subject:"\"Corporate antivirus recommendation \\\- for external laptops\""

RE: Corporate antivirus recommendation - for external laptops

2008-08-27 Thread Ralph Smith

 

VIPRE has separate settings for the policy\reporting server and the
update server.

 

--

 

 

My bet is like most products if you do not update from the monitoring
server you don't get the monitoring statistics.

 

Jon

 

 



From: Jon Harris [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, August 27, 2008 9:14 AM
To: NT System Admin Issues
Subject: Re: Corporate antivirus recommendation - for external laptops

 

 

 

Confidentiality Notice: 

--



This communication, including any attachments, may contain confidential 
information and is intended only for the individual or entity to whom it is 
addressed. Any review, dissemination, or copying of this communication by 
anyone other than the intended recipient is strictly prohibited. If you are not 
the intended recipient, please contact the sender by reply email, delete and 
destroy all copies of the original message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Corporate antivirus recommendation - for external laptops

2008-08-27 Thread Jon Harris

My bet is like most products if you do not update from the monitoring server
you don't get the monitoring statistics.

Jon

On Wed, Aug 27, 2008 at 8:52 AM, Ralph Smith <[EMAIL PROTECTED]>wrote:

>
> Stu,
>
> I am curios why the recommendation is to set the update server to be
> primarily the internal VIPRE, especially for the first definition
> updates.
>
> On our broadband connection we only get 384K upload speeds, and that
> first definition update after installing is quite large, isn't it?
>
> Is there any real reason the laptops shouldn't get their definition
> updates directly from Sunbelt as a first choice?
>
> Ralph
>
>
>
> -Original Message-
> From: Stu Sjouwerman [mailto:[EMAIL PROTECTED]
>  Sent: Tuesday, August 26, 2008 5:33 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
>
> OK, here is the answer from Product Management on this topic. It can be
> done and here is how:
>
> In order to enable VIPRE agents on a computer connected to the Internet
> without VPN access to function normally and connect to VIPRE Enterprise
> in a private network, the administrator will need to do the following:
>
> 1. Install the VIPRE Enterprise service on a server.
>
> 2. Set up a NAT between the servers public IP address and private
> address so that all incoming connections on port 18082 are automatically
> forwarded to the VIPRE server. (tcp traffic)
>
> 3. Create a policy specifically for agents connecting via the Internet
>
> 4. Port usage is configured by policy (Agent Settings tab), the default
> port is 18082 for all communication between the agent and the service
>
> 5. Some firewalls may block SOAP over HTTP. You will need make sure your
> firewall allows this communication type.
>
> 6. Configure your policy (Agent settings tab) to contain the public IP
> address for both the Policy and Update servers (in this instance we
> recommend they are the same server). Also, check the box to save the
> address as the IP address.
>
> 7. Creating an agent is done by running the deployment wizard on the
> policy in question and selecting the radio button for Deployment
> Package, then selecting the type of installer desired. Either an MSI or
> Self Extracting Executable is recommended for this process.
>
> 8. The administrator will then need to distribute this installer to
> their clients by whatever method required by their company.
>
> 9. The client should install the agent while connected to the Internet.
> At install time, the agent needs to communicate with the VIPRE
> Enterprise service in order to obtain the full policy and initial threat
> definitions
>
> Some Considerations when configuring the policy:
>
> 1. You may not be able to ping the agents in the wild, therefore the
> Agent status heartbeat every  minutes interval needs to be set to a
> value acceptable to the administrator. The agent will only be able to
> obtain a policy change when it makes periodic hello calls back into the
> service. Initially when the agents are first deployed the administrator
> may want to set this to a lower value until the policy is configured to
> the administrator's satisfaction. At this time, the administrator may
> want to increase that interval in order to decrease the traffic between
> the agent and the service.
>
> 2. Threat database updates, the agent will be able to obtain threat
> database updates directly from the server, if for some reason it is
> unable to connect to that server the agent can be configured to obtain
> threat database updates directly from Sunbelt. Simply check the box
> (Download via the Internet if local updates are unavailable) on the
> Agent Settings tab of the policy.
>
> 3. Throttling the threat database updates will be very important as well
> to keep from saturating the connection to the Internet with threat db
> update traffic. By default, the application is set with a 100ms interval
> between 67KB chunks of data sent to the agent. This delay interval can
> be set anywhere from 0 all the way up to 60,000ms or 60 seconds between
> chunks. Therefore, even if you have very narrow network pipe you should
> still be able to satisfy the threat database update requests without
> saturating your network.
>
>
> Warm regards,
>
> Stu
>
>
>
>
> -Original Message-
> From: Ralph Smith [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 8:55 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
>
> Another option maybe - if the AV product can be forced to check in
> though a script(can VIPRE?), and you can set up a VPN with someth

RE: Corporate antivirus recommendation - for external laptops

2008-08-27 Thread Ralph Smith


Stu,

I am curios why the recommendation is to set the update server to be
primarily the internal VIPRE, especially for the first definition
updates.

On our broadband connection we only get 384K upload speeds, and that
first definition update after installing is quite large, isn't it?  

Is there any real reason the laptops shouldn't get their definition
updates directly from Sunbelt as a first choice?

Ralph



-Original Message-
From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 5:33 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

OK, here is the answer from Product Management on this topic. It can be
done and here is how:

In order to enable VIPRE agents on a computer connected to the Internet
without VPN access to function normally and connect to VIPRE Enterprise
in a private network, the administrator will need to do the following:

1. Install the VIPRE Enterprise service on a server.

2. Set up a NAT between the servers public IP address and private
address so that all incoming connections on port 18082 are automatically
forwarded to the VIPRE server. (tcp traffic)

3. Create a policy specifically for agents connecting via the Internet

4. Port usage is configured by policy (Agent Settings tab), the default
port is 18082 for all communication between the agent and the service 

5. Some firewalls may block SOAP over HTTP. You will need make sure your
firewall allows this communication type.

6. Configure your policy (Agent settings tab) to contain the public IP
address for both the Policy and Update servers (in this instance we
recommend they are the same server). Also, check the box to save the
address as the IP address.

7. Creating an agent is done by running the deployment wizard on the
policy in question and selecting the radio button for Deployment
Package, then selecting the type of installer desired. Either an MSI or
Self Extracting Executable is recommended for this process.

8. The administrator will then need to distribute this installer to
their clients by whatever method required by their company.

9. The client should install the agent while connected to the Internet.
At install time, the agent needs to communicate with the VIPRE
Enterprise service in order to obtain the full policy and initial threat
definitions

Some Considerations when configuring the policy:

1. You may not be able to ping the agents in the wild, therefore the
Agent status heartbeat every  minutes interval needs to be set to a
value acceptable to the administrator. The agent will only be able to
obtain a policy change when it makes periodic hello calls back into the
service. Initially when the agents are first deployed the administrator
may want to set this to a lower value until the policy is configured to
the administrator's satisfaction. At this time, the administrator may
want to increase that interval in order to decrease the traffic between
the agent and the service.

