Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Alternative Enterprise Anti-Virus Solutions?

Cliff posted more than 8 years ago | from the a-reasonable-request dept.


Darth_brooks asks: "I admin for a great non-profit organization that has spent the last year rebuilding after a massive fire. We've got a pretty tight system running now, especially compared to the unmanaged chaos that existed before the fire. Firefox for surfing and T-bird for for e-mail, WSUS for updates, and we're slowly replacing Office with OpenOffice. But out anti-virus solution (command AV, a holdover from our old system) is not cutting the mustard. Specifically the management console isn't exactly reliable, and we just don't feel like we're getting our money's worth. What alternatives can the Slashdot crowd suggest?""The two obvious names that come to mind are Norton and Mcafee. Since all of our machines are donated, we really don't have the resources for Norton (who does?) and Mcafee's just been dealt a black eye. In addition, we're on a limited budget. Our machines are mostly P2 & P3's, and we're an XP / Active Directory shop with some scattered Fedora & BSD boxes scattered about for non-desktop tasks.

The biggest features we're looking for are the ability to centrally manage updates (which rules of AVG's free edition), and a reasonable price tag for licenses for 50-60 machines. Our current solution is only in place because we signed a long term licensing agreement, and I don't want to see us get into another deal for a product that doesn't turn out to be as god as advertised. I'd also like to hear some of the Horror / Success stories from users."

Sorry! There are no comments related to the filter you selected.

NOD32 (5, Informative)

ikejam (821818) | more than 8 years ago | (#15363077)

Re:NOD32 (2, Informative)

NormHome (99305) | more than 8 years ago | (#15363258)

I'll second that, I've been using NOD32 in a small non-profit enterprise for 18 months and we haven't had a single problem after flushing Norton with which we had hugh problems. The enterprise management console works really well and if you are also a non-profit make sure you mention that since Eset does give an additional discount to non-profits over their standard business pricing.

Re:NOD32 (1)

ditoa (952847) | more than 8 years ago | (#15364118)

I would recommend NOD32 also. Eset are a nice company to do business with and their prices are pretty fair. Also there software is top notch. Excellent all round choice IMHO.

Re:NOD32 (1)

Tombstone-f (49843) | more than 8 years ago | (#15365406)

Here's the US version of the site.

http://www.eset.com/ [eset.com]

Considering you're a non-profit, check out... (4, Informative)

Howard Beale (92386) | more than 8 years ago | (#15363083)

techsoup.org - donated and discount technology equipment products. We support a local Boys and Girls Club, and they got their software through there.

Good luck!

Re:Considering you're a non-profit, check out... (1)

smvp6459 (896580) | more than 8 years ago | (#15363330)

I second Tech Soup...Symantec Antivirus 9 (or whatever it is now) is a snap to install and roll out on a Windows network. When I was at a non-profit we shifted over to it and it was a pretty good experience moving over and it was relatively inexpensive. I'm not sure how many computers you're dealing with, but I easily got my tight-fisted Executive Director to shell out $85 for 25 licenses of an Enterprise quality product. And $130 for 50 is a steal.

http://www.techsoup.org/stock/category.asp?catalog _name=TechSoupMain&category_name=Symantec+Enterpri se+Products&Page=1&Cat1=Symantec&CatCount=1 [techsoup.org]

Virus free for over a decade... (1)

JoeCommodore (567479) | more than 8 years ago | (#15363403)

Of course we've been using Macs.

But I will second the reccomendation for Tech Soup, they have NAV enterprise edition with bulk licenses and all that server based virus administration goodness that Windsows people seem to need. Plus there are a bunch of other non-profit items you can get (MS Licensing is dirt cheap).

Big tip though - read the fine print on 'donatioon' limitations and plan your orders accordingly. Some of them limit to which types of NPs they will 'donate' to (Macromedia), some tie in annual maintenence/warranty costs for the life of the product you get (cisco), or put very specific ordering restrictions/guidelines (MS). But it is worth the effort.

Re:Considering you're a non-profit, check out... (1)

juventasone (517959) | more than 8 years ago | (#15363688)

Mod the parent up. But just to be clear, unlike the submitter and someone in the thread mentioned, you do not want to use any of Symantec's Norton or NAV (home) products. You do want to use Symantec Antivirus or SAV (corporate/enterprise) products. SAV offers central management, deployment, quarentine, and updates, and is far less resource intensive for those older machines. That price from Tech Soup is crazy good, normally it would ten-fold. Like some of the other posters have mentioned, there are other managed antiviruses available for business from every major antivirus company (Trend Micro, Network Associates, Kaspersky, CA, Sophos) and they're generally all quite good.

Clam AV (4, Informative)

shadwwulf (145057) | more than 8 years ago | (#15363091)

I would highly recomend checking out Clam AV.

It comes in both *nix [clamav.net] and Windows [sosdg.org] varients and works pretty well for system scanning. It also works very well in a mail server tool-chain.


Re:Clam AV (3, Informative)

Anonymous Coward | more than 8 years ago | (#15363225)

ClamAV isn't an "anti-virus solution". It doesn't offer protection, just after-the-infection scanning. The on-access module to fix this is, last time I checked, still in alpha and will take a while to arrive.

Just get AVG and be done with it (5, Informative)

Tweekster (949766) | more than 8 years ago | (#15363092)

Two year licenses are incredibly useful and their software doesnt suck like Norton.

AVG takes the approach of just working behind the scenes and doing it well...Norton takes the approach of "I need to constantly justify my existance by letting the user know I am doing...something"

AVG works great, so go with it. Their support is pretty good too from the couple of times when I needed to contact them.

It sounds like you pretty much said AVG is good and reasonable so just go with it.

Re:Just get AVG and be done with it (2, Insightful)

palndrumm (416336) | more than 8 years ago | (#15363316)

Mod +1, That's What We Just Did.

