contender. I requested eval software because my boss won't switch vendors on a dime but he also is very pissed about SEP so we'll probably make the switch pretty soon.

And I do lover the mass migration of psts to exchange. That's always a good time.

 

[booyaa]

Another vote for Nod32, I'm a Sys Admin for a small company and just rolled it out to my network ~30 windows machines. They have some excellent video tutorials too. I bought my licenses through zones.com

Within an hour I had a lan update server created, a custom config made, and started installing the clients remotely.

Can't wait until they come up with a good anti-spam solution for exchange.

 

[Captain Colonoscopy]

sorry to hijack this thread . . . . . but anyway . . . .

I just got a response back from eset and they sent me the stuff for our 30 day eval. I'm going to be rolling out the nod32 on some production servers at my office and a few client machines to test it out. If all goes well we will be moving all of our clients over to it in the next year. I can't believe what a bloated piece of shit Symantec Endpoint Protection is. I have to spend part of my weekend uninstalling that fucking mess from a client's servers and client machines and reinstalling SAV 10.2 because they already own it. Symantec sent notice they were eligible for the upgrade because of their active support contract so we upgraded them. It's my own fault though, I should have tested it in a lab environment before deploying to clients. It just sucks because we can't bill for any of the 9 hours I will have ended up spending on that crap. Oh well, valuable life lesson learned . . . ..

 

[YeOldeStonecat]

If ya need any remote support for setup/push/RAC stuff..give a PM.

 

[dbwillis]

Another vote for Nod32...I moved a customer from symantec CE 8.x to nod32 (sbs2003 and 14 clients)....much faster, and the servers backup finishes a whole 1+ hrs faster !

 

[Captain Colonoscopy]

wow, I didn't even think about the backups being faster. Thats hilarious.

 

[marley1]

what version of nod is the server side one? im trying to find price online. have 2 clients both with a single server and about 20 machines. other client has domain server and exchange server with about 30 machines. what version do i need? anyone got example of prices?

 

[YeOldeStonecat]

what version of nod is the server side one? im trying to find price online. have 2 clients both with a single server and about 20 machines. other client has domain server and exchange server with about 30 machines. what version do i need? anyone got example of prices?

For first network....Enterprise Edition for 20
For your other client....Enterprise Edition for 20 plus XMON (Exchange protection) for 20.

With Enterprise Edition...you're given a license for 20 machines...regardless of operating system...server, workstation..doesn't matter. You can have 1 server and 19 workstations...or 5 servers and 15 workstations...or 19 servers and 1 workstations...it's still just EE for 20.

You select a PC..and it doesn't have to be a server...but generally for larger LANs a server is used (assumed better stability, and more concurrent connections). You install your RAS (allows RAC to connect to it and manage) and Mirror (update source for the rest of your network) components on this one. You can also install the RAC (management console) on this server..and/or on your own workstation to manage.

The antivirus installer is the same executable for both server and workstation..there is no special server installer package.

 

[marley1]

do u know an estimate price? just a rough estimate

 

[YeOldeStonecat]

do u know an estimate price? just a rough estimate

Still at home...I have my pricing list at the office.

 

[marley1]

Cool let me know, can I order through you/are you a reseller for them?

 

[UltimaParadox]

Appreciate all of the replies so far, I will be keeping an eye on this to see how everyone's experience with NOD32 goes.

As of right now all machines are staying with SAV 10 until the end of the year.

 

[Captain Colonoscopy]

I'll post my thoughts after I complete my eval of NOD32. Right now I am anxiously awaiting my login and password for the site \so I can download the software. I got an invoice for $0 and a couple emails from some lady in sales on Friday telling me I will get my login info in a few minutes. Sent the lady a reply this morning asking when I should expect the license info and also inquiring about the exchange protection, still haven't heard back yet. I suppose she could be on vacation or something . . . . .

 

[Captain Colonoscopy]

Wow, so far NOD32 just friggin rocks. The remote deployment is just as easy, if not easier, than SAV 10.x. The scanning speed is simply amazing. I scanned my entire laptop with 185,000 files in 10 minutes and 50 seconds. A full system scan with SAV took about 1.5 hours before. Jeebuz. The multiple daily updates for virus defs is nice. The interface is takes a little getting used to but I like it now.

The only problem I am having is with the configuration pushing out correctly during deployment. I can't seem to push out the LAN update server by default and I have had to manually enter the LANupdate server on each client here at the office. I must be doing something wrong here so I got a few more things to try before I call Tech Support to see what it is that I'm missing.

Overall, I am really liking it.

 

[Captain Colonoscopy]

oops, wrong thread. . . . .

 

[YeOldeStonecat]

The only problem I am having is with the configuration pushing out correctly during deployment. I can't seem to push out the LAN update server by default and I have had to manually enter the LANupdate server on each client here at the office. ]

I always create a new config file from scratch...instead of trying to mod the existing default one. http://ip of server:8081 (default port..if you have the LAN update server running Sharepoint.....such as SBS....Sharepoint uses 8081..so I create a new port such as 8088)

 

[Captain Colonoscopy]

ahhh, I hadn't thought of that yet. I'll give that a shot. Thankies!

 

[peierls]

What type of resource usage are you seeing with Symantec Endpoint? I got version 11 from work for telecommuting and I like the idea of not having to pay for AV/Firewall/Spyware protection out of my own pocket. But now I'm wondering if I should go with some of the free stuff. I'm running vista64 with 4gb.

Oh, and is it possible to turn off the firewall and spyware and just use the AV part of it without having to disable both each time I log in?