RE: Corporate antivirus recommendation - for external laptops
Stu, I am curios why the recommendation is to set the update server to be primarily the internal VIPRE, especially for the first definition updates. On our broadband connection we only get 384K upload speeds, and that first definition update after installing is quite large, isn't it? Is there any real reason the laptops shouldn't get their definition updates directly from Sunbelt as a first choice? Ralph -Original Message- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 26, 2008 5:33 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops OK, here is the answer from Product Management on this topic. It can be done and here is how: In order to enable VIPRE agents on a computer connected to the Internet without VPN access to function normally and connect to VIPRE Enterprise in a private network, the administrator will need to do the following: 1. Install the VIPRE Enterprise service on a server. 2. Set up a NAT between the servers public IP address and private address so that all incoming connections on port 18082 are automatically forwarded to the VIPRE server. (tcp traffic) 3. Create a policy specifically for agents connecting via the Internet 4. Port usage is configured by policy (Agent Settings tab), the default port is 18082 for all communication between the agent and the service 5. Some firewalls may block SOAP over HTTP. You will need make sure your firewall allows this communication type. 6. Configure your policy (Agent settings tab) to contain the public IP address for both the Policy and Update servers (in this instance we recommend they are the same server). Also, check the box to save the address as the IP address. 7. Creating an agent is done by running the deployment wizard on the policy in question and selecting the radio button for Deployment Package, then selecting the type of installer desired. Either an MSI or Self Extracting Executable is recommended for this process. 8. The administrator will then need to distribute this installer to their clients by whatever method required by their company. 9. The client should install the agent while connected to the Internet. At install time, the agent needs to communicate with the VIPRE Enterprise service in order to obtain the full policy and initial threat definitions Some Considerations when configuring the policy: 1. You may not be able to ping the agents in the wild, therefore the Agent status heartbeat every minutes interval needs to be set to a value acceptable to the administrator. The agent will only be able to obtain a policy change when it makes periodic hello calls back into the service. Initially when the agents are first deployed the administrator may want to set this to a lower value until the policy is configured to the administrator's satisfaction. At this time, the administrator may want to increase that interval in order to decrease the traffic between the agent and the service. 2. Threat database updates, the agent will be able to obtain threat database updates directly from the server, if for some reason it is unable to connect to that server the agent can be configured to obtain threat database updates directly from Sunbelt. Simply check the box (Download via the Internet if local updates are unavailable) on the Agent Settings tab of the policy. 3. Throttling the threat database updates will be very important as well to keep from saturating the connection to the Internet with threat db update traffic. By default, the application is set with a 100ms interval between 67KB chunks of data sent to the agent. This delay interval can be set anywhere from 0 all the way up to 60,000ms or 60 seconds between chunks. Therefore, even if you have very narrow network pipe you should still be able to satisfy the threat database update requests without saturating your network. Warm regards, Stu -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:55 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops Another option maybe - if the AV product can be forced to check in though a script(can VIPRE?), and you can set up a VPN with something like OpenVPN or Cisco VPN client command line, you could create a script to run once a day that connects the VPN, forces the AV to check in, then disconnects the VPN. Just thinking out loud. -Original Message- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:35 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops I think yes, but I'm going to make sure and ask the lead dev !! Stu -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:36 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops You mean you would like
Re: Corporate antivirus recommendation - for external laptops
My bet is like most products if you do not update from the monitoring server you don't get the monitoring statistics. Jon On Wed, Aug 27, 2008 at 8:52 AM, Ralph Smith [EMAIL PROTECTED]wrote: Stu, I am curios why the recommendation is to set the update server to be primarily the internal VIPRE, especially for the first definition updates. On our broadband connection we only get 384K upload speeds, and that first definition update after installing is quite large, isn't it? Is there any real reason the laptops shouldn't get their definition updates directly from Sunbelt as a first choice? Ralph -Original Message- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 26, 2008 5:33 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops OK, here is the answer from Product Management on this topic. It can be done and here is how: In order to enable VIPRE agents on a computer connected to the Internet without VPN access to function normally and connect to VIPRE Enterprise in a private network, the administrator will need to do the following: 1. Install the VIPRE Enterprise service on a server. 2. Set up a NAT between the servers public IP address and private address so that all incoming connections on port 18082 are automatically forwarded to the VIPRE server. (tcp traffic) 3. Create a policy specifically for agents connecting via the Internet 4. Port usage is configured by policy (Agent Settings tab), the default port is 18082 for all communication between the agent and the service 5. Some firewalls may block SOAP over HTTP. You will need make sure your firewall allows this communication type. 6. Configure your policy (Agent settings tab) to contain the public IP address for both the Policy and Update servers (in this instance we recommend they are the same server). Also, check the box to save the address as the IP address. 