AVG does the job well, doesn't completely take over any machine it's installed on causing massive performance problems, is dead simple to deploy & administer, and was the best value for money of all the various AV solutions we looked at.

Re:Just get AVG and be done with it (1)

stefanlasiewski (63134) | more than 8 years ago | (#15363416)

I've heard two common complaints regarding AVG: It is only an anti-virus program (It doesn't deal with spyware), and it's performance is bad compared to some other AV programs.

What's your opinion? Are these valid complaints?

I use AVG free on my home systems, and recommend it to many friends-- performance does seem much worse when AVG is running (this is my non-objective opinion). I've never seriously evaluated it for the business (I'm not the Windows admin).

Re:Just get AVG and be done with it (3, Informative)

RedDirt (3122) | more than 8 years ago | (#15363456)

I've not ever had a slowdown that I can attribute to AVG. Prior to trying them I used F-Secure (ate CPU like candy to no appreciable benefit), McAfee (Random crashes on shutdown and the occasional munged update file that'll eat my data? Are we sure that NAI isn't in the virus WRITING business?!?!), and Norton (gods above, make the pop-up notifications and tray icons and wacky security alerts stop! Plus it also makes my system crawl). AVG just gets the job done and doesn't (well, other than at log in) get in my face. Certainly it doesn't bundle anti-spyware but why aren't you using MS Defender for that? And firewalls? D-Link has some nice hardware that'll augment the Windows boxed package nicely as well as giving you wireless and other toys. =P

Re:Just get AVG and be done with it (1)

Decker-Mage (782424) | more than 8 years ago | (#15363697)

I've never seen a slowdown with AVG on my machines here and I've used it for years. Hell, I play 3-D games all the time while it is running, even scanning the hard drives, without a bobble in the game. I'd nose around in your system to see if it is something else or an interaction problem (esp. if you are running two AV programs in real-time, a real no-no).

Re:Just get AVG and be done with it (1)

speeDDemon (nw) (643987) | more than 8 years ago | (#15363929)

I have to comment here, I own one of those 'mom & pop' style computer stores, I have the honour of removing virus and spyware infestations from computers all day everyday.

AVG in my humble opinion does not cut it, On more than one occasion I have had machines in the workshop that Had AVG installed and up to date, and AVG claimed 'no virus found' yet running an antivirus over the drive in my bench machine has turned up a virus.

Norton Antivirus for home is very intrusive and cumbersome, although it does offer a high level of protection. I personally do not like the fact that it uses MSHTML.DLL to display its 'control centre' pages as this file is commonly messed up by spyware, however this is my biggest gripe with Nortons.

Norton Antivirus Corporate edition however is fantastic, Light weight program (small memory footprint, does not make the machine feel slow) and it has 'mircro definitions' that are less than 500k downloads (typically 100-200k) thus 'Live Updates' do not take long even on dialup.

If only symantec would release this product as a standard retail package (like the nortons boxes you see everywhere)

Re:Just get AVG and be done with it (1)

WuphonsReach (684551) | more than 8 years ago | (#15365064)

Norton Antivirus Corporate edition however is fantastic

Aye, we use Symantec's corporate A/V (same thing) and have been pretty happy with it. The corporate product does a good job of staying out of the way, staying up-to-date and doing its job.

The downside is the cost per seat for licensing. For a business, it's fairly easy to justify the cost (since cleaning up an infection pays for the license fees just in labor and lost time), but I can see annual license fees as being a problem for a non-profit.

One solution might be ClamAV on the desktops and only putting a stronger / costlier package like SAV on the central servers.

Re:Just get AVG and be done with it (1)

J. T. MacLeod (111094) | more than 8 years ago | (#15365430)

You may want to reevaluate AVG.

I do a lot of virus removal for "average Joe" PCs, too. I've seen viruses slip right by Norton, myself.

In fact, I've seen viruses slip by ALL of the AV products I've seen. AVG has the better track record for us, though, by far. Lately, it's been much improved over older versions, as well.

Even if they were all equal, though, I couldn't recommend another product due to their crippling bugs. It's not uncommon to see one of our customers suspect a virus only to find that it was the AV software itself malfunctioning. Not counting Norton Corporate, of course. As you said, it's excellent.

Re:Just get AVG and be done with it (3, Informative)

jawtheshark (198669) | more than 8 years ago | (#15363981)

performance does seem much worse when AVG is running

My laptop is a P-III 600MHz / 512Meg RAM running WinXP Pro and frankly, AVG doesn't seem to have any impact on performance at all. If I do nothing, Task Manager reports 0% usage, so I don't think that AVG gets much in the way.
What AVG does do is a dayly check and if you're working while it does that, you might "feel" it. Normally it's at 8am for me, but I don't know if its a rule (or if I configured it that way) At 8am, I'm so sleepy that I usually don't do much on my computer anyway ;-))

(It doesn't deal with spyware)

It does detect stuff like Diallers tough, but those are technically trojans. Spyware is not an issue if you have secured your machine and avoid Internet Explorer like the pest. I run SpyBot and Ad-aware on semi regular intervals and none of them ever reports anything. Reason: my network is appropriately firewalled, my Windows is patched, and I only use Firefox....

Re:Just get AVG and be done with it (1)

rizzo420 (136707) | more than 8 years ago | (#15364855)

you can't depend on one program to deal with spyware anyways. i suggest using AVG free only if necessary and would never use it in a business environment.

i use mcafee enterprise and it's a great program and much less intrusive than norton in my opinion. the home editions of mcafee and norton are just pieces of crap though. if i was given the choice between those or AVG free, AVG free wins.

i've see norton miss many viruses as well, even with updated def's.

