pyth0n Posted July 11, 2012 Share Posted July 11, 2012 Hi all, Where i work, we use sophos across the group.... to be frank, i dont like sophos. many reasons why. I was wondering if anyone could recommend any good business anti virus' to use across a business? I know I could google and look at each product, but i have, and it appears they all say they are the best so i thought i would ask the people that deal with this stuff on a day to day bases. Thanks, Quote Link to comment Share on other sites More sharing options...
keyboardN1nja Posted July 13, 2012 Share Posted July 13, 2012 We also use Sophos where I work, and I'm not a fan either. Half the stuff it finds, it can't clean, and the rest of the time, it let's the "cheap" malware by. I'm also interested in suggestions. Quote Link to comment Share on other sites More sharing options...
G-Stress Posted July 13, 2012 Share Posted July 13, 2012 I think Symantec Endpoint Protection is pretty good. Had many administrative options if you install the manager client on a server to remotely push updates, apply policies, etc. I too am interested in the guys that actually work in IT on their suggestions. Quote Link to comment Share on other sites More sharing options...
nix-7 Posted July 13, 2012 Share Posted July 13, 2012 On the networks I manage, ESET tends to be the best. Kaspersky is pretty good, and GFI/Sunbelt's Vipre isn't bad either. I've used Sophos and it does seem to be poor. McAfee has joined them in my opinion also... Quote Link to comment Share on other sites More sharing options...
keyboardN1nja Posted July 13, 2012 Share Posted July 13, 2012 I've heard good things about ESET from other forums. I've used Sunbelt before, but it wasn't in a enterprise environment (and I've never gotten a virus on any of my computers), so I can't comment on it's effectiveness. Quote Link to comment Share on other sites More sharing options...
ewook Posted July 14, 2012 Share Posted July 14, 2012 I'd recommend any "suite" that fills your req's. A simple AV you can get for free, check the specs of your faviourites, what bang you can get for the buck... Depending on how your env is behaving and the needs of it - I'd say go for a whitelisting approach if you can, there's a few options on the market - and adding up that with an extended FW (Host and Network IPS should be considered as well). Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted July 14, 2012 Share Posted July 14, 2012 The IT company I work for, uses Forefront, its quite good, but I would recommend Avast for Enterprise, it will do a better job than MS Forefront. Quote Link to comment Share on other sites More sharing options...
pyth0n Posted July 14, 2012 Author Share Posted July 14, 2012 thanks for the replies.... I may have to look at eset, like keyboard ninja said, half of the time, sophos misses things, cant delete things, and picks own inhouse software and scripts up at viruses, even stopped our login script... i have a personal vendetta against norton (symantic) i feel they force their products on to 'non savvy' computer users... so i will probably give them a miss! i also had the MS forefront on my mind... Thanks all! Quote Link to comment Share on other sites More sharing options...
Matt Lestock Posted July 16, 2012 Share Posted July 16, 2012 I've used Vipre enterprise before. Great central administration, and multiple policy groups accompanied with low system usage is what won my vote. GFI bought Sunbelt Software and have been pretty good about requests from users. I'd give that a look too. Quote Link to comment Share on other sites More sharing options...
pyth0n Posted July 16, 2012 Author Share Posted July 16, 2012 I've used Vipre enterprise before. Great central administration, and multiple policy groups accompanied with low system usage is what won my vote. GFI bought Sunbelt Software and have been pretty good about requests from users. I'd give that a look too. Thanks matt, will also have to give this a look. Cheers Quote Link to comment Share on other sites More sharing options...
bakercs Posted July 23, 2012 Share Posted July 23, 2012 After years of feeling like beta testers with Symantec we switched to NOD32 and have been pretty pleased with the cost/performance Quote Link to comment Share on other sites More sharing options...
bobbyb1980 Posted July 24, 2012 Share Posted July 24, 2012 I'd steer clear of ESET products, I've gotten several n00b payloads past NOD32. Quote Link to comment Share on other sites More sharing options...
TheGuyWithSticks Posted July 26, 2012 Share Posted July 26, 2012 I'd steer clear of ESET products, I've gotten several n00b payloads past NOD32. I used to either Kaspersky or ESET, but I experienced the same thing. A lot of payloads, such as the ones found in Switchblade, got past ESET but not Kaspersky. Granted, I have never managed either of those two from a business perspective, just my home computer. Before I switched jobs, we used Symantec but were in the process of switching over to McAfee. This site is also good to see about it's effectiveness. http://www.av-comparatives.org/ Quote Link to comment Share on other sites More sharing options...