7. Creating an agent is done by running the deployment wizard on the policy in question and selecting the radio button for Deployment Package, then selecting the type of installer desired. Either an MSI or Self Extracting Executable is recommended for this process. 8. The administrator will then need to distribute this installer to their clients by whatever method required by their company. 9. The client should install the agent while connected to the Internet. At install time, the agent needs to communicate with the VIPRE Enterprise service in order to obtain the full policy and initial threat definitions Some Considerations when configuring the policy: 1. You may not be able to ping the agents in the wild, therefore the Agent status heartbeat every minutes interval needs to be set to a value acceptable to the administrator. The agent will only be able to obtain a policy change when it makes periodic hello calls back into the service. Initially when the agents are first deployed the administrator may want to set this to a lower value until the policy is configured to the administrator's satisfaction. At this time, the administrator may want to increase that interval in order to decrease the traffic between the agent and the service. 2. Threat database updates, the agent will be able to obtain threat database updates directly from the server, if for some reason it is unable to connect to that server the agent can be configured to obtain threat database updates directly from Sunbelt. Simply check the box (Download via the Internet if local updates are unavailable) on the Agent Settings tab of the policy. 3. Throttling the threat database updates will be very important as well to keep from saturating the connection to the Internet with threat db update traffic. By default, the application is set with a 100ms interval between 67KB chunks of data sent to the agent. This delay interval can be set anywhere from 0 all the way up to 60,000ms or 60 seconds between chunks. Therefore, even if you have very narrow network pipe you should still be able to satisfy the threat database update requests without saturating your network. Warm regards, Stu -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:55 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops Another option maybe - if the AV product can be forced to check in though a script(can VIPRE?), and you can set up a VPN with something like OpenVPN or Cisco VPN client command line, you could create a script to run once a day that connects the VPN, forces the AV to check in, then disconnects the VPN. Just thinking out loud. -Original Message- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:35 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops I think yes, but I'm going to make
RE: Corporate antivirus recommendation - for external laptops
VIPRE has separate settings for the policy\reporting server and the update server. -- My bet is like most products if you do not update from the monitoring server you don't get the monitoring statistics. Jon From: Jon Harris [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 27, 2008 9:14 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation - for external laptops Confidentiality Notice: -- This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Corporate antivirus recommendation - for external laptops
eMail updates wouldn't be so bad, although the return path might be a little tricky - there's a lot of mail settings to setup. You'd need to build in mailbox maintenance. I don't have an issue opening a port up, however. Let's not forget the installation part - some of these laptops are never in the enterprise. So you need some way to install it remotely, usually a web site/intranet. So the port is pretty much already open. You'd also need a way to reject machines or remotely cause an uninstall. The latter would be a HUGE security hole of course, it would take some tricky implementation. For Trend, we can delete the laptop out of the console and it won't get updates. Removing an external machine isn't so much a security issue, it's more of a licensing issue. == John == -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:45 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops That would be sweet..Umm very sweet indeed.. Talk about a simplified rock solid compliance tool for remote offices and at home/on the road employees. -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:59 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops What would be cool would be an AV agent that could generate an email with it's data - could be encrypted - and send it to an email account on your domain that is checked by the AV server. The server then reads the email, updates the database and deletes the email. No open ports on the firewall, no special VPN to set up. Could something like that be workable? -Original Message- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:35 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops I think yes, but I'm going to make sure and ask the lead dev !! Stu -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:36 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops You mean you would like it to check in for status and reporting purposes? With VIPRE, or any other product that has similar options, what would happen if you set the update options for laptops to update from Sunbelt's servers over the Internet, but set the policy\reporting server to the public IP address on your router, and port forwarded those ports to your VIPRE server. Would that work? -Original Message- From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:19 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops Vipre\CSE has the option to get update from the Internet if internal servers are not available. Works very well... Shook From: Matt Plahtinsky [EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:15 PM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation - for external laptops Good question! I just sent this exact same question into sunbelts support page this morning. Were in the same boat. Our laptop users only connect to our network a few times a year but we still provide remote support. We need an antivirus product that will check in with us every time its online. Matt On 8/25/08, John Gwinner [EMAIL PROTECTED] wrote: I went through all of the emails, and didn't see much on this ... what A/V solutions