Re:Just get AVG and be done with it (1)

Professor_UNIX (867045) | more than 8 years ago | (#15364866)

Performance is worse compared to what? I've run AVG, Norton Antivirus, and McAfee's Antivirus and AVG blows the doors off the other two. McAfee's used to bog my system down horribly and NAV is even worse. I don't even notice AVG running.

Re:Just get AVG and be done with it (1)

Captain Splendid (673276) | more than 8 years ago | (#15365372)

I'va actually got an interesting story regarding AVG and slowdown. Back before my vidcard flamed out on me, I was doing a little early morning Doom 3 playing before going to work. Given that my system is a 1.8 Ghz Athlon and the RAM (at the time) was 512MB, it was less than perfect, but I'd managed to find a happy compromise between speed and looks. Anyway, about 20 minutes into the game, there was a short, noticeable slowdown which I ignored as it was fairly common. 10 minutes later, when I quit the game, I noticed AVG running its usual morniing scan and laughed.

As for it not handling spyware, that's a feature, not a bug. Some people may find it annoying to have 5 apps for 5 things, but IMO specialization is a good thing here. For your spyware needs, Spybot and Ad-aware work just fine.

Re:Just get AVG and be done with it (2, Interesting)

ceeam (39911) | more than 8 years ago | (#15363622)

One note though - during the time I used AVG it detected exactly _zero_ email viruses of 5 or 6 I got - even when I specifically asked it to scan attachment EXEs. Ok - quite probably other AVs are no better since it is the nature of such viruses to propagate within hours of being released and AV updates take days. Now I just run without any AV. Yes, corporate environment may differ but I just wanted to point it out.

Re:Just get AVG and be done with it (1)

juventasone (517959) | more than 8 years ago | (#15363963)

Read the submitter's question, Norton is not a managed product like they require. Symantec Antivirus is, and it couldn't be less obtrusive.

Re:Just get AVG and be done with it (1)

aaronl (43811) | more than 8 years ago | (#15365028)

The 7.1 version of AVG Network also includes a software firewall. You would qualify for discount pricing, as a non-profit. I just paid around 600$US to get 75 two year licenses, for example.

One month free trial (1)

rishistar (662278) | more than 8 years ago | (#15365035)

You also can trial AVG for a month I believe (even for the corporate edition)

ClamAV/ClamWin (3, Interesting)

LinuxWhore (90833) | more than 8 years ago | (#15363093)

ClamAV might work. THe only downside is that it doesn't yet have a real-time process scanner. If you can keep people from executing what they download before scanning it for viruses, ClamWin [clamwin.com] might do the job. You could manage the virus updates via your logon script, or just use the normal internet update. Plus ClamAV works on your Linux boxen too!

Re:ClamAV/ClamWin (1, Informative)

Anonymous Coward | more than 8 years ago | (#15363577)

winpooch? http://sourceforge.net/projects/winpooch/ [sourceforge.net]

Re:ClamAV/ClamWin (1)

LinuxWhore (90833) | more than 8 years ago | (#15363641)

Excellent! I've been waiting for ClanWin to do this. It's great to see that it's already available! Thanks!

Re:ClamAV/ClamWin (0)

Anonymous Coward | more than 8 years ago | (#15364617)

I hate all the false positives that clamwin gives me. Seems to tag lots of files from my VB6 Pro and VS.NET2003 that no other antivirus program thinks are infected.

F-Prot (3, Informative)

Rydian (29123) | more than 8 years ago | (#15363100)

F-prot from Frisk software. http://www.f-prot.com/ [f-prot.com]

I just checked, and a 60 seat corporate license with full updates would run you $240 a year.

Argggh NO (1)

thelonestranger (915343) | more than 8 years ago | (#15364429)

F-Prot is piss poor. I work for a company that was using it only to find out that it wasn't detecting 50% of viruses and of the remaining 50% that it did find it was unable/refused to remove 30% of them. Absolutly useless.

pay for avg (4, Informative)

sdnoob (917382) | more than 8 years ago | (#15363116)

The biggest features we're looking for are the ability to centrally manage updates (which rules of AVG's free edition)

actually, wouldn't the license agreement rule out AVG FREE edition in your situation?
AVG Free Edition is for private, non-commercial, single-home computer use only. Use of AVG Free Edition within any organization or for commercial purposes is strictly prohibited. (from http://free.grisoft.com/doc/1/ [grisoft.com] )

however, they do have a fairly decent commercial product for the price. look at their network edition http://www.grisoft.com/doc/Networks/lng/us/tpl/tpl 01/ [grisoft.com] only $8.20 per seat, per year, at the 50-74 seat price point. this version includes centrialized management and lan updates. runs on all released windows win95 and up, and i386 linux.

Re:pay for avg (1)

jsse (254124) | more than 8 years ago | (#15363351)

I also vote for AVG not because they offer me a free edition for personal use or their paid products are cheaper, it's simply more powerful.

I don't want to bore you with my personal experience, AVG can really detect virus/adware that Norton ignored, and these are not false-negative detection.

Someone's gotta say it. (0, Troll)

TheCarlMau (850437) | more than 8 years ago | (#15363123)

Your problem is Microsoft. Your solution is Linux.

Re:Someone's gotta say it. (0)

Anonymous Coward | more than 8 years ago | (#15364325)

Mod that sucker up !!!

Uh, use open source? (1)

fak3r (917687) | more than 8 years ago | (#15363139)

Why are you paying for this software if you're a non profit? On, or before your mail server, chain together ClamAV and Bitdefender using Mailscanner or Amasis-new - have a cron updating each of these daily (or hourly if you're a tin foil hat type)

Do you have any specific requirements that would not allow this to work?

Re:Uh, use open source? (1)

uvsc_wolverine (692513) | more than 8 years ago | (#15363391)

Maybe because he needs to protect the clueless users who download stuff off the internet too? Incoming E-Mail is a major source of viruses, but it's not the only source. Users as a group are generally too dumb to not download the latest virus-ridden software from whoknows.com. He needs a network solution and something that can be installed on the users desktops.