2. Threat database updates, the agent will be able to obtain threat
database updates directly from the server, if for some reason it is
unable to connect to that server the agent can be configured to obtain
threat database updates directly from Sunbelt. Simply check the box
(Download via the Internet if local updates are unavailable) on the
Agent Settings tab of the policy.

3. Throttling the threat database updates will be very important as well
to keep from saturating the connection to the Internet with threat db
update traffic. By default, the application is set with a 100ms interval
between 67KB chunks of data sent to the agent. This delay interval can
be set anywhere from 0 all the way up to 60,000ms or 60 seconds between
chunks. Therefore, even if you have very narrow network pipe you should
still be able to satisfy the threat database update requests without
saturating your network.

 
Warm regards,

Stu




-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:55 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

Another option maybe - if the AV product can be forced to check in
though a script(can VIPRE?), and you can set up a VPN with something
like OpenVPN or Cisco VPN client command line, you could create a script
to run once a day that connects the VPN, forces the AV to check in, then
disconnects the VPN.
Just thinking out loud.

-Original Message-
From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:35 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

I think yes, but I'm going to make sure and ask the lead dev !!

Stu 

-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 7:36 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

You me

RE: Corporate antivirus recommendation - for external laptops

2008-08-27 Thread Tom Miller

Just got my VIPRE licenses.  I'll give this method a try at a few remote sites 
- never could manage SAV on remote sites so this is welcome.  We have about 30 
or so broadband sites that have no VPN to the HQ (currently at least).
 
Tom

>>> "Stu Sjouwerman" <[EMAIL PROTECTED]> 8/26/2008 5:32 PM >>>
OK, here is the answer from Product Management on this topic. It can be
done and here is how:

In order to enable VIPRE agents on a computer connected to the Internet
without VPN access to function normally and connect to VIPRE Enterprise
in a private network, the administrator will need to do the following:

1. Install the VIPRE Enterprise service on a server.

2. Set up a NAT between the servers public IP address and private
address so that all incoming connections on port 18082 are automatically
forwarded to the VIPRE server. (tcp traffic)

3. Create a policy specifically for agents connecting via the Internet

4. Port usage is configured by policy (Agent Settings tab), the default
port is 18082 for all communication between the agent and the service 

5. Some firewalls may block SOAP over HTTP. You will need make sure your
firewall allows this communication type.

6. Configure your policy (Agent settings tab) to contain the public IP
address for both the Policy and Update servers (in this instance we
recommend they are the same server). Also, check the box to save the
address as the IP address.

7. Creating an agent is done by running the deployment wizard on the
policy in question and selecting the radio button for Deployment
Package, then selecting the type of installer desired. Either an MSI or
Self Extracting Executable is recommended for this process.

8. The administrator will then need to distribute this installer to
their clients by whatever method required by their company.

9. The client should install the agent while connected to the Internet.
At install time, the agent needs to communicate with the VIPRE
Enterprise service in order to obtain the full policy and initial threat
definitions

Some Considerations when configuring the policy:

1. You may not be able to ping the agents in the wild, therefore the
Agent status heartbeat every  minutes interval needs to be set to a
value acceptable to the administrator. The agent will only be able to
obtain a policy change when it makes periodic hello calls back into the
service. Initially when the agents are first deployed the administrator
may want to set this to a lower value until the policy is configured to
the administrator's satisfaction. At this time, the administrator may
want to increase that interval in order to decrease the traffic between
the agent and the service.

2. Threat database updates, the agent will be able to obtain threat
database updates directly from the server, if for some reason it is
unable to connect to that server the agent can be configured to obtain
threat database updates directly from Sunbelt. Simply check the box
(Download via the Internet if local updates are unavailable) on the
Agent Settings tab of the policy.

3. Throttling the threat database updates will be very important as well
to keep from saturating the connection to the Internet with threat db
update traffic. By default, the application is set with a 100ms interval
between 67KB chunks of data sent to the agent. This delay interval can
be set anywhere from 0 all the way up to 60,000ms or 60 seconds between
chunks. Therefore, even if you have very narrow network pipe you should
still be able to satisfy the threat database update requests without
saturating your network.


Warm regards,

Stu




-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:55 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

Another option maybe - if the AV product can be forced to check in
though a script(can VIPRE?), and you can set up a VPN with something
like OpenVPN or Cisco VPN client command line, you could create a script
to run once a day that connects the VPN, forces the AV to check in, then
disconnects the VPN.
Just thinking out loud.

-Original Message-
From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:35 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

I think yes, but I'm going to make sure and ask the lead dev !!

Stu 

-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 7:36 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

You mean you would like it to check in for status and reporting
purposes?
With VIPRE, or any other product that has similar options, what would
happen if you set the update options for laptops to update from
Sunbelt's servers over the Internet, but set the policy\reporting server
to the public IP add

RE: Corporate antivirus recommendation - for external laptops

2008-08-26 Thread Sam Cayze

Stu, is this encrypted/SSL traffic?  I doubt many will enable this if
not.  I wouldn't allow anything NATed unless SSL.

PS - Thanks for the great explanation/tuturial!

Regards, Sam

-Original Message-
From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 26, 2008 4:33 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

OK, here is the answer from Product Management on this topic. It can be
done and here is how:

In order to enable VIPRE agents on a computer connected to the Internet
without VPN access to function normally and connect to VIPRE Enterprise
in a private network, the administrator will need to do the following:

1. Install the VIPRE Enterprise service on a server.

2. Set up a NAT between the servers public IP address and private
address so that all incoming connections on port 18082 are automatically
forwarded to the VIPRE server. (tcp traffic)

3. Create a policy specifically for agents connecting via the Internet

4. Port usage is configured by policy (Agent Settings tab), the default
port is 18082 for all communication between the agent and the service 

5. Some firewalls may block SOAP over HTTP. You will need make sure your
firewall allows this communication type.

6. Configure your policy (Agent settings tab) to contain the public IP
address for both the Policy and Update servers (in this instance we
recommend they are the same server). Also, check the box to save the
address as the IP address.

7. Creating an agent is done by running the deployment wizard on the
policy in question and selecting the radio button for Deployment
Package, then selecting the type of installer desired. Either an MSI or
Self Extracting Executable is recommended for this process.

8. The administrator will then need to distribute this installer to
their clients by whatever method required by their company.