work OK with distributed clients, meaning someone who's never been inside the firewall or VPN'd so that Group Policy could install it? We have a lot of laptops that never set foot in our office, and I'd like to protect them centrally to reduce ownership costs, make troubleshooting easier, and allow us to proactively spot things like common infections. So far Trend's OfficeScan and Panda are about the only ones that seem to do that. Stu, or anyone else - does anything else work OK for traveling laptops (no VPN)? == John == From: Devin Meade [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 11:46 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I have to agree on number four. We have more and more laptops and this is key. Question - will VIPRE do this? If so, its on our short list in a few months with Trend expires. Devin On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner [EMAIL PROTECTED] wrote: Regarding understanding tech's, I think that's anywhere these days. My top three requirements would be: 1) Excellent threat detection record and frequent updates to threat definitions. 2) Good admin
RE: Corporate antivirus recommendation - for external laptops
OK, here is the answer from Product Management on this topic. It can be done and here is how: In order to enable VIPRE agents on a computer connected to the Internet without VPN access to function normally and connect to VIPRE Enterprise in a private network, the administrator will need to do the following: 1. Install the VIPRE Enterprise service on a server. 2. Set up a NAT between the servers public IP address and private address so that all incoming connections on port 18082 are automatically forwarded to the VIPRE server. (tcp traffic) 3. Create a policy specifically for agents connecting via the Internet 4. Port usage is configured by policy (Agent Settings tab), the default port is 18082 for all communication between the agent and the service 5. Some firewalls may block SOAP over HTTP. You will need make sure your firewall allows this communication type. 6. Configure your policy (Agent settings tab) to contain the public IP address for both the Policy and Update servers (in this instance we recommend they are the same server). Also, check the box to save the address as the IP address. 7. Creating an agent is done by running the deployment wizard on the policy in question and selecting the radio button for Deployment Package, then selecting the type of installer desired. Either an MSI or Self Extracting Executable is recommended for this process. 8. The administrator will then need to distribute this installer to their clients by whatever method required by their company. 9. The client should install the agent while connected to the Internet. At install time, the agent needs to communicate with the VIPRE Enterprise service in order to obtain the full policy and initial threat definitions Some Considerations when configuring the policy: 1. You may not be able to ping the agents in the wild, therefore the Agent status heartbeat every minutes interval needs to be set to a value acceptable to the administrator. The agent will only be able to obtain a policy change when it makes periodic hello calls back into the service. Initially when the agents are first deployed the administrator may want to set this to a lower value until the policy is configured to the administrator's satisfaction. At this time, the administrator may want to increase that interval in order to decrease the traffic between the agent and the service. 2. Threat database updates, the agent will be able to obtain threat database updates directly from the server, if for some reason it is unable to connect to that server the agent can be configured to obtain threat database updates directly from Sunbelt. Simply check the box (Download via the Internet if local updates are unavailable) on the Agent Settings tab of the policy. 3. Throttling the threat database updates will be very important as well to keep from saturating the connection to the Internet with threat db update traffic. By default, the application is set with a 100ms interval between 67KB chunks of data sent to the agent. This delay interval can be set anywhere from 0 all the way up to 60,000ms or 60 seconds between chunks. Therefore, even if you have very narrow network pipe you should still be able to satisfy the threat database update requests without saturating your network. Warm regards, Stu -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:55 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops Another option maybe - if the AV product can be forced to check in though a script(can VIPRE?), and you can set up a VPN with something like OpenVPN or Cisco VPN client command line, you could create a script to run once a day that connects the VPN, forces the AV to check in, then disconnects the VPN. Just thinking out loud. -Original Message- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:35 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops I think yes, but I'm going to make sure and ask the lead dev !! Stu -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:36 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops You mean you would like it to check in for status and reporting purposes? With VIPRE, or any other product that has similar options, what would happen if you set the update options for laptops to update from Sunbelt's servers over the Internet, but set the policy\reporting server to the public IP address on your router, and port forwarded those ports to your VIPRE server. Would that work? -Original Message- From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:19 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops Vipre\CSE has the option to get update from the Internet
RE: Corporate antivirus recommendation - for external laptops