Re:Uh, use open source? (1, Informative)

Anonymous Coward | more than 8 years ago | (#15364284)

Regular users should not be able to install whatever software they want (what an admin nightmare for you otherwise! =), so maybe use a Squid proxy to block unwanted EXEs and the like (info here [linux-faqs.com] ). I think there is an AV plugin for Squid too. Of course, there are Windows-based options like MIMESweeper for Web [clearswift.com] . Good luck!

Re:Uh, use open source? (1)

Anonymous Coward | more than 8 years ago | (#15363431)

Why are you paying for this software if you're a non profit? ... chain together ClamAV and Bitdefender using Mailscanner or Amasis-new

Yeah! Really! This solution is so... obvious. Anybody with half a brain would see that this is the clear choice!

(Here's a hint--- drop your pompous additude and people might take you seriously more often)

I'd call AVG... (2, Interesting)

masdog (794316) | more than 8 years ago | (#15363168)

It wouldn't hurt to call up Grisoft and explain that you're a non-profit looking for a good AV solution. You might get a pretty sweet deal if you talk to them.

Re:I'd call AVG... (4, Informative)

From A Far Away Land (930780) | more than 8 years ago | (#15363492)

I know libraries can get a 30% discount, and when you renew you pay only 50% of the inital purchase, which lasts for 2 years instead of only 1. Considering AV is more important at the firewall and email filter than the desktop anyway, it's great to save on the desktop install price with AVG.

AVG Admin will save you time. If you use Windows Desktop Protection in the Shared Computer Toolkit, Grisoft will even send you the script for auto-updates when Windows Updates from your WSUS run.

AVG Free edition is ruled out by the licensing which doesn't cover non-home users pretty much. Even libraries are excluded from using it legally.

Re:I'd call AVG... (1)

gEvil (beta) (945888) | more than 8 years ago | (#15364915)

AVG Free edition is ruled out by the licensing which doesn't cover non-home users pretty much. Even libraries are excluded from using it legally.

I'm glad someone else pointed this out. When I read the summary I sat there thinking, "But the free AVG license doesn't even cover nonprofits..."

AVG (2, Informative)

Conception (212279) | more than 8 years ago | (#15363179)

AVG has a enterprise version that's much cheaper than norton. You should check it out.

Sophos AV (4, Informative)

tulare (244053) | more than 8 years ago | (#15363183)

We just switched to it after battling the behemoths, and it's been a real boon to me. Management console works well, the product has been catching a ton of stuff that Symantec didn't, price was good, and it does a nice job of push installation (even here - we've got Samba domain controllers - it didn't care). I've had good experiences with their phone jockeys also. Downside - simple file sharing has to be turned off on winxp clients, but if you're on AD that's easy enough to fix.

Re:Sophos AV (1)

eztiger (790405) | more than 8 years ago | (#15363916)

Yep I'll second Sophos. Although I have some issues with the management client (mostly usability wise, it gets very cluttered fast and becomes almost useless for a quick at a glance 'is there anything wrong') it really is a setup the central server, install the client and then forget about it kind of deal. You can configure periodic status emails so you can see if anything goes squiffy.

We also use Samba, never got it to auto push out clients (so still requiring a manual install client side) but thats an oddity with our broken samba auth rather than anything else. Other than that, no problems.

And I agree, their support is pretty excellent. That's in addition to the wealth of documentation on the web site.

No idea on the pricing sadly, we have a site license sorted out by our headoffice so we can just install without worry.


Re:Sophos AV (1)

phoenix_V (16542) | more than 8 years ago | (#15364582)

Agreed, thier mgmt. console could use some work to make "At a glance" use easier, but we had great results with Sophos in a mixed win/*nix enviroment. I did not however see the problems with pushing to clients even with a totaly broken setup (two smb domains, one a screwed up AD, the other an improperly trusted by the AD doman samba controled domain, don't ask...) It "just worked" (TM)

Re:Sophos AV (1)

mrhuman (70568) | more than 8 years ago | (#15364867)

Do NOT choose Sophos AV. It is terrible and expensive.

Here are some specifics:

* The Windows client generates extra log information. Each
    workstation event log should be set to a 1024KB maximum and to
    overwrite as needed.
* Failed messages queue indefinately. I've seen 500MB+ processes.

* The Mac client is unable to communicate with the server
    (Enterprise Console) while the firewall is on. The Mac clients
    initiate communication with the server with a round
    non-privileged source port. For whatever reason/error/bug the
    firewall prevents the server from responding to the same
    non-privileged port
* The Mac client logs all authentication information to a
    world-readable plain-text log file.

* The Enterprise Console is unable to deal with packet loss (see
    above). This has to be mitigated by a scheduled script that
    deletes the msg envelopes every X hours.
* Communication requires each client to have a FQDN

Re:Sophos AV (0)

Anonymous Coward | more than 8 years ago | (#15365160)

Which version of Sophos are you using ? I'm pretty sure the ones we are using (5.2.1 and 4.x) don't do this. Admittedly, 5.0 was pretty useless: Dog slow, unstable, causing loads of system trouble. The older ones (which are still supported until February 07 are very good, lightweight and stable.

Don't get TrendMicro OfficeScan (2, Informative)

scdeimos (632778) | more than 8 years ago | (#15363185)

Although it has great corporate management capabilities, like a centralized program/dictionary update server and permissions on settings (so end users can't stop/break it), it's better than your average ghoul at sucking the life out of your desktop computers.

Re:Don't get TrendMicro OfficeScan (0)

Anonymous Coward | more than 8 years ago | (#15363904)

Actually, Trendmicro newest versions are one of the lighter products regarding resource consumption.