9. The client should install the agent while connected to the Internet.
At install time, the agent needs to communicate with the VIPRE
Enterprise service in order to obtain the full policy and initial threat
definitions

Some Considerations when configuring the policy:

1. You may not be able to ping the agents in the wild, therefore the
Agent status heartbeat every  minutes interval needs to be set to a
value acceptable to the administrator. The agent will only be able to
obtain a policy change when it makes periodic hello calls back into the
service. Initially when the agents are first deployed the administrator
may want to set this to a lower value until the policy is configured to
the administrator's satisfaction. At this time, the administrator may
want to increase that interval in order to decrease the traffic between
the agent and the service.

2. Threat database updates, the agent will be able to obtain threat
database updates directly from the server, if for some reason it is
unable to connect to that server the agent can be configured to obtain
threat database updates directly from Sunbelt. Simply check the box
(Download via the Internet if local updates are unavailable) on the
Agent Settings tab of the policy.

3. Throttling the threat database updates will be very important as well
to keep from saturating the connection to the Internet with threat db
update traffic. By default, the application is set with a 100ms interval
between 67KB chunks of data sent to the agent. This delay interval can
be set anywhere from 0 all the way up to 60,000ms or 60 seconds between
chunks. Therefore, even if you have very narrow network pipe you should
still be able to satisfy the threat database update requests without
saturating your network.

 
Warm regards,

Stu




-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED]
Sent: Monday, August 25, 2008 8:55 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

Another option maybe - if the AV product can be forced to check in
though a script(can VIPRE?), and you can set up a VPN with something
like OpenVPN or Cisco VPN client command line, you could create a script
to run once a day that connects the VPN, forces the AV to check in, then
disconnects the VPN.
Just thinking out loud.

-Original Message-
From: Stu Sjouwerman [mailto:[EMAIL PROTECTED]
Sent: Monday, August 25, 2008 8:35 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

I think yes, but I'm going to make sure and ask the lead dev !!

Stu 

-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:36 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

You mean you would like it to check in for status and reporting
purposes?
With VIPRE, or any other product that has similar options, what would
happen if you set the update options for laptops to update from
Sunbelt's servers over the Internet

RE: Corporate antivirus recommendation - for external laptops

2008-08-26 Thread Stu Sjouwerman

OK, here is the answer from Product Management on this topic. It can be
done and here is how:

In order to enable VIPRE agents on a computer connected to the Internet
without VPN access to function normally and connect to VIPRE Enterprise
in a private network, the administrator will need to do the following:

1. Install the VIPRE Enterprise service on a server.

2. Set up a NAT between the servers public IP address and private
address so that all incoming connections on port 18082 are automatically
forwarded to the VIPRE server. (tcp traffic)

3. Create a policy specifically for agents connecting via the Internet

4. Port usage is configured by policy (Agent Settings tab), the default
port is 18082 for all communication between the agent and the service 

5. Some firewalls may block SOAP over HTTP. You will need make sure your
firewall allows this communication type.

6. Configure your policy (Agent settings tab) to contain the public IP
address for both the Policy and Update servers (in this instance we
recommend they are the same server). Also, check the box to save the
address as the IP address.

7. Creating an agent is done by running the deployment wizard on the
policy in question and selecting the radio button for Deployment
Package, then selecting the type of installer desired. Either an MSI or
Self Extracting Executable is recommended for this process.

8. The administrator will then need to distribute this installer to
their clients by whatever method required by their company.

9. The client should install the agent while connected to the Internet.
At install time, the agent needs to communicate with the VIPRE
Enterprise service in order to obtain the full policy and initial threat
definitions

Some Considerations when configuring the policy:

1. You may not be able to ping the agents in the wild, therefore the
Agent status heartbeat every  minutes interval needs to be set to a
value acceptable to the administrator. The agent will only be able to
obtain a policy change when it makes periodic hello calls back into the
service. Initially when the agents are first deployed the administrator
may want to set this to a lower value until the policy is configured to
the administrator's satisfaction. At this time, the administrator may
want to increase that interval in order to decrease the traffic between
the agent and the service.

2. Threat database updates, the agent will be able to obtain threat
database updates directly from the server, if for some reason it is
unable to connect to that server the agent can be configured to obtain
threat database updates directly from Sunbelt. Simply check the box
(Download via the Internet if local updates are unavailable) on the
Agent Settings tab of the policy.

3. Throttling the threat database updates will be very important as well
to keep from saturating the connection to the Internet with threat db
update traffic. By default, the application is set with a 100ms interval
between 67KB chunks of data sent to the agent. This delay interval can
be set anywhere from 0 all the way up to 60,000ms or 60 seconds between
chunks. Therefore, even if you have very narrow network pipe you should
still be able to satisfy the threat database update requests without
saturating your network.

 
Warm regards,

Stu




-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:55 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

Another option maybe - if the AV product can be forced to check in
though a script(can VIPRE?), and you can set up a VPN with something
like OpenVPN or Cisco VPN client command line, you could create a script
to run once a day that connects the VPN, forces the AV to check in, then
disconnects the VPN.
Just thinking out loud.

-Original Message-
From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:35 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

I think yes, but I'm going to make sure and ask the lead dev !!

Stu 

-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 7:36 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

You mean you would like it to check in for status and reporting
purposes?
With VIPRE, or any other product that has similar options, what would
happen if you set the update options for laptops to update from
Sunbelt's servers over the Internet, but set the policy\reporting server
to the public IP address on your router, and port forwarded those ports
to your VIPRE server.
Would that work?

-Original Message-
From: Andy Shook [mailto:[EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:19 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

Vipre\CSE has the option to get update from

RE: Corporate antivirus recommendation - for external laptops

2008-08-26 Thread John Gwinner

eMail updates wouldn't be so bad, although the return path might be a
little tricky - there's a lot of mail settings to setup.  You'd need to
build in mailbox maintenance.

I don't have an issue opening a port up, however.  

Let's not forget the installation part - some of these laptops are never
in the enterprise.  

So you need some way to install it remotely, usually a web
site/intranet.  So the port is pretty much already open.

You'd also need a way to reject machines or remotely cause an uninstall.
The latter would be a HUGE security hole of course, it would take some
tricky implementation.  For Trend, we can delete the laptop out of the
console and it won't get updates.

Removing an external machine isn't so much a security issue, it's more
of a licensing issue.  

