I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the "main" server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response.
>>> "David Mazzaccaro" <david.mazzacc...@hudsonhhc.com> 2/25/2010 12:34 PM >>> Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise..... ( http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27&threadid=1155&highlight_key=y ) ~~~~~~~~~~~~~/SNIP/~~~~~~~~~~~~~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27&threadid=1155&highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt ------------------------- Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~~~~~~~~~~~~~/SNIP/~~~~~~~~~~~~~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27&threadid=2378&highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those updates come from the internet. Currently there is not an option to have the remote update servers pull their definitions from a central policy server, but it has been requested as a feature. ------------------------- Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~~~~~~~~~~~~~/SNIP/~~~~~~~~~~~~~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27&threadid=1626&highlight_key=y I did check into this, and we have a feature request on the backlog to add this functionality. I do not have an ETA on that addition though. ------------------------- Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~~~~~~~~~~~~~/SNIP/~~~~~~~~~~~~~~ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 12:20 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 >>> "David Mazzaccaro" <david.mazzacc...@hudsonhhc.com> 2/25/2010 11:58 AM >>> We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: "If you instruct your remote update server to update from Sunbelt, that seems odd" Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall scan policy was really slowing down updates. Yes, you really must get a remote update server at each site. Just make it a PC, no server necessary. Then only one will update across your VPN/frame relay. If you instruct your remote update server to update from Sunbelt, that seems odd, since it would still have to traverse the VPN to get to HQ, then to the Internet. Is your main Console server overloaded that it cannot handle the remote update requests? Just trying to understand. >>> "David Mazzaccaro" <david.mazzacc...@hudsonhhc.com> 2/25/2010 11:15 AM >>> Well, here's my situation: Let's start w/ my main location (location A). Location A is our corporate headquarters. It is our only location that has an internet connection. We have 9 other smaller remote offices (location B, C, D, etc). Each remote site has a T1 line connecting them to our provider's VPN cloud and back to our corporate office. These offices have circuits ranging from 512k - full 1.5M depending on their size. Vipre's updates (and method of deploying these updates) is simply put... a nightmare. Everyday, and sometimes twice a day, sunbelt releases MASSIVE definition updates. So in order to stay up-to-date, I have to drag hundreds of MB across my 512k lines (daily). Originally, the Vipre server at location A downloads the updates every 4 hours (the most frequent setting). Based on policies on the server at location A, updates are pushed out to the remote offices. Even if I configure "bandwidth throttling", all this does is slow down the amount of time the updates will take to reach the remote users. Often, by the time one update is finished, another one has been released. This setup has caused major network congestion, so I attempted to deploy a remote vipre update server on one of my desktops at a remote site. This remote update server at location B is configured to download updates from sunbelt directly. This is the only way a remote server can update itself. I assumed that it would be able to pull updates from my main server in location A, but I am being told that it has to go out to the internet to get its updates. So I thought one PC downloading an update over the circuit is better than a dozen. However, here is the problem with this arrangement: The remote update server can't be configured to throttle its own updates, so I am still stuck pulling down 100+ MB updates over a 512k line with no control over the bandwidth. Also, the remote update server (just like the agents) can only be configure to get updates every x hours (not at a specified time of day). And… when the Vipre service restarts (due to reboot, MS update, maintenance, power outage, whatever)… the timer starts from that point. I will say that it IS getting better, and version 4 is promising to fix this (and several other) issues. The Vipre Enterprise forum on the Sunbelt website is a great place to keep up w/ info: http://supportforums.sunbeltsoftware.com/ HTH From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, February 25, 2010 10:58 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I’m right in the middle of evaluating McAfee replacements here, so keep this type info coming, please! Also, if anyone has info (good/bad) about any vendor’s solution, please post up. Feel free to contact me offline, if you feel that’s necessary. Thx! Don Guyer Systems Engineer - Information Services Prudential, Fox & Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, February 25, 2010 10:35 AM To: NT System Admin Issues Subject: Re: VIPRE versus Trend I've had a completely different experience with Vipre Enterprise Steve. We have had some issues with Vipre bpam service using up non-paged pool memory, causing the server to become unresponsive, this happened on a very small subset of servers, but a very significant subset, namely database servers with Oracle on them. In working with Vipre support we completely disabled quick scans, and deep scans, only using active protection on the policy group for database servers. We also made some changes in memory management on the servers per some MS KB articles that we researched and that Vipre support directed us to. We haven't had any issues with this in 2-3 months. I've not ever used Trend, only McAfee and Vipre. Vipre management console is great, easy and intuitive compared to McAfee's ePO. Vipre has caught more stuff than we ever thought possible since we've implemented it, including some password cracker applications on workstations that shouldn't have those kind of things...... I've got Vipre installed on 650 nodes, and am having to up my license count because we're out of licenses. On Wed, Feb 24, 2010 at 3:42 PM, Steve Kelsay <kels...@sctax.org> wrote: I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We’re looking to move away from McAfee. Right now we’re considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians & Associates, PA jra...@eaglemds.com www.eaglemds.com Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. -- Sherry Abercrombie "Any sufficiently advanced technology is indistinguishable from magic." Arthur C. Clarke . Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. . Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. . Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
