Really (to the NetBIOS thing)? We've been with Symantec for ages, I don't recall that as a requirement with at least SAV 10. We're now at SEP, it... well, it works.
Unlike somebody else's report, I don't find that it catches everything I expect it to - they don't roll signatures out to SEP as quickly as they do the consumer product. (To reduce false positives in large environments.) That said, it generally works well, and with modern machines they don't seem to suck down the host as much as previous versions have. I even run it in a VM and it's not really noticeable, except when it's nagging me about my own Nessus scans. :) Manageability is one of the biggest reasons we went with it - the tools are good for our environment. We have about several thousand (maybe 7k?) deployed clients, a non-trivial number of which are unmanaged machines, and generally that side is trouble-free. All that said, if you're a corporate customer, submitting samples of malware that the product you've paid non-trivial sums of money for has flat-out missed is more difficult than it needs to be. Short version: I finally gave up after a couple hours chasing people around and waiting a few days on responses. More aggravating was SEP happily let the malware jump from the system I was doing forensics on to my USB key - score, saved me the trouble of copying it myself - but deleted my forensics tools right off the same key. Thanks. No, really. We've had some trouble with our management console, but I'm not involved directly in that and so I'm not sure what the issue is, exactly - but it did take one of our Windows guys the better part of a week to sort out. Teething issues, I suppose, and you'll get that with anything. I've not yet given up on AV and even if I had, our auditors insist. "We get malware infections all the time despite AV" is apparently not an acceptable response to "What if you get malware AV would have caught?" It does catch a lot though - I'm just not sure if the cost of false negatives + management issues + intangibles < cost of reimaging client machines more often. Mike On 10-05-11 10:28 AM, James Costello wrote: > I've used both Trend and Symantec. Symantec requires (or at least they did > 2 years ago) a NetBIOS name for the update server that any of the clients > can resolve. Trend has been Ok, we've had a few update related issues that > have required rebooting client systems to get working again. I have found > the Trend reports a bit more informative than Symantec. > I'd love to hear others experience > > On Tue, May 11, 2010 at 8:32 AM, xgermx <[email protected]> wrote: > >> So, it's license renewal time for our A/V and I'm open for >> suggestions/recommendations/horror stories. (I'll be covering roughly >> 500 Windows based machines). >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