   == John ==
 


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 7:45 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
> 
> That would be sweet..Umm very sweet indeed..  Talk about a simplified
> rock solid compliance tool for remote offices and at home/on the road
> employees.
> 
> -Original Message-
> From: Ralph Smith [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 8:59 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
> 
> What would be cool would be an AV agent that could generate an email
> with it's data  - could be encrypted - and send it to an email account
> on your domain that is checked by the AV server.  The server then
reads
> the email, updates the database and deletes the email.  No open ports
on
> the firewall, no special VPN to set up.  Could something like that be
> workable?
> 
> -Original Message-
> From: Stu Sjouwerman [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 8:35 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
> 
> I think yes, but I'm going to make sure and ask the lead dev !!
> 
> Stu
> 
> -Original Message-
> From: Ralph Smith [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 7:36 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
> 
> You mean you would like it to check in for status and reporting
> purposes?
> With VIPRE, or any other product that has similar options, what would
> happen if you set the update options for laptops to update from
> Sunbelt's servers over the Internet, but set the policy\reporting
server
> to the public IP address on your router, and port forwarded those
ports
> to your VIPRE server.
> Would that work?
> 
> -Original Message-
> From: Andy Shook [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 7:19 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
> 
> Vipre\CSE has the option to get update from the Internet if internal
> servers are not available.  Works very well...
> 
> Shook
> 
> 
> From: Matt Plahtinsky [EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 7:15 PM
> To: NT System Admin Issues
> Subject: Re: Corporate antivirus recommendation - for external laptops
> 
> Good question!  I just sent this exact same question into sunbelts
> support page this morning.  Were in the same boat.  Our laptop users
> only connect to our network a few times a year but we still provide
> remote support.  We need an antivirus product that will check in with
us
> every time its online.
> 
> Matt
> 
> 
> 
> On 8/25/08, John Gwinner <[EMAIL PROTECTED]> wrote:
> > I went through all of the emails, and didn't see much on this ...
what
> 
> > A/V solutions work OK with distributed clients, meaning someone
who's
> > never been inside the firewall or VPN'd so that Group Policy could
> > install it?
> >
> >
> > We have a lot of laptops that never set foot in our office, and I'd
> like
> > to protect them centrally to reduce ownership costs, make
> > troubleshooting easier, and allow us to proactively spot things like
> > common infections.
> >
> >
> >
> > So far Trend's OfficeScan and Panda are about the only ones that
seem
> to
> > do that.
> >
> >
> >
> > Stu, or anyone else - does anything else work OK for traveling
laptops
> 
> > (no VPN)?
> >
> >
> >
> >== John ==
> >
> >
> > From: Devin Meade [mailto:[EMAIL PROTECTED]
> > Sent: F

Re: Corporate antivirus recommendation - for external laptops

2008-08-25 Thread Kurt Buff

How about https, with both client and server certificates required?
Much simpler.

On Mon, Aug 25, 2008 at 5:59 PM, Ralph Smith <[EMAIL PROTECTED]> wrote:
> What would be cool would be an AV agent that could generate an email
> with it's data  - could be encrypted - and send it to an email account
> on your domain that is checked by the AV server.  The server then reads
> the email, updates the database and deletes the email.  No open ports on
> the firewall, no special VPN to set up.  Could something like that be
> workable?
>
> -Original Message-
> From: Stu Sjouwerman [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 8:35 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
>
> I think yes, but I'm going to make sure and ask the lead dev !!
>
> Stu
>
> -Original Message-
> From: Ralph Smith [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 7:36 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
>
> You mean you would like it to check in for status and reporting
> purposes?
> With VIPRE, or any other product that has similar options, what would
> happen if you set the update options for laptops to update from
> Sunbelt's servers over the Internet, but set the policy\reporting server
> to the public IP address on your router, and port forwarded those ports
> to your VIPRE server.
> Would that work?
>
> -Original Message-
> From: Andy Shook [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 7:19 PM
> To: NT System Admin Issues
> Subject: RE: Corporate antivirus recommendation - for external laptops
>
> Vipre\CSE has the option to get update from the Internet if internal
> servers are not availble.  Works very well...
>
> Shook
>
> ________
> From: Matt Plahtinsky [EMAIL PROTECTED]
> Sent: Monday, August 25, 2008 7:15 PM
> To: NT System Admin Issues
> Subject: Re: Corporate antivirus recommendation - for external laptops
>
> Good question!  I just sent this exact same question into sunbelts
> support page this morning.  Were in the same boat.  Our laptop users
> only connect to our network a few times a year but we still provide
> remote support.  We need an antivirus product that will check in with us
> every time its online.
>
> Matt
>
>
>
> On 8/25/08, John Gwinner <[EMAIL PROTECTED]> wrote:
>> I went through all of the emails, and didn't see much on this ... what
>
>> A/V solutions work OK with distributed clients, meaning someone who's
>> never been inside the firewall or VPN'd so that Group Policy could
>> install it?
>>
>>
>> We have a lot of laptops that never set foot in our office, and I'd
> like
>> to protect them centrally to reduce ownership costs, make
>> troubleshooting easier, and allow us to proactively spot things like
>> common infections.
>>
>>
>>
>> So far Trend's OfficeScan and Panda are about the only ones that seem
> to
>> do that.
>>
>>
>>
>> Stu, or anyone else - does anything else work OK for traveling laptops
>
>> (no VPN)?
>>
>>
>>
>>== John ==
>>
>>
>> From: Devin Meade [mailto:[EMAIL PROTECTED]
>> Sent: Friday, August 22, 2008 11:46 AM
>> To: NT System Admin Issues
>> Subject: Re: Corporate antivirus recommendation
>>
>>
>>
>> I have to agree on number four.  We have more and more laptops and
> this
>> is key.  Question - will VIPRE do this?  If so, its on our short list
> in
>> a few months with Trend expires.
>>
>>
>>
>> Devin
>>
>>
>>
>>
>>
>> On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner <[EMAIL PROTECTED]>
>> wrote:
>>
>> Regarding understanding tech's, I think that's anywhere these days.
>>
>>
>>
>> My top three requirements would be:
>>
>>
>>
>> 1)  Excellent threat detection record and frequent updates to
> threat
>> definitions.
>>
>> 2)  Good admin interface with easy and reliable remote installs.
>>
>> 3)  Good deep scanning ability of clients with a real-time scan
> that
>> doesn't hog resources.
>>
>>
>>
>> For our needs I'd add:
>>
>> 4)Ability for external laptops that have never been in the office
> to
>> get updates
>>
>> Panda says they do 4, but I evaluated it and it didn't seem to be as
>> well integrated as Trend.  Every time I&#x

RE: Corporate antivirus recommendation - for external laptops

2008-08-25 Thread gsweers

That would be sweet..Umm very sweet indeed..  Talk about a simplified
rock solid compliance tool for remote offices and at home/on the road
employees.

-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:59 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

What would be cool would be an AV agent that could generate an email
with it's data  - could be encrypted - and send it to an email account
on your domain that is checked by the AV server.  The server then reads
the email, updates the database and deletes the email.  No open ports on
the firewall, no special VPN to set up.  Could something like that be
workable?

-Original Message-
From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:35 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

I think yes, but I'm going to make sure and ask the lead dev !!

Stu 

-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 7:36 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

You mean you would like it to check in for status and reporting
purposes?
With VIPRE, or any other product that has similar options, what would
happen if you set the update options for laptops to update from
Sunbelt's servers over the Internet, but set the policy\reporting server
to the public IP address on your router, and port forwarded those ports
to your VIPRE server.
Would that work?