AshiOni Posted September 17, 2012 Share Posted September 17, 2012 (edited) Sorry to see that, I've personally had great luck with Sophos - we had a horrible time with Norton Endpoint - I hear great things about Vipre and ESET however I have not used them. My suggestion for those of you using Sophos or other products that have had a hard time getting rid of viruses is to not rely on the antivirus program to purge the virus in the first place. We keep all of our endpoints as updated as possible and keep them in a non-persistent state - so when the antivirus tells the users (and us) that the endpoint in question has a virus we can simply direct the end user to shutdown their workstation and then turn it back on. All changes (i.e. the virus) vanish and the endpoint goes back to its pristine condition. Really at the end of the day IT cannot rely on a singular application to protect itself. You really have to lock everything down - examples include turning off CDROM / USB / file share usage, scan everything that comes in and goes out of the network at the perimeter, that means a good UTM/Firewall 2.0 - get some sort of DLP system in place and patch, patch, patch. Business as a whole has gotten in to this empower the end user mind set and that's great, but there are still rules to follow, otherwise every day you work is going to be a disaster and suck. Edited September 17, 2012 by AshiOni Quote Link to comment Share on other sites More sharing options...
Napster91 Posted September 19, 2012 Share Posted September 19, 2012 I would recommend Vipre I have found it is fairly simple to deploy and there are alot of changes to can deploy easily. I would also suggest to invest in a enterprise level firewall the one I have has a threat detection system that eliminates alot of malware and garbage before our pc based protection gets it. Quote Link to comment Share on other sites More sharing options...
keyboardN1nja Posted September 21, 2012 Share Posted September 21, 2012 ...You really have to lock everything down... We do this on our checkout laptops (DeepFreeze is the "lockdown" software), but not on end user systems. The manpower required to keep that sustainable sounds like it would be astronomical. Another knock on Sophos: a definition update from a couple days ago triggered false positives on just about every auto-updating program installed (including Sophos' own auto updater). They rolled out a patch within the day, but we got quite a few phone calls and emails complaining about it. Quote Link to comment Share on other sites More sharing options...
bobbyb1980 Posted September 21, 2012 Share Posted September 21, 2012 Deep Freeze is weak and insecure. It has been for some time now. Quote Link to comment Share on other sites More sharing options...
Radau Posted October 4, 2012 Share Posted October 4, 2012 I personally like Comodo antivirus with the endpoint manager. Been trying it in a vbox network and it sure does take out some hassle. Downside is Comodo can be intrusive at times. Quote Link to comment Share on other sites More sharing options...
keyboardN1nja Posted October 6, 2012 Share Posted October 6, 2012 I tried Comodo's firewall once, but it was WAY too overprotective. Never tried their antivirus. Anybody use Avast Business products? I use Avast Free for all my personal computers. Quote Link to comment Share on other sites More sharing options...
Radau Posted October 6, 2012 Share Posted October 6, 2012 I tried Comodo's firewall once, but it was WAY too overprotective. Never tried their antivirus. Anybody use Avast Business products? I use Avast Free for all my personal computers. I use avast 2012 IS on my gaming PC due to the lax firewall rules and un-intrusiveness of it. Comodo's firewall is overprotective if you don't go in and set it to 'training' mode or whatever. Then it's intrustive for the first week popping up asking if you want to allow things (usually like windows firewall is for the first week or so) but after that it stays pretty hidden. I have yet to see the Comodo Endpoint manager used in a business environment but I think it would work well at managing all of the machines antiviruses and firewalls from one platform, rather than relying on the user to do everything. Quote Link to comment Share on other sites More sharing options...
AshiOni Posted October 10, 2012 Share Posted October 10, 2012 We do this on our checkout laptops (DeepFreeze is the "lockdown" software), but not on end user systems. The manpower required to keep that sustainable sounds like it would be astronomical. Another knock on Sophos: a definition update from a couple days ago triggered false positives on just about every auto-updating program installed (including Sophos' own auto updater). They rolled out a patch within the day, but we got quite a few phone calls and emails complaining about it. Not really there are lots of products out there (Xen Client) comes to mind that allow you to run the OS on top of a hypervisor which allows you to deploy desktops from a central management system in a non-persistent state. Virtualcomputer.com also comes to mind. Quote Link to comment Share on other sites More sharing options...
keyboardN1nja Posted October 10, 2012 Share Posted October 10, 2012 Yeah, we've talked about stuff like Citrix Receiver before, but the cost and network requirements are more than what we can handle (that's what my boss told me, at least). Quote Link to comment Share on other sites More sharing options...
SuperStu Posted November 18, 2012 Share Posted November 18, 2012 I know this is a semi-old discussion,but I wanted to reply to this as no one mentioned this yet. GFI Vipre is an awesome home and business product. The business side is managed via their site and also allows monitoring of virtually anything on servers and workstations. Used it in an MSP environment. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.