The Real Time process scanner itself only checks the files as they are accessed (such as to avoid pre-scanning a whole compressed file as sson as you open it) and it's quite fast.

I provide support for small and micro businesses in Portugal and I fully recommend Trendmicro since licensing is quite cheap, and for the Small Business editions, the price is very attractive.

Considering the product does Server, Desktop/Laptop, and PDA Scanning, it's quite a bargain. You can get all your devices protected.

I would certainly call Norton or Mcaffee resource hogs, not Trendmicro. Older versions were so. Newer versions have evolved.

Norton doesn't realize that their tought that "It doesn't mind how much performance is sacrificed if we get the job done" isn't pulling it anymore.

Best Regards.

Re:Don't get TrendMicro OfficeScan (3, Interesting)

giorgiofr (887762) | more than 8 years ago | (#15364366)

Uhm yeah it took me all of two minutes to disable it on my box at work, even though it was locked down. The fact that TrendMicro put a backdoor (a default password for when you forget the real one) in it helped quite a bit.

Get Sophos (2, Informative)

a.koepke (688359) | more than 8 years ago | (#15363197)

I would invest in Sophos Antivirus. I am using it in our office and the program is great. Install the enterprise manager on the server and it will automatically download new versions when available and all the desktops will then download them from there.

Setup MailMonitor on a Linux box for incoming email scanning and you will end up with a solid AV solution.

Two words.... (0)

Anonymous Coward | more than 8 years ago | (#15363211)

trend micro. We used it at my high school on about 300 PCs. It worked flawlessly and everything was so easy to manage remotely.

Symantec Antivirus Corporate is Better than Norton (1)

raitchison (734047) | more than 8 years ago | (#15363230)

I've had pretty good luck with SAV, it doesn't have the same problems that Norton (the consumer product) does. Both resource utilization hasn't been an issue even on our sloweest Celeron 500 running XP and it keeps getting AV updates perpetually.

Cost will still be an issue though.

SAV is great (0)

Anonymous Coward | more than 8 years ago | (#15363662)

Corporate SAV is great after you get it running.

You'll have to twist a few arms to get there if you have systems with an Intel chipset that is less than two years old because the patch that corrects the startup CPU utilization killer is still classified as beta. I recommend searching for the issue on Google and asking for the patch by name or they'll deny you need it. Oh...and you'll have to really dig for it on Google because Symantec pulled that page about a year ago. Google cache is very useful.

And the client update is great but it doesn't always work and it's been a problem since at least 7.x. The work-around--version specific uninstall program--doesn't always take care of the problem and, for that, Symantec recommends a manual uninstall. I can assure you, though, that I've never seen a manual uninstall work where the uninstall program didn't. If doing a system reinstall isn't to your liking--it's a pain but it does solve the problem--then the best solution is to uninstall and do a local install over and over and over again until it works. I'd estimate a random 5% of the systems on my network experience upgrade issues every time there is a new SAV update.

Oh...and it's best to pray to your god that Symantec doesn't screw up their DNS or servers because they've done it twice in the past three years. I know you're probably thinking that managed clients should only talk to the host server--that's what I thought, too--but nope.

Oh...and don't think about skipping upgrades. When Symantec abandons an older version by turfing a server(see previous paragraph) then you are screwed.

Other than that...it's all good.

Bitdefender (1)

youknowmewell (754551) | more than 8 years ago | (#15363268)

I only use ClamAV at home, but if I was compelled to buy some anti-virus software, Bitdefender is the software I would get. http://www.pcmag.com/article2/0,1895,1850851,00.as p [pcmag.com] shows how it detected 6 viruses, without signatures. For home use it is cheap, and for corporate use it seems to have reasonable prices as well.

PCCillin (1)

whereiseljefe (753425) | more than 8 years ago | (#15363308)

I don't know much about enterprise AV, however a friend of mine is the IT manager for a decent sized food packing plant and I know he runs the corporate PCCillin (from TrendMicro [trendmicro.com] ) and raves about it.

I use their personal edition and have been very happy about it (doesn't feel nearly as bloated as symantec and mcafee will often feel). However this is all based on feel... I don't have any benchmarks or evidence for you...

Trend Micro (1)

Kobun (668169) | more than 8 years ago | (#15363309)

I would highly suggest you try out Trend Micro. Centrally managed scans and updates, installs across a web-browser, and it works. They sell by block, so if you need 60 licenses you get each license for cheaper than if you needed 50 or less. It also keeps a good watch on spyware.

http://www.cdw.com/shop/products/default.aspx?EDC= 639856 [cdw.com]

Trend used to be good (1)

blueZ3 (744446) | more than 8 years ago | (#15363376)

But they lost their focus. The AV definition files are pushing 15MB, the new spyware tool isn't great, and their anti-spam offering is terrible.

Try AVG.

AVAST! (3, Interesting)

Verteiron (224042) | more than 8 years ago | (#15363313)

Try Avast Antivirus. It's got a far more powerful and configurable network manager than Symantec's, costs about half as much (for 3 years!), and updates MUCH more frequently, using smaller updates. It also automatically uses a local mirroring system so that your clients don't hog the bandwidth trying to get updates from the internet. The client has a smaller memory footprint than Symantec's client.

The best part is you can download it and run it completely unrestricted for 60 days to see if it works for you.

Re:AVAST! (1)

ghost of perception (974605) | more than 8 years ago | (#15363415)

I think Avast! is a good scanner - I started using it on all of my computers after I dumping Norton Internet Security 2005 ealier in the year.