-Original Message-
From: Andy Shook [mailto:[EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:19 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

Vipre\CSE has the option to get update from the Internet if internal
servers are not availble.  Works very well...

Shook

From: Matt Plahtinsky [EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:15 PM
To: NT System Admin Issues
Subject: Re: Corporate antivirus recommendation - for external laptops

Good question!  I just sent this exact same question into sunbelts
support page this morning.  Were in the same boat.  Our laptop users
only connect to our network a few times a year but we still provide
remote support.  We need an antivirus product that will check in with us
every time its online.

Matt

On 8/25/08, John Gwinner <[EMAIL PROTECTED]> wrote:
> I went through all of the emails, and didn't see much on this ... what

> A/V solutions work OK with distributed clients, meaning someone who's 
> never been inside the firewall or VPN'd so that Group Policy could 
> install it?
>
>
> We have a lot of laptops that never set foot in our office, and I'd
like
> to protect them centrally to reduce ownership costs, make 
> troubleshooting easier, and allow us to proactively spot things like 
> common infections.
>
>
>
> So far Trend's OfficeScan and Panda are about the only ones that seem
to
> do that.
>
>
>
> Stu, or anyone else - does anything else work OK for traveling laptops

> (no VPN)?
>
>
>
>== John ==
>
>
> From: Devin Meade [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 22, 2008 11:46 AM
> To: NT System Admin Issues
> Subject: Re: Corporate antivirus recommendation
>
>
>
> I have to agree on number four.  We have more and more laptops and
this
> is key.  Question - will VIPRE do this?  If so, its on our short list
in
> a few months with Trend expires.
>
>
>
> Devin
>
>
>
>
>
> On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner <[EMAIL PROTECTED]>
> wrote:
>
> Regarding understanding tech's, I think that's anywhere these days.
>
>
>
> My top three requirements would be:
>
>
>
> 1)  Excellent threat detection record and frequent updates to
threat
> definitions.
>
> 2)  Good admin interface with easy and reliable remote installs.
>
> 3)  Good deep scanning ability of clients with a real-time scan
that
> doesn't hog resources.
>
>
>
> For our needs I'd add:
>
> 4)Ability for external laptops that have never been in the office
to
> get updates
>
> Panda says they do 4, but I evaluated it and it didn't seem to be as 
> well integrated as Trend.  Every time I've evaluated our situation
I've
> stuck with Trend.  Some of our users revolt and purchase Symantec 
> because "it's the standard".  *sigh*
>
> We're a consulting company and 95% of our users have never stepped
foot
> in the office, so I need something that works well outside the
firewall.
>
>== John ==
>
>
> From: James Kerr [mailto:[EMA

RE: Corporate antivirus recommendation - for external laptops

2008-08-25 Thread Ralph Smith

What would be cool would be an AV agent that could generate an email
with it's data  - could be encrypted - and send it to an email account
on your domain that is checked by the AV server.  The server then reads
the email, updates the database and deletes the email.  No open ports on
the firewall, no special VPN to set up.  Could something like that be
workable?

-Original Message-
From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:35 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

I think yes, but I'm going to make sure and ask the lead dev !!

Stu 

-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 7:36 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

You mean you would like it to check in for status and reporting
purposes?
With VIPRE, or any other product that has similar options, what would
happen if you set the update options for laptops to update from
Sunbelt's servers over the Internet, but set the policy\reporting server
to the public IP address on your router, and port forwarded those ports
to your VIPRE server.
Would that work?

-Original Message-
From: Andy Shook [mailto:[EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:19 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

Vipre\CSE has the option to get update from the Internet if internal
servers are not availble.  Works very well...

Shook


From: Matt Plahtinsky [EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:15 PM
To: NT System Admin Issues
Subject: Re: Corporate antivirus recommendation - for external laptops

Good question!  I just sent this exact same question into sunbelts
support page this morning.  Were in the same boat.  Our laptop users
only connect to our network a few times a year but we still provide
remote support.  We need an antivirus product that will check in with us
every time its online.

Matt



On 8/25/08, John Gwinner <[EMAIL PROTECTED]> wrote:
> I went through all of the emails, and didn't see much on this ... what

> A/V solutions work OK with distributed clients, meaning someone who's 
> never been inside the firewall or VPN'd so that Group Policy could 
> install it?
>
>
> We have a lot of laptops that never set foot in our office, and I'd
like
> to protect them centrally to reduce ownership costs, make 
> troubleshooting easier, and allow us to proactively spot things like 
> common infections.
>
>
>
> So far Trend's OfficeScan and Panda are about the only ones that seem
to
> do that.
>
>
>
> Stu, or anyone else - does anything else work OK for traveling laptops

> (no VPN)?
>
>
>
>== John ==
>
>
> From: Devin Meade [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 22, 2008 11:46 AM
> To: NT System Admin Issues
> Subject: Re: Corporate antivirus recommendation
>
>
>
> I have to agree on number four.  We have more and more laptops and
this
> is key.  Question - will VIPRE do this?  If so, its on our short list
in
> a few months with Trend expires.
>
>
>
> Devin
>
>
>
>
>
> On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner <[EMAIL PROTECTED]>
> wrote:
>
> Regarding understanding tech's, I think that's anywhere these days.
>
>
>
> My top three requirements would be:
>
>
>
> 1)  Excellent threat detection record and frequent updates to
threat
> definitions.
>
> 2)  Good admin interface with easy and reliable remote installs.
>
> 3)  Good deep scanning ability of clients with a real-time scan
that
> doesn't hog resources.
>
>
>
> For our needs I'd add:
>
> 4)Ability for external laptops that have never been in the office
to
> get updates
>
> Panda says they do 4, but I evaluated it and it didn't seem to be as 
> well integrated as Trend.  Every time I've evaluated our situation
I've
> stuck with Trend.  Some of our users revolt and purchase Symantec 
> because "it's the standard".  *sigh*
>
> We're a consulting company and 95% of our users have never stepped
foot
> in the office, so I need something that works well outside the
firewall.
>
>== John ==
>
>
> From: James Kerr [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 22, 2008 9:12 AM
>
>
> To: NT System Admin Issues
>
> Subject: Re: Corporate antivirus recommendation
>
>
>
> I want to dump trend just so I don't have to hear their horrendous
hold
> song anymore. That and the more then one hour hold times to speak to a

> tech then when I ge

RE: Corporate antivirus recommendation - for external laptops

2008-08-25 Thread Ralph Smith

Another option maybe - if the AV product can be forced to check in
though a script(can VIPRE?), and you can set up a VPN with something
like OpenVPN or Cisco VPN client command line, you could create a script
to run once a day that connects the VPN, forces the AV to check in, then
disconnects the VPN.
Just thinking out loud.

