I have been happy with LANDesk AV which uses the Kaspersky engine. > Date: Tue, 11 May 2010 14:14:48 -0500 > From: [email protected] > To: [email protected] > Subject: Re: [Pauldotcom] Corporate AV suggestions > > Thanks for all of the replies. If anyone else has info, feel free to share. > > On Tue, May 11, 2010 at 1:45 PM, Pommerening, Jeremy > <[email protected]> wrote: > > I was having an issue with Sophos not catching Fake-AV too until I turned > > on HIPS. I'm catching most of it now with HIPS. Environment is approx > > 1000 nodes. I will agree that the online database is slim but I'm much > > happier than when we used Symantec EP. As a bonus Sophos includes a lot of > > functionality at no extra cost with Data Control (DLP) and Device Control. > > > > > > > > > > > > Jeremy Pommerening > > MGR, Information Security > > Symbion, Inc. > > 615-234-8912 Direct > > 615-429-6883 BB > > > > GIAC - GCFA,GPEN, GAWN & GCFW, > > GIAC Advisory Board Member > > MCSE Win2K, MCSE NT4, > > CompTia SERVER+, HP APS > > > > > > > > -----Original Message----- > > From: [email protected] > > [mailto:[email protected]] On Behalf Of Josh Little > > Sent: Tuesday, May 11, 2010 12:15 PM > > To: [email protected] > > Subject: Re: [Pauldotcom] Corporate AV suggestions > > > > I'm on the fence regarding our Sophos EP distribution. I have a feeling > > that it is a little less resource intensive on the clients than the > > Symantec 10 system we replaced, but not by a whole lot. Logging and > > reporting isn't that strong, especially if you are looking at offloading > > events to a SIM or centralized log collector. Their online database of > > threats is very slim on information, especially when compared with > > Symantec's offering at http://www.sarc.com . It also doesn't deal very > > well with fast morphing threats like the rash of fake security products > > that have blown up in the last year. Almost all of the incidents I > > respond to are fake AV crap. The management console is still fairly > > nice, beyond being weak with reporting. One strong point is deployment - > > it was very easy to deploy out using SMS. > > > > Hope that helps... > > > > ZT > > > > On 5/11/2010 9:42 AM, Pommerening, Jeremy wrote: > >> I've been very pleased with Sophos Endpoint protection both from a pricing > >> perspective and support perspective. > >> > >> Jeremy Pommerening > >> MGR, Information Security > >> Symbion, Inc. > >> 615-234-8912 Direct > >> 615-429-6883 BB > >> > >> GIAC - GCFA,GPEN, GAWN & GCFW, > >> GIAC Advisory Board Member > >> MCSE Win2K, MCSE NT4, > >> CompTia SERVER+, HP APS > >> > >> > >> -----Original Message----- > >> From: [email protected] > >> [mailto:[email protected]] On Behalf Of xgermx > >> Sent: Tuesday, May 11, 2010 8:33 AM > >> To: PaulDotCom Security Weekly Mailing List > >> Subject: [Pauldotcom] Corporate AV suggestions > >> > >> So, it's license renewal time for our A/V and I'm open for > >> suggestions/recommendations/horror stories. (I'll be covering roughly > >> 500 Windows based machines). > >> _______________________________________________ > >> Pauldotcom mailing list > >> [email protected] > >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > >> Main Web Site: http://pauldotcom.com > >> > >> > >> Disclaimer: The email and files transmitted with it are confidential and > >> are intended solely for the use of the individual or entity to whom they > >> are addressed. If you are not the original recipient or the person > >> responsible for the delivering the email to the intended recipient, be > >> advised that you have received this email in error, and that any use, > >> dissemination, forwarding, printing or copying of this email is strictly > >> prohibited. If you received this email in error, please delete it from > >> your system without copying it, and notify the sender by reply email so > >> that our address record can be corrected. Thank you. Symbion, Inc. > >> > >> > >> _______________________________________________ > >> Pauldotcom mailing list > >> [email protected] > >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > >> Main Web Site: http://pauldotcom.com > >> > > > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > > > > > Disclaimer: The email and files transmitted with it are confidential and > > are intended solely for the use of the individual or entity to whom they > > are addressed. If you are not the original recipient or the person > > responsible for the delivering the email to the intended recipient, be > > advised that you have received this email in error, and that any use, > > dissemination, forwarding, printing or copying of this email is strictly > > prohibited. If you received this email in error, please delete it from > > your system without copying it, and notify the sender by reply email so > > that our address record can be corrected. Thank you. Symbion, Inc. > > > > > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