Re:AVAST! (1)

Alien54 (180860) | more than 8 years ago | (#15363424)

Avast also has many other versions, such as a linux edition, among others:

  • avast! 4 Professional Edition Download
  • avast! 4 Home Edition FREE Download
  • avast! Linux Home Edition FREE Download
  • avast! U3 Edition Download
  • ADNM Download (includes the avast! Managed Client)
  • avast! 4 Server Edition Download
  • avast! 4 SBS Edition Download
  • avast! 4 for Linux Server Download
  • avast! BART CD Download
  • avast! for Kerio Download
  • avast! PDA Edition Download

The home edition is free, you merely have them send you a new free license number each year. Another neat feature of the Windows version is the ability to scan the drive on rebooting the system (in the space where chkdsk usually happens) This is very nice. No one else offers this feature, as far as I know.

Re:AVAST! (2, Informative)

Mistshadow2k4 (748958) | more than 8 years ago | (#15363578)

I agree. I recommended AVG for years to my customers, but decided to give Avast! a try on a customer's infected PC after AVG. Avast! found a virus AVG didn't and uses 15%-20% less memory.

But I also recommend winpatrol [winpatrol.com] . Not an AV program, it blocks out most malware, including some of the nastier stuff that can stealth-download itself into a Windows computer as long as the user is online. It only uses about 4 mb of memory to run in the background -- but I have no idea how much an enterprise solution would cost, as the regular version is free to home users. WinPatrol Plus costs $29.95 normally, so if there is no enterprise version, I guess it would depend on how many computers you need to isntall it on.

I agree, Avast! is excellent (0)

Anonymous Coward | more than 8 years ago | (#15364585)

Absolutely great AV. It consistently cleans up after the competitors on my clients' computers. I've set up a church network with it, and it was completely free. The minimum requirement of a 486DX should give an idea how little resources it uses.

I used to recommend Norton, then recommended McAfee. Obviously, I recommend Avast! now.

-Benjamin Vander Jagt

Linux (1, Insightful)

MarkByers (770551) | more than 8 years ago | (#15363404)

Use Linux and be done with it. No need for AV software.

Re:Linux (2, Insightful)

TheRealDamion (209415) | more than 8 years ago | (#15364132)

Although this is marked troll, and possibly was meant as one. The original article does mention having switched to firefox, thunderbird and OOo. So frankly I fail to see why it wouldn't be quite an easy step. It would probably provide faster and certainly cheaper desktops. Ignore the "is it ready for the desktop" waffle we've seen on /. for years, this is a place where there is a support staff, so users just need to use their desktops for work and the hard stuff is done by the admin.

Re:Linux (1)

MarkByers (770551) | more than 8 years ago | (#15364469)

This is slashdot though. You get modded down for going against the brainthink and suggested a perfectly reasonable alternative.

Sophos SBE (1)

bill_mcgonigle (4333) | more than 8 years ago | (#15363453)

What's a "reasonable" price? Sophos Small Business is a good product, and less than $50 a head. That's reasonable for not having the machines get eaten alive by viruses - but if you're a non-profit I'm disappointed you're paying all that money to Microsoft in license fees instead of putting it into your core mission. Go Linux and the price will be very "reasonable". Anti-everything software is just part of the cost of running a Windows shop. Microsoft also specifies server-based imaging software now as essential, so add that in too.

Kaspersky Anti-Virus (1)

The Rizz (1319) | more than 8 years ago | (#15363517)

Kaspersky has good multi-year and multi-PC discounts, and central-administration options. It also does a MUCH better job than Norton or (God-forbid) McAfee do.

Hit their website [kaspersky.com] and you can even get a 1-month demo [kaspersky.com] from them to see if it'll work for you.

Don't discount McAfee (1)

toadlife (301863) | more than 8 years ago | (#15363555)

McAfee with EPO server to manage deployment and updates works very well. It might be overkill for a small place such as yours, but if you want to maintain a 'tight shop', EPO is a good fit. Besides updating clients, it also collects data on any infections, and the clients with the "rougue system sensor*" installed can notify you of clients on the network who don't have AV installed or don't have the "Epo agent*" (the client part) installed.

*Note to open Source software makers - this is a good example how to name your wares. Names like "Rogue System Sensor", though sensationalistic and irrelevant in themselves, sound better than names like "GIMP".

I assume by McAfee hvaing a "black eye", you meant the recent definition fiasco. We were not affected by it. We've been with McAfee since 3.x and have never been compelled to switch to anytyhing else. McAfee has always has good business support - for example, starting way back with 4.x, their installer has been msi based and has fully supported being deployed via AD group policies.

Ok, enough pimping McAfee. I sound like a f--ing salemans here.

Some others are recommending Avast. I really like Avast and use it at home, but when the time came to renew our McAfee license, I went out and priced Avast's Enterprise solution and it was actually more expensive than McAfee for the number of license we needed. Maybe their pricing is better now, or better for smaller number of clients.

Don't get McAfee (1)

TheLink (130905) | more than 8 years ago | (#15363731)

I wasn't affected by McAfee either, but I sure won't recommend McAfee to anyone.

The fact is that McAfee allowed that to happen. For something like that to pass their internal (nonexistent?) testing procedures means their processes are really _crap_.

Sure most companies have crap processes, but when it comes to mass deletion of files crap, it's time to walk away and not look back (unless you're going to sue them).

A few other AV companies also have had similar problems: Sophos had a false positive for Mac OSX system files and seems Trend was quarantining all emails containing the letter P at one point ;).

And Norton is pretty crap too: the email scanner used to crash pretty often - to me crashing indicates poor quality software - probably has buffer overflows etc. Such problems are not acceptable in AV software since they usually run with higher privileges.

I installed AVG for a few of my relatives because its free, and I don't see it as being much worse than McAfee or Norton (heck seems a lot less of a resource hog than those two). It's not that great, but oh well... If you are going to get crap, its better not to have to pay for it AND not get any compensation when they screw up.

Re:Don't discount McAfee (1)

lukas84 (912874) | more than 8 years ago | (#15363915)

McAfee also offers an SMB Edition with a Perpetual License and 2 years of support for around 1000CHF. This does include a downsized version of ePO-Server called "ProtectionPilot". It's a lot more flashy graphics than ePO, but works equally well (or not). Not a huge fan of McAfee, but their product seem to suck less than the others.