-Original Message-
From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 8:35 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

I think yes, but I'm going to make sure and ask the lead dev !!

Stu 

-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 7:36 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

You mean you would like it to check in for status and reporting
purposes?
With VIPRE, or any other product that has similar options, what would
happen if you set the update options for laptops to update from
Sunbelt's servers over the Internet, but set the policy\reporting server
to the public IP address on your router, and port forwarded those ports
to your VIPRE server.
Would that work?

-Original Message-
From: Andy Shook [mailto:[EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:19 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

Vipre\CSE has the option to get update from the Internet if internal
servers are not availble.  Works very well...

Shook


From: Matt Plahtinsky [EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:15 PM
To: NT System Admin Issues
Subject: Re: Corporate antivirus recommendation - for external laptops

Good question!  I just sent this exact same question into sunbelts
support page this morning.  Were in the same boat.  Our laptop users
only connect to our network a few times a year but we still provide
remote support.  We need an antivirus product that will check in with us
every time its online.

Matt



On 8/25/08, John Gwinner <[EMAIL PROTECTED]> wrote:
> I went through all of the emails, and didn't see much on this ... what

> A/V solutions work OK with distributed clients, meaning someone who's 
> never been inside the firewall or VPN'd so that Group Policy could 
> install it?
>
>
> We have a lot of laptops that never set foot in our office, and I'd
like
> to protect them centrally to reduce ownership costs, make 
> troubleshooting easier, and allow us to proactively spot things like 
> common infections.
>
>
>
> So far Trend's OfficeScan and Panda are about the only ones that seem
to
> do that.
>
>
>
> Stu, or anyone else - does anything else work OK for traveling laptops

> (no VPN)?
>
>
>
>== John ==
>
>
> From: Devin Meade [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 22, 2008 11:46 AM
> To: NT System Admin Issues
> Subject: Re: Corporate antivirus recommendation
>
>
>
> I have to agree on number four.  We have more and more laptops and
this
> is key.  Question - will VIPRE do this?  If so, its on our short list
in
> a few months with Trend expires.
>
>
>
> Devin
>
>
>
>
>
> On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner <[EMAIL PROTECTED]>
> wrote:
>
> Regarding understanding tech's, I think that's anywhere these days.
>
>
>
> My top three requirements would be:
>
>
>
> 1)  Excellent threat detection record and frequent updates to
threat
> definitions.
>
> 2)  Good admin interface with easy and reliable remote installs.
>
> 3)  Good deep scanning ability of clients with a real-time scan
that
> doesn't hog resources.
>
>
>
> For our needs I'd add:
>
> 4)Ability for external laptops that have never been in the office
to
> get updates
>
> Panda says they do 4, but I evaluated it and it didn't seem to be as 
> well integrated as Trend.  Every time I've evaluated our situation
I've
> stuck with Trend.  Some of our users revolt and purchase Symantec 
> because "it's the standard".  *sigh*
>
> We're a consulting company and 95% of our users have never stepped
foot
> in the office, so I need something that works well outside the
firewall.
>
>== John ==
>
>
> From: James Kerr [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 22, 2008 9:12 AM
>
>
> To: NT System Admin Issues
>
> Subject: Re: Corporate antivirus recommendation
>
>
>
> I want to dump trend just so I don't have to hear their horrendous
hold
> song anymore. That and the more then one hour hold times to speak to a

> tech then when I get a tech there is a 50/50 chance I wont be abl

RE: Corporate antivirus recommendation - for external laptops

2008-08-25 Thread Stu Sjouwerman

I think yes, but I'm going to make sure and ask the lead dev !!

Stu 

-Original Message-
From: Ralph Smith [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 7:36 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

You mean you would like it to check in for status and reporting
purposes?
With VIPRE, or any other product that has similar options, what would
happen if you set the update options for laptops to update from
Sunbelt's servers over the Internet, but set the policy\reporting server
to the public IP address on your router, and port forwarded those ports
to your VIPRE server.
Would that work?

-Original Message-
From: Andy Shook [mailto:[EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:19 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

Vipre\CSE has the option to get update from the Internet if internal
servers are not availble.  Works very well...

Shook


From: Matt Plahtinsky [EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:15 PM
To: NT System Admin Issues
Subject: Re: Corporate antivirus recommendation - for external laptops

Good question!  I just sent this exact same question into sunbelts
support page this morning.  Were in the same boat.  Our laptop users
only connect to our network a few times a year but we still provide
remote support.  We need an antivirus product that will check in with us
every time its online.

Matt



On 8/25/08, John Gwinner <[EMAIL PROTECTED]> wrote:
> I went through all of the emails, and didn't see much on this ... what

> A/V solutions work OK with distributed clients, meaning someone who's 
> never been inside the firewall or VPN'd so that Group Policy could 
> install it?
>
>
> We have a lot of laptops that never set foot in our office, and I'd
like
> to protect them centrally to reduce ownership costs, make 
> troubleshooting easier, and allow us to proactively spot things like 
> common infections.
>
>
>
> So far Trend's OfficeScan and Panda are about the only ones that seem
to
> do that.
>
>
>
> Stu, or anyone else - does anything else work OK for traveling laptops

> (no VPN)?
>
>
>
>== John ==
>
>
> From: Devin Meade [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 22, 2008 11:46 AM
> To: NT System Admin Issues
> Subject: Re: Corporate antivirus recommendation
>
>
>
> I have to agree on number four.  We have more and more laptops and
this
> is key.  Question - will VIPRE do this?  If so, its on our short list
in
> a few months with Trend expires.
>
>
>
> Devin
>
>
>
>
>
> On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner <[EMAIL PROTECTED]>
> wrote:
>
> Regarding understanding tech's, I think that's anywhere these days.
>
>
>
> My top three requirements would be:
>
>
>
> 1)  Excellent threat detection record and frequent updates to
threat
> definitions.
>
> 2)  Good admin interface with easy and reliable remote installs.
>
> 3)  Good deep scanning ability of clients with a real-time scan
that
> doesn't hog resources.
>
>
>
> For our needs I'd add:
>
> 4)Ability for external laptops that have never been in the office
to
> get updates
>
> Panda says they do 4, but I evaluated it and it didn't seem to be as 
> well integrated as Trend.  Every time I've evaluated our situation
I've
> stuck with Trend.  Some of our users revolt and purchase Symantec 
> because "it's the standard".  *sigh*
>
> We're a consulting company and 95% of our users have never stepped
foot
> in the office, so I need something that works well outside the
firewall.
>
>== John ==
>
>
> From: James Kerr [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 22, 2008 9:12 AM
>
>
> To: NT System Admin Issues
>
> Subject: Re: Corporate antivirus recommendation
>
>
>
> I want to dump trend just so I don't have to hear their horrendous
hold
> song anymore. That and the more then one hour hold times to speak to a

> tech then when I get a tech there is a 50/50 chance I wont be able to 
> understand him or her.
>
>
>
> James
>
>
>
>
>
>
>
>
>
>
> --
> Devin
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

--
Sent from Gmail for mobile | mobile.google.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that

RE: Corporate antivirus recommendation - for external laptops

2008-08-25 Thread Ralph Smith

You mean you would like it to check in for status and reporting
purposes?
With VIPRE, or any other product that has similar options, what would
happen if you set the update options for laptops to update from
Sunbelt's servers over the Internet, but set the policy\reporting server
to the public IP address on your router, and port forwarded those ports
to your VIPRE server.
Would that work?