Stu, is this encrypted/SSL traffic? I doubt many will enable this if not. I wouldn't allow anything NATed unless SSL. PS - Thanks for the great explanation/tuturial! Regards, Sam -Original Message- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 26, 2008 4:33 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops OK, here is the answer from Product Management on this topic. It can be done and here is how: In order to enable VIPRE agents on a computer connected to the Internet without VPN access to function normally and connect to VIPRE Enterprise in a private network, the administrator will need to do the following: 1. Install the VIPRE Enterprise service on a server. 2. Set up a NAT between the servers public IP address and private address so that all incoming connections on port 18082 are automatically forwarded to the VIPRE server. (tcp traffic) 3. Create a policy specifically for agents connecting via the Internet 4. Port usage is configured by policy (Agent Settings tab), the default port is 18082 for all communication between the agent and the service 5. Some firewalls may block SOAP over HTTP. You will need make sure your firewall allows this communication type. 6. Configure your policy (Agent settings tab) to contain the public IP address for both the Policy and Update servers (in this instance we recommend they are the same server). Also, check the box to save the address as the IP address. 7. Creating an agent is done by running the deployment wizard on the policy in question and selecting the radio button for Deployment Package, then selecting the type of installer desired. Either an MSI or Self Extracting Executable is recommended for this process. 8. The administrator will then need to distribute this installer to their clients by whatever method required by their company. 9. The client should install the agent while connected to the Internet. At install time, the agent needs to communicate with the VIPRE Enterprise service in order to obtain the full policy and initial threat definitions Some Considerations when configuring the policy: 1. You may not be able to ping the agents in the wild, therefore the Agent status heartbeat every minutes interval needs to be set to a value acceptable to the administrator. The agent will only be able to obtain a policy change when it makes periodic hello calls back into the service. Initially when the agents are first deployed the administrator may want to set this to a lower value until the policy is configured to the administrator's satisfaction. At this time, the administrator may want to increase that interval in order to decrease the traffic between the agent and the service. 2. Threat database updates, the agent will be able to obtain threat database updates directly from the server, if for some reason it is unable to connect to that server the agent can be configured to obtain threat database updates directly from Sunbelt. Simply check the box (Download via the Internet if local updates are unavailable) on the Agent Settings tab of the policy. 3. Throttling the threat database updates will be very important as well to keep from saturating the connection to the Internet with threat db update traffic. By default, the application is set with a 100ms interval between 67KB chunks of data sent to the agent. This delay interval can be set anywhere from 0 all the way up to 60,000ms or 60 seconds between chunks. Therefore, even if you have very narrow network pipe you should still be able to satisfy the threat database update requests without saturating your network. Warm regards, Stu -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:55 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops Another option maybe - if the AV product can be forced to check in though a script(can VIPRE?), and you can set up a VPN with something like OpenVPN or Cisco VPN client command line, you could create a script to run once a day that connects the VPN, forces the AV to check in, then disconnects the VPN. Just thinking out loud. -Original Message- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:35 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops I think yes, but I'm going to make sure and ask the lead dev !! Stu -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:36 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops You mean you would like it to check in for status and reporting purposes? With VIPRE, or any other product that has similar options, what would happen if you set the update options for laptops to update from Sunbelt's servers over the Internet, but set the policy
RE: Corporate antivirus recommendation - for external laptops
I went through all of the emails, and didn't see much on this ... what A/V solutions work OK with distributed clients, meaning someone who's never been inside the firewall or VPN'd so that Group Policy could install it? We have a lot of laptops that never set foot in our office, and I'd like to protect them centrally to reduce ownership costs, make troubleshooting easier, and allow us to proactively spot things like common infections. So far Trend's OfficeScan and Panda are about the only ones that seem to do that. Stu, or anyone else - does anything else work OK for traveling laptops (no VPN)? == John == From: Devin Meade [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 11:46 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I have to agree on number four. We have more and more laptops and this is key. Question - will VIPRE do this? If so, its on our short list in a few months with Trend expires. Devin On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner [EMAIL PROTECTED] wrote: Regarding understanding tech's, I think that's anywhere these days. My top three requirements would be: 1) Excellent threat detection record and frequent updates to threat definitions. 2) Good admin interface with easy and reliable remote installs. 3) Good deep scanning ability of clients with a real-time scan that doesn't hog resources. For our needs I'd add: 4)Ability for external laptops that have never been in the office to get updates Panda says they do 4, but I evaluated it and it didn't seem to be as well integrated as Trend. Every time I've evaluated our situation I've stuck with Trend. Some of our users revolt and purchase Symantec because it's the standard. *sigh* We're a consulting company and 95% of our users have never stepped foot in the office, so I need something that works well outside the firewall. == John == From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 9:12 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I want to dump trend just so I don't have to hear their horrendous hold song anymore. That and the more then one hour hold times to speak to a tech then when I get a tech there is a 50/50 chance I wont be able to understand him or her. James -- Devin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Corporate antivirus recommendation - for external laptops