Symantec, unfortunately (1)

rduke15 (721841) | more than 8 years ago | (#15363602)

Last year, I replaced an old NT4 server with Linux in a small business with around 20 XP clients. I hoped to find a Linux solution to manage antivirus and replace the very expensive Symantec Enterprise licenses, but I didn't.

I do have ClamAV scanning incoming emails, but it is still necessary to have a local AV on the machines. I don't like Symantec and find it too expensive, but I must say it really works. So I did a fresh minimal install of Win2K on the old server box, and setup Symantec Enterprise on that. You can install the AV on the clients from the server, and it keeps them updated.

The licenses were just renewed, because I still have not found something else.

The problem is that, to manage the clients, the server needs to be Windows. Samba does not offer remote registry access to the clients, and it's RPC capabilities are not sufficiently developed for such tasks.

But you seem to have a Windows AD server anyway, so I would say go with Symantec. (And either find an acceptable deal with Symantec, or cheat a little on the number of licenses: the server doesn't seem to mind if there are a few more clients).

An alternative would of course be to switch all machines to Linux and/or Mac, but ...

Why do you need "a local AV"? (1)

SanityInAnarchy (655584) | more than 8 years ago | (#15363717)

No, really, why?

If you are letting users download random EXEs off the Internet and running them... ugh. Well, you could always set up a proxy to run them through ClamAV...

Personally, I use ClamWin on my Windows desktop, and I scan maybe once or twice a year. Other than that, I just keep things sane -- no random downloads of EXEs, no running EXEs from email attachments...

And how do you know it really works? Maybe Symantec just "finds" something now and then in order to keep you scared...

Re:Why do you need "a local AV"? (1)

rduke15 (721841) | more than 8 years ago | (#15363859)

Why do you need "a local AV"?

Because people insert random CDs and USB keys, and they check their personal email through webmail, etc. (and someone infected his brand new laptop on which the AV was not installed yet, with an exe in a password protected zip, which he got from his private webmail acount! Yes, they do that sort of thing. At least once)

I don't scan my own machine regularly either, and also just "keep things sane" and occasionally scan a virus out of curiosity to see what it is.

You obviously don't have much of a clue about managing random business users.

Kaspersky (1)

neomage86 (690331) | more than 8 years ago | (#15363605)

Relatively few people have heard of them, but it is by far the best antivirus software I've ever used (and most reviews agree).

Uses even fewer resources than AVG (they claim to work with Pentium Is, but I've never used with anything lower than a 500 MHz P3), and far better at actually stopping viruses.

Their info can be found here: http://www.kaspersky.com/kav6 [kaspersky.com]

Re:Kaspersky (0)

Anonymous Coward | more than 8 years ago | (#15363690)

I'm not sure if I could buy software from a company that thinks its software is proactively reactive. I mean WTF. Which is it? Reactive or proactive.

This from their downloads page:
"Kaspersky Lab reacts proactively to all new threats"

Perhaps they are selling viral anti-virus software.

Re:Kaspersky (1)

Abstract (12510) | more than 8 years ago | (#15363978)

I've had a lot of trouble managing 100 workstations from the KAV management interface.
Maybe it was something I did wrong, something in my pc images, or something else, but be sure to have a good relationship with their support desk.

Trend Micro (1)

Corbets (169101) | more than 8 years ago | (#15363686)

I'm a really big fan of Trend Micro ever since installing it a year and a half ago at a small business I consulted with. Their CSM solution covers all the bases for a small company (includes a very effective spam blocker at the Exchange level), their web-based management interface is great, updates are quick and painless, and remote managment is a breeze.

Before that I'd used Norton's solution, and while it worked, I never want to go back. In that version (7-something, I think, maybe 8) it was a real pain to try to configure central updates to save bandwidth (less of an issue now, admittedly).

Short version: give Trend Micro a try. I think they have demo licenses available.

Is antivirus still relevant? (0, Flamebait)

SanityInAnarchy (655584) | more than 8 years ago | (#15363736)

I just want to know. If you're using recent Firefox/Thunderbird/OpenOffice, then how would a virus even get onto your machine?

ClamWin [clamwin.com] may be all the AntiVirus you need, if you need any at all. You're already scanning incoming email, after all...

Nevermind. I use Linux, I obviously will never fully get the stupidities of Windows Malware Control.

Re:Is antivirus still relevant? (0)

Anonymous Coward | more than 8 years ago | (#15364365)

Go back to your cave, troll.

Remind all the employees... (0)

Anonymous Coward | more than 8 years ago | (#15363764)

...that no one loves them, so there's no need to click that file.

ClamAV is quite good - but there are tricks (2, Insightful)

inflex (123318) | more than 8 years ago | (#15363827)

As with most solutions to these situations you may find yourself needing a -mix-.

Personally, I use ClamAV on the mailserver (incombination with Xamime - http://xamime.com/ [xamime.com] works well and keeps a majority of the things out.

However, you really need an orthagonal approach too, that includes banning things that aren't meant to be coming into your network in the first place, as well has having perhaps a different branded AV agent on the client machines.

Getting rid of (if possible) the vectors used by the viruses on the workstations helps a lot too. ActiveX, Macros (okay, not many people can live without those in office I suppose).

Re:ClamAV is quite good - but there are tricks (1)

WuphonsReach (684551) | more than 8 years ago | (#15365313)

However, you really need an orthagonal approach too, that includes banning things that aren't meant to be coming into your network in the first place, as well has having perhaps a different branded AV agent on the client machines.