-Original Message-
From: Andy Shook [mailto:[EMAIL PROTECTED] 
Sent: Monday, August 25, 2008 7:19 PM
To: NT System Admin Issues
Subject: RE: Corporate antivirus recommendation - for external laptops

Vipre\CSE has the option to get update from the Internet if internal
servers are not availble.  Works very well...

Shook

From: Matt Plahtinsky [EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:15 PM
To: NT System Admin Issues
Subject: Re: Corporate antivirus recommendation - for external laptops

Good question!  I just sent this exact same question into sunbelts
support page this morning.  Were in the same boat.  Our laptop users
only connect to our network a few times a year but we still provide
remote support.  We need an antivirus product that will check in with
us every time its online.

Matt

On 8/25/08, John Gwinner <[EMAIL PROTECTED]> wrote:
> I went through all of the emails, and didn't see much on this ... what
> A/V solutions work OK with distributed clients, meaning someone who's
> never been inside the firewall or VPN'd so that Group Policy could
> install it?
>
>
> We have a lot of laptops that never set foot in our office, and I'd
like
> to protect them centrally to reduce ownership costs, make
> troubleshooting easier, and allow us to proactively spot things like
> common infections.
>
>
>
> So far Trend's OfficeScan and Panda are about the only ones that seem
to
> do that.
>
>
>
> Stu, or anyone else - does anything else work OK for traveling laptops
> (no VPN)?
>
>
>
>== John ==
>
>
> From: Devin Meade [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 22, 2008 11:46 AM
> To: NT System Admin Issues
> Subject: Re: Corporate antivirus recommendation
>
>
>
> I have to agree on number four.  We have more and more laptops and
this
> is key.  Question - will VIPRE do this?  If so, its on our short list
in
> a few months with Trend expires.
>
>
>
> Devin
>
>
>
>
>
> On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner <[EMAIL PROTECTED]>
> wrote:
>
> Regarding understanding tech's, I think that's anywhere these days.
>
>
>
> My top three requirements would be:
>
>
>
> 1)  Excellent threat detection record and frequent updates to
threat
> definitions.
>
> 2)  Good admin interface with easy and reliable remote installs.
>
> 3)  Good deep scanning ability of clients with a real-time scan
that
> doesn't hog resources.
>
>
>
> For our needs I'd add:
>
> 4)Ability for external laptops that have never been in the office
to
> get updates
>
> Panda says they do 4, but I evaluated it and it didn't seem to be as
> well integrated as Trend.  Every time I've evaluated our situation
I've
> stuck with Trend.  Some of our users revolt and purchase Symantec
> because "it's the standard".  *sigh*
>
> We're a consulting company and 95% of our users have never stepped
foot
> in the office, so I need something that works well outside the
firewall.
>
>== John ==
>
>
> From: James Kerr [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 22, 2008 9:12 AM
>
>
> To: NT System Admin Issues
>
> Subject: Re: Corporate antivirus recommendation
>
>
>
> I want to dump trend just so I don't have to hear their horrendous
hold
> song anymore. That and the more then one hour hold times to speak to a
> tech then when I get a tech there is a 50/50 chance I wont be able to
> understand him or her.
>
>
>
> James
>
>
>
>
>
>
>
>
>
>
> --
> Devin
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

--
Sent from Gmail for mobile | mobile.google.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
Confidentiality Notice: 

--

This communication, including any attachments, may contain confidential 
information and is intended only for the individual or entity to whom it is 
addressed. Any review, dissemination, or copying of this communication by 
anyone other than the intended recipient is strictly prohibited. If you are not 
the intended recipient, please contact the sender by reply email, delete and 
destroy all copies of the original message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Corporate antivirus recommendation - for external laptops

2008-08-25 Thread Andy Shook

Vipre\CSE has the option to get update from the Internet if internal servers 
are not availble.  Works very well...

Shook


From: Matt Plahtinsky [EMAIL PROTECTED]
Sent: Monday, August 25, 2008 7:15 PM
To: NT System Admin Issues
Subject: Re: Corporate antivirus recommendation - for external laptops

Good question!  I just sent this exact same question into sunbelts
support page this morning.  Were in the same boat.  Our laptop users
only connect to our network a few times a year but we still provide
remote support.  We need an antivirus product that will check in with
us every time its online.

Matt



On 8/25/08, John Gwinner <[EMAIL PROTECTED]> wrote:
> I went through all of the emails, and didn't see much on this ... what
> A/V solutions work OK with distributed clients, meaning someone who's
> never been inside the firewall or VPN'd so that Group Policy could
> install it?
>
>
> We have a lot of laptops that never set foot in our office, and I'd like
> to protect them centrally to reduce ownership costs, make
> troubleshooting easier, and allow us to proactively spot things like
> common infections.
>
>
>
> So far Trend's OfficeScan and Panda are about the only ones that seem to
> do that.
>
>
>
> Stu, or anyone else - does anything else work OK for traveling laptops
> (no VPN)?
>
>
>
>== John ==
>
>
> From: Devin Meade [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 22, 2008 11:46 AM
> To: NT System Admin Issues
> Subject: Re: Corporate antivirus recommendation
>
>
>
> I have to agree on number four.  We have more and more laptops and this
> is key.  Question - will VIPRE do this?  If so, its on our short list in
> a few months with Trend expires.
>
>
>
> Devin
>
>
>
>
>
> On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner <[EMAIL PROTECTED]>
> wrote:
>
> Regarding understanding tech's, I think that's anywhere these days.
>
>
>
> My top three requirements would be:
>
>
>
> 1)  Excellent threat detection record and frequent updates to threat
> definitions.
>
> 2)  Good admin interface with easy and reliable remote installs.
>
> 3)  Good deep scanning ability of clients with a real-time scan that
> doesn't hog resources.
>
>
>
> For our needs I'd add:
>
> 4)Ability for external laptops that have never been in the office to
> get updates
>
> Panda says they do 4, but I evaluated it and it didn't seem to be as
> well integrated as Trend.  Every time I've evaluated our situation I've
> stuck with Trend.  Some of our users revolt and purchase Symantec
> because "it's the standard".  *sigh*
>
> We're a consulting company and 95% of our users have never stepped foot
> in the office, so I need something that works well outside the firewall.
>
>== John ==
>
>
> From: James Kerr [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 22, 2008 9:12 AM
>
>
> To: NT System Admin Issues
>
> Subject: Re: Corporate antivirus recommendation
>
>
>
> I want to dump trend just so I don't have to hear their horrendous hold
> song anymore. That and the more then one hour hold times to speak to a
> tech then when I get a tech there is a 50/50 chance I wont be able to
> understand him or her.
>
>
>
> James
>
>
>
>
>
>
>
>
>
>
> --
> Devin
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