Good question! I just sent this exact same question into sunbelts support page this morning. Were in the same boat. Our laptop users only connect to our network a few times a year but we still provide remote support. We need an antivirus product that will check in with us every time its online. Matt On 8/25/08, John Gwinner [EMAIL PROTECTED] wrote: I went through all of the emails, and didn't see much on this ... what A/V solutions work OK with distributed clients, meaning someone who's never been inside the firewall or VPN'd so that Group Policy could install it? We have a lot of laptops that never set foot in our office, and I'd like to protect them centrally to reduce ownership costs, make troubleshooting easier, and allow us to proactively spot things like common infections. So far Trend's OfficeScan and Panda are about the only ones that seem to do that. Stu, or anyone else - does anything else work OK for traveling laptops (no VPN)? == John == From: Devin Meade [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 11:46 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I have to agree on number four. We have more and more laptops and this is key. Question - will VIPRE do this? If so, its on our short list in a few months with Trend expires. Devin On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner [EMAIL PROTECTED] wrote: Regarding understanding tech's, I think that's anywhere these days. My top three requirements would be: 1) Excellent threat detection record and frequent updates to threat definitions. 2) Good admin interface with easy and reliable remote installs. 3) Good deep scanning ability of clients with a real-time scan that doesn't hog resources. For our needs I'd add: 4)Ability for external laptops that have never been in the office to get updates Panda says they do 4, but I evaluated it and it didn't seem to be as well integrated as Trend. Every time I've evaluated our situation I've stuck with Trend. Some of our users revolt and purchase Symantec because it's the standard. *sigh* We're a consulting company and 95% of our users have never stepped foot in the office, so I need something that works well outside the firewall. == John == From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 9:12 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I want to dump trend just so I don't have to hear their horrendous hold song anymore. That and the more then one hour hold times to speak to a tech then when I get a tech there is a 50/50 chance I wont be able to understand him or her. James -- Devin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- Sent from Gmail for mobile | mobile.google.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Corporate antivirus recommendation - for external laptops
Vipre\CSE has the option to get update from the Internet if internal servers are not availble. Works very well... Shook From: Matt Plahtinsky [EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:15 PM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation - for external laptops Good question! I just sent this exact same question into sunbelts support page this morning. Were in the same boat. Our laptop users only connect to our network a few times a year but we still provide remote support. We need an antivirus product that will check in with us every time its online. Matt On 8/25/08, John Gwinner [EMAIL PROTECTED] wrote: I went through all of the emails, and didn't see much on this ... what A/V solutions work OK with distributed clients, meaning someone who's never been inside the firewall or VPN'd so that Group Policy could install it? We have a lot of laptops that never set foot in our office, and I'd like to protect them centrally to reduce ownership costs, make troubleshooting easier, and allow us to proactively spot things like common infections. So far Trend's OfficeScan and Panda are about the only ones that seem to do that. Stu, or anyone else - does anything else work OK for traveling laptops (no VPN)? == John == From: Devin Meade [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 11:46 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I have to agree on number four. We have more and more laptops and this is key. Question - will VIPRE do this? If so, its on our short list in a few months with Trend expires. Devin On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner [EMAIL PROTECTED] wrote: Regarding understanding tech's, I think that's anywhere these days. My top three requirements would be: 1) Excellent threat detection record and frequent updates to threat definitions. 2) Good admin interface with easy and reliable remote installs. 3) Good deep scanning ability of clients with a real-time scan that doesn't hog resources. For our needs I'd add: 4)Ability for external laptops that have never been in the office to get updates Panda says they do 4, but I evaluated it and it didn't seem to be as well integrated as Trend. Every time I've evaluated our situation I've stuck with Trend. Some of our users revolt and purchase Symantec because it's the standard. *sigh* We're a consulting company and 95% of our users have never stepped foot in the office, so I need something that works well outside the firewall. == John == From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 9:12 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I want to dump trend just so I don't have to hear their horrendous hold song anymore. That and the more then one hour hold times to speak to a tech then when I get a tech there is a 50/50 chance I wont be able to understand him or her. James -- Devin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- Sent from Gmail for mobile | mobile.google.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Corporate antivirus recommendation - for external laptops