Definitely. While not sure-fire (webmail is a big hole) our mailserver simply rejects messages with common virus-laden file extensions. Here's our list from postfix's filtering:

#block unsafe attachments
ocx|pif|scr|shb|shm|shs|vb|vbe|vbs|vbx|vxd|wsf|wsh )
/ REJECT Sorry, we do not accept .${3} file types.

It doesn't protect against the ones inside of ZIP files, but it kills off a decent percentage of the mail-bourne worms.

AVG's Pro Edition (1)

SleepyHappyDoc (813919) | more than 8 years ago | (#15363855)

The full not-free AVG has all the features you need, and they have a generous discount for nonprofits, and are generally nice and flexible. Sure, it's not free, but it's not as expensive as you might think.

F-Prot (2, Interesting)

Bob Cat - NYMPHS (313647) | more than 8 years ago | (#15363910)

http://www.f-prot.com/ [f-prot.com]

$5 per PC/yr, less in volume. At >100 it goes down to $2/yr.

A bit of a clunky interface, but the users will never have to bother with it. Set it to auto-update from a server (which updates from f-prot), tell it to mail you when a virus hits the real-time scanner. Simple, cheap, fast, and effective. The updater and real-time scanner take less than 1MB memory.

Try the free trial, keep the (free) DOS scanner on a bootable CD with your tools, even if you don't buy the GUI version.

Boot From CD (1)

DrSkwid (118965) | more than 8 years ago | (#15363998)


Norman for non-profits (0)

Anonymous Coward | more than 8 years ago | (#15364070)

I work for a charity and we use http://www.norman.com/ [norman.com] .

We have about a dozen offices around the UK and this does everything we need. It is running on Win98, Win2k and WinXP and on our servers which run SUSE.

It has proven itself time and again and it's ridiculously cheap for a three year licence.

There is no centralised console - but why do you need one when it does everything you need automatically ?

Software Restriction Policies (1)

hweimer (709734) | more than 8 years ago | (#15364233)

Don't rely on a virus scanner since they are usually bloated and there is no guarantee they catch the latest malware. Windows provides a mechanism called Software Restriction Policies [microsoft.com] that allows you to prevent the execution of unknown programs. Might be a bit difficult to configure but eliminates the possibility of running a virus or other malware.

Re:Software Restriction Policies (1)

C_Kode (102755) | more than 8 years ago | (#15365239)

Thats like saying, don't use a firewall if you have NAT...

Anti-virus is not something you just decide something else will take care of. It's a necessity in any environment that your systems are required for everyday business. Even if you arn't running Windows.

Norman is pretty good. (1)

jonnythan (79727) | more than 8 years ago | (#15364448)

Norman is pretty decent. It's good at being quiet and sitting in the background without bothering the user. The central managing service is also quite good. The main server distributes updates via the LAN so clients don't have to hit the net for updates. It's pretty easy to set up multiple configuration and scheduling groups. Even installing and uninstalling clients from the main server is easy as pie.

I suggest you take a look at it. I have no idea how much it costs, but it "just works" pretty well.

Maybe I didn't drill down... (1)

Jharish (101858) | more than 8 years ago | (#15364487)

...but many of the smaller and some of the larger organizations have a program for donating software to non-profit organizations. I don't have the details on me, but about four years ago, I helped a non-profit law firm get either 100% free donations from companies like Symantec, or nearly free.

So before suggesting features, he did ask in his post about price and I think he was hoping someone would have a free workgroup level AV program, but I think he should actually ask if any of the major and maybe even minor AV companies donate software to NPOs.

Symantec Corporate (1)

Milosch1 (969372) | more than 8 years ago | (#15364605)

The management console is the best and most useful I have seen. We have used it all of our clients for the last 4-5 years. Version 10.X also now includes spyware protection. Unfortunately, Techsoup does not carry it from what I understand.

CA Antivirus (0)

Anonymous Coward | more than 8 years ago | (#15364719)

As an employee of CA I am financially obligated to point out that we want you to buy our AV software. Pretty please.

Check out Panda AV (1)

evdp (761639) | more than 8 years ago | (#15364801)

I really like the 'admin secure' package, it's what I use in my small 40 seat shop. The central administration part is nice, fully supports AD and can install itself via group policy. It take updates to the admin server and pushes them out from there. It's install packages are great, has a POP3 proxy and can tie right into outlook. It has windows xp, windows server, exchange, lotus, and linux versions... All in all a great package.

It seems to be very easy on a machines resources, and is very unobtrusive (other than the cute little panda guy there even befor login, you hardly know it's running).

Check it out. http://www.pandasoftware.com/ [pandasoftware.com]

BitDefender, comparison link (2, Informative)

mrhuman (70568) | more than 8 years ago | (#15364932)

I haven't seen any BitDefener recommendations yet. I will be considering it along with Kaspersky, F-Secure and NOD32.

http://www.bitdefender.com/ [bitdefender.com]

The New Virus Fighters: Our Antivirus Picks
http://www.pcworld.com/reviews/article/0,aid,12416 3,pg,3,00.asp [pcworld.com]

Kaspersky all the way (1)

DamienMcKenna (181101) | more than 8 years ago | (#15365186)

Kaspersky's latest software is great, I've been testing them for several months. They're also the highest rated virus checker on virus.gr, if you want some independent validation. They have a corporate edition called Kaspersky Antivirus for Workstations that has a centralized control panel for managing all of the installations on the network. Talk to them about the fact that you are a not-for-profit organization and see if they'll give you a discount.


Just stay away from Symantec (1)

facehugger666 (446459) | more than 8 years ago | (#15365669)

Just awful, awful stuff. Wanna pay for support? Wanna have your workstation grind to a halt? Wanna have excesive licensing? Then Symantec is your answer!

I live and die by AVG and have been a loyal customer for 4 years on a 20 workstation environment. I have the network edition which runs from the server and also includes licenses for the workstations. Get it and your homework is done.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?