--
Sent from Gmail for mobile | mobile.google.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

Re: Corporate antivirus recommendation - for external laptops

2008-08-25 Thread Matt Plahtinsky

Good question!  I just sent this exact same question into sunbelts
support page this morning.  Were in the same boat.  Our laptop users
only connect to our network a few times a year but we still provide
remote support.  We need an antivirus product that will check in with
us every time its online.

Matt



On 8/25/08, John Gwinner <[EMAIL PROTECTED]> wrote:
> I went through all of the emails, and didn't see much on this ... what
> A/V solutions work OK with distributed clients, meaning someone who's
> never been inside the firewall or VPN'd so that Group Policy could
> install it?
>
>
> We have a lot of laptops that never set foot in our office, and I'd like
> to protect them centrally to reduce ownership costs, make
> troubleshooting easier, and allow us to proactively spot things like
> common infections.
>
>
>
> So far Trend's OfficeScan and Panda are about the only ones that seem to
> do that.
>
>
>
> Stu, or anyone else - does anything else work OK for traveling laptops
> (no VPN)?
>
>
>
>== John ==
>
>
> From: Devin Meade [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 22, 2008 11:46 AM
> To: NT System Admin Issues
> Subject: Re: Corporate antivirus recommendation
>
>
>
> I have to agree on number four.  We have more and more laptops and this
> is key.  Question - will VIPRE do this?  If so, its on our short list in
> a few months with Trend expires.
>
>
>
> Devin
>
>
>
>
>
> On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner <[EMAIL PROTECTED]>
> wrote:
>
> Regarding understanding tech's, I think that's anywhere these days.
>
>
>
> My top three requirements would be:
>
>
>
> 1)  Excellent threat detection record and frequent updates to threat
> definitions.
>
> 2)  Good admin interface with easy and reliable remote installs.
>
> 3)  Good deep scanning ability of clients with a real-time scan that
> doesn't hog resources.
>
>
>
> For our needs I'd add:
>
> 4)Ability for external laptops that have never been in the office to
> get updates
>
> Panda says they do 4, but I evaluated it and it didn't seem to be as
> well integrated as Trend.  Every time I've evaluated our situation I've
> stuck with Trend.  Some of our users revolt and purchase Symantec
> because "it's the standard".  *sigh*
>
> We're a consulting company and 95% of our users have never stepped foot
> in the office, so I need something that works well outside the firewall.
>
>== John ==
>
>
> From: James Kerr [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 22, 2008 9:12 AM
>
>
> To: NT System Admin Issues
>
> Subject: Re: Corporate antivirus recommendation
>
>
>
> I want to dump trend just so I don't have to hear their horrendous hold
> song anymore. That and the more then one hour hold times to speak to a
> tech then when I get a tech there is a 50/50 chance I wont be able to
> understand him or her.
>
>
>
> James
>
>
>
>
>
>
>
>
>
>
> --
> Devin
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~

-- 
Sent from Gmail for mobile | mobile.google.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Corporate antivirus recommendation - for external laptops

2008-08-25 Thread John Gwinner

I went through all of the emails, and didn't see much on this ... what
A/V solutions work OK with distributed clients, meaning someone who's
never been inside the firewall or VPN'd so that Group Policy could
install it?


We have a lot of laptops that never set foot in our office, and I'd like
to protect them centrally to reduce ownership costs, make
troubleshooting easier, and allow us to proactively spot things like
common infections.

 

So far Trend's OfficeScan and Panda are about the only ones that seem to
do that.

 

Stu, or anyone else - does anything else work OK for traveling laptops
(no VPN)?

 

   == John ==
 

From: Devin Meade [mailto:[EMAIL PROTECTED] 
Sent: Friday, August 22, 2008 11:46 AM
To: NT System Admin Issues
Subject: Re: Corporate antivirus recommendation

 

I have to agree on number four.  We have more and more laptops and this
is key.  Question - will VIPRE do this?  If so, its on our short list in
a few months with Trend expires.

 

Devin 



 

On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner <[EMAIL PROTECTED]>
wrote:

Regarding understanding tech's, I think that's anywhere these days.

 

My top three requirements would be:

 

1)  Excellent threat detection record and frequent updates to threat
definitions.

2)  Good admin interface with easy and reliable remote installs.

3)  Good deep scanning ability of clients with a real-time scan that
doesn't hog resources.

 

For our needs I'd add:

4)Ability for external laptops that have never been in the office to
get updates

Panda says they do 4, but I evaluated it and it didn't seem to be as
well integrated as Trend.  Every time I've evaluated our situation I've
stuck with Trend.  Some of our users revolt and purchase Symantec
because "it's the standard".  *sigh*

We're a consulting company and 95% of our users have never stepped foot
in the office, so I need something that works well outside the firewall.

   == John ==
 

From: James Kerr [mailto:[EMAIL PROTECTED] 
Sent: Friday, August 22, 2008 9:12 AM 


To: NT System Admin Issues

Subject: Re: Corporate antivirus recommendation 

 

I want to dump trend just so I don't have to hear their horrendous hold
song anymore. That and the more then one hour hold times to speak to a
tech then when I get a tech there is a 50/50 chance I wont be able to
understand him or her.

 

James

 

 

 




-- 
Devin

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Corporate antivirus recommendation - for external laptops

Re: Corporate antivirus recommendation - for external laptops

RE: Corporate antivirus recommendation - for external laptops

RE: Corporate antivirus recommendation - for external laptops

RE: Corporate antivirus recommendation - for external laptops

RE: Corporate antivirus recommendation - for external laptops

RE: Corporate antivirus recommendation - for external laptops

Re: Corporate antivirus recommendation - for external laptops

RE: Corporate antivirus recommendation - for external laptops

RE: Corporate antivirus recommendation - for external laptops

RE: Corporate antivirus recommendation - for external laptops

RE: Corporate antivirus recommendation - for external laptops

RE: Corporate antivirus recommendation - for external laptops

RE: Corporate antivirus recommendation - for external laptops

Re: Corporate antivirus recommendation - for external laptops

RE: Corporate antivirus recommendation - for external laptops

16 matches

Site Navigation

Mail list logo

Footer information