I think yes, but I'm going to make sure and ask the lead dev !! Stu -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:36 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops You mean you would like it to check in for status and reporting purposes? With VIPRE, or any other product that has similar options, what would happen if you set the update options for laptops to update from Sunbelt's servers over the Internet, but set the policy\reporting server to the public IP address on your router, and port forwarded those ports to your VIPRE server. Would that work? -Original Message- From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:19 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops Vipre\CSE has the option to get update from the Internet if internal servers are not availble. Works very well... Shook From: Matt Plahtinsky [EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:15 PM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation - for external laptops Good question! I just sent this exact same question into sunbelts support page this morning. Were in the same boat. Our laptop users only connect to our network a few times a year but we still provide remote support. We need an antivirus product that will check in with us every time its online. Matt On 8/25/08, John Gwinner [EMAIL PROTECTED] wrote: I went through all of the emails, and didn't see much on this ... what A/V solutions work OK with distributed clients, meaning someone who's never been inside the firewall or VPN'd so that Group Policy could install it? We have a lot of laptops that never set foot in our office, and I'd like to protect them centrally to reduce ownership costs, make troubleshooting easier, and allow us to proactively spot things like common infections. So far Trend's OfficeScan and Panda are about the only ones that seem to do that. Stu, or anyone else - does anything else work OK for traveling laptops (no VPN)? == John == From: Devin Meade [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 11:46 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I have to agree on number four. We have more and more laptops and this is key. Question - will VIPRE do this? If so, its on our short list in a few months with Trend expires. Devin On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner [EMAIL PROTECTED] wrote: Regarding understanding tech's, I think that's anywhere these days. My top three requirements would be: 1) Excellent threat detection record and frequent updates to threat definitions. 2) Good admin interface with easy and reliable remote installs. 3) Good deep scanning ability of clients with a real-time scan that doesn't hog resources. For our needs I'd add: 4)Ability for external laptops that have never been in the office to get updates Panda says they do 4, but I evaluated it and it didn't seem to be as well integrated as Trend. Every time I've evaluated our situation I've stuck with Trend. Some of our users revolt and purchase Symantec because it's the standard. *sigh* We're a consulting company and 95% of our users have never stepped foot in the office, so I need something that works well outside the firewall. == John == From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 9:12 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I want to dump trend just so I don't have to hear their horrendous hold song anymore. That and the more then one hour hold times to speak to a tech then when I get a tech there is a 50/50 chance I wont be able to understand him or her. James -- Devin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- Sent from Gmail for mobile | mobile.google.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Confidentiality Notice: -- This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security
RE: Corporate antivirus recommendation - for external laptops
Another option maybe - if the AV product can be forced to check in though a script(can VIPRE?), and you can set up a VPN with something like OpenVPN or Cisco VPN client command line, you could create a script to run once a day that connects the VPN, forces the AV to check in, then disconnects the VPN. Just thinking out loud. -Original Message- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:35 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops I think yes, but I'm going to make sure and ask the lead dev !! Stu -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:36 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops You mean you would like it to check in for status and reporting purposes? With VIPRE, or any other product that has similar options, what would happen if you set the update options for laptops to update from Sunbelt's servers over the Internet, but set the policy\reporting server to the public IP address on your router, and port forwarded those ports to your VIPRE server. Would that work? -Original Message- From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:19 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops Vipre\CSE has the option to get update from the Internet if internal servers are not availble. Works very well... Shook From: Matt Plahtinsky [EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:15 PM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation - for external laptops Good question! I just sent this exact same question into sunbelts support page this morning. Were in the same boat. Our laptop users only connect to our network a few times a year but we still provide remote support. We need an antivirus product that will check in with us every time its online. Matt On 8/25/08, John Gwinner [EMAIL PROTECTED] wrote: I went through all of the emails, and didn't see much on this ... what A/V solutions work OK with distributed clients, meaning someone who's never been inside the firewall or VPN'd so that Group Policy could install it? We have a lot of laptops that never set foot in our office, and I'd like to protect them centrally to reduce ownership costs, make troubleshooting easier, and allow us to proactively spot things like common infections. So far Trend's OfficeScan and Panda are about the only ones that seem to do that. Stu, or anyone else - does anything else work OK for traveling laptops (no VPN)? == John == From: Devin Meade [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 11:46 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I have to agree on number four. We have more and more laptops and this is key. Question - will VIPRE do this? If so, its on our short list in a few months with Trend expires. Devin On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner [EMAIL PROTECTED] wrote: Regarding understanding tech's, I think that's anywhere these days. My top three requirements would be: 1) Excellent threat detection record and frequent updates to threat definitions. 2) Good admin interface with easy and reliable remote installs. 3) Good deep scanning ability of clients with a real-time scan that doesn't hog resources. For our needs I'd add: 4)Ability for external laptops that have never been in the office to get updates Panda says they do 4, but I evaluated it and it didn't seem to be as well integrated as Trend. Every time I've evaluated our situation I've stuck with Trend. Some of our users revolt and purchase Symantec because it's the standard. *sigh* We're a consulting company and 95% of our users have never stepped foot in the office, so I need something that works well outside the firewall. == John == From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 9:12 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I want to dump trend just so I don't have to hear their horrendous hold song anymore. That and the more then one hour hold times to speak to a tech then when I get a tech there is a 50/50 chance I wont be able to understand him or her. James -- Devin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- Sent from Gmail for mobile | mobile.google.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE
RE: Corporate antivirus recommendation - for external laptops
What would be cool would be an AV agent that could generate an email with it's data - could be encrypted - and send it to an email account on your domain that is checked by the AV server. The server then reads the email, updates the database and deletes the email. No open ports on the firewall, no special VPN to set up. Could something like that be workable? -Original Message- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:35 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops I think yes, but I'm going to make sure and ask the lead dev !! Stu -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:36 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops You mean you would like it to check in for status and reporting purposes? With VIPRE, or any other product that has similar options, what would happen if you set the update options for laptops to update from Sunbelt's servers over the Internet, but set the policy\reporting server to the public IP address on your router, and port forwarded those ports to your VIPRE server. Would that work? -Original Message- From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:19 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops Vipre\CSE has the option to get update from the Internet if internal servers are not availble. Works very well... Shook From: Matt Plahtinsky [EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:15 PM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation - for external laptops Good question! I just sent this exact same question into sunbelts support page this morning. Were in the same boat. Our laptop users only connect to our network a few times a year but we still provide remote support. We need an antivirus product that will check in with us every time its online. Matt On 8/25/08, John Gwinner [EMAIL PROTECTED] wrote: I went through all of the emails, and didn't see much on this ... what A/V solutions work OK with distributed clients, meaning someone who's never been inside the firewall or VPN'd so that Group Policy could install it? We have a lot of laptops that never set foot in our office, and I'd like to protect them centrally to reduce ownership costs, make troubleshooting easier, and allow us to proactively spot things like common infections. So far Trend's OfficeScan and Panda are about the only ones that seem to do that. Stu, or anyone else - does anything else work OK for traveling laptops (no VPN)? == John == From: Devin Meade [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 11:46 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I have to agree on number four. We have more and more laptops and this is key. Question - will VIPRE do this? If so, its on our short list in a few months with Trend expires. Devin On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner [EMAIL PROTECTED] wrote: Regarding understanding tech's, I think that's anywhere these days. My top three requirements would be: 1) Excellent threat detection record and frequent updates to threat definitions. 2) Good admin interface with easy and reliable remote installs. 3) Good deep scanning ability of clients with a real-time scan that doesn't hog resources. For our needs I'd add: 4)Ability for external laptops that have never been in the office to get updates Panda says they do 4, but I evaluated it and it didn't seem to be as well integrated as Trend. Every time I've evaluated our situation I've stuck with Trend. Some of our users revolt and purchase Symantec because it's the standard. *sigh* We're a consulting company and 95% of our users have never stepped foot in the office, so I need something that works well outside the firewall. == John == From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 9:12 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I want to dump trend just so I don't have to hear their horrendous hold song anymore. That and the more then one hour hold times to speak to a tech then when I get a tech there is a 50/50 chance I wont be able to understand him or her. James -- Devin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- Sent from Gmail for mobile | mobile.google.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http
RE: Corporate antivirus recommendation - for external laptops
That would be sweet..Umm very sweet indeed.. Talk about a simplified rock solid compliance tool for remote offices and at home/on the road employees. -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:59 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops What would be cool would be an AV agent that could generate an email with it's data - could be encrypted - and send it to an email account on your domain that is checked by the AV server. The server then reads the email, updates the database and deletes the email. No open ports on the firewall, no special VPN to set up. Could something like that be workable? -Original Message- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:35 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops I think yes, but I'm going to make sure and ask the lead dev !! Stu -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:36 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops You mean you would like it to check in for status and reporting purposes? With VIPRE, or any other product that has similar options, what would happen if you set the update options for laptops to update from Sunbelt's servers over the Internet, but set the policy\reporting server to the public IP address on your router, and port forwarded those ports to your VIPRE server. Would that work? -Original Message- From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:19 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops Vipre\CSE has the option to get update from the Internet if internal servers are not availble. Works very well... Shook From: Matt Plahtinsky [EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:15 PM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation - for external laptops Good question! I just sent this exact same question into sunbelts support page this morning. Were in the same boat. Our laptop users only connect to our network a few times a year but we still provide remote support. We need an antivirus product that will check in with us every time its online. Matt On 8/25/08, John Gwinner [EMAIL PROTECTED] wrote: I went through all of the emails, and didn't see much on this ... what A/V solutions work OK with distributed clients, meaning someone who's never been inside the firewall or VPN'd so that Group Policy could install it? We have a lot of laptops that never set foot in our office, and I'd like to protect them centrally to reduce ownership costs, make troubleshooting easier, and allow us to proactively spot things like common infections. So far Trend's OfficeScan and Panda are about the only ones that seem to do that. Stu, or anyone else - does anything else work OK for traveling laptops (no VPN)? == John == From: Devin Meade [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 11:46 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I have to agree on number four. We have more and more laptops and this is key. Question - will VIPRE do this? If so, its on our short list in a few months with Trend expires. Devin On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner [EMAIL PROTECTED] wrote: Regarding understanding tech's, I think that's anywhere these days. My top three requirements would be: 1) Excellent threat detection record and frequent updates to threat definitions. 2) Good admin interface with easy and reliable remote installs. 3) Good deep scanning ability of clients with a real-time scan that doesn't hog resources. For our needs I'd add: 4)Ability for external laptops that have never been in the office to get updates Panda says they do 4, but I evaluated it and it didn't seem to be as well integrated as Trend. Every time I've evaluated our situation I've stuck with Trend. Some of our users revolt and purchase Symantec because it's the standard. *sigh* We're a consulting company and 95% of our users have never stepped foot in the office, so I need something that works well outside the firewall. == John == From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 9:12 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I want to dump trend just so I don't have to hear their horrendous hold song anymore. That and the more then one hour hold times to speak to a tech then when I get a tech there is a 50/50 chance I wont be able to understand him or her. James -- Devin ~ Finally, powerful endpoint
Re: Corporate antivirus recommendation - for external laptops
How about https, with both client and server certificates required? Much simpler. On Mon, Aug 25, 2008 at 5:59 PM, Ralph Smith [EMAIL PROTECTED] wrote: What would be cool would be an AV agent that could generate an email with it's data - could be encrypted - and send it to an email account on your domain that is checked by the AV server. The server then reads the email, updates the database and deletes the email. No open ports on the firewall, no special VPN to set up. Could something like that be workable? -Original Message- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 8:35 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops I think yes, but I'm going to make sure and ask the lead dev !! Stu -Original Message- From: Ralph Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:36 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops You mean you would like it to check in for status and reporting purposes? With VIPRE, or any other product that has similar options, what would happen if you set the update options for laptops to update from Sunbelt's servers over the Internet, but set the policy\reporting server to the public IP address on your router, and port forwarded those ports to your VIPRE server. Would that work? -Original Message- From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:19 PM To: NT System Admin Issues Subject: RE: Corporate antivirus recommendation - for external laptops Vipre\CSE has the option to get update from the Internet if internal servers are not availble. Works very well... Shook From: Matt Plahtinsky [EMAIL PROTECTED] Sent: Monday, August 25, 2008 7:15 PM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation - for external laptops Good question! I just sent this exact same question into sunbelts support page this morning. Were in the same boat. Our laptop users only connect to our network a few times a year but we still provide remote support. We need an antivirus product that will check in with us every time its online. Matt On 8/25/08, John Gwinner [EMAIL PROTECTED] wrote: I went through all of the emails, and didn't see much on this ... what A/V solutions work OK with distributed clients, meaning someone who's never been inside the firewall or VPN'd so that Group Policy could install it? We have a lot of laptops that never set foot in our office, and I'd like to protect them centrally to reduce ownership costs, make troubleshooting easier, and allow us to proactively spot things like common infections. So far Trend's OfficeScan and Panda are about the only ones that seem to do that. Stu, or anyone else - does anything else work OK for traveling laptops (no VPN)? == John == From: Devin Meade [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 11:46 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I have to agree on number four. We have more and more laptops and this is key. Question - will VIPRE do this? If so, its on our short list in a few months with Trend expires. Devin On Fri, Aug 22, 2008 at 12:52 PM, John Gwinner [EMAIL PROTECTED] wrote: Regarding understanding tech's, I think that's anywhere these days. My top three requirements would be: 1) Excellent threat detection record and frequent updates to threat definitions. 2) Good admin interface with easy and reliable remote installs. 3) Good deep scanning ability of clients with a real-time scan that doesn't hog resources. For our needs I'd add: 4)Ability for external laptops that have never been in the office to get updates Panda says they do 4, but I evaluated it and it didn't seem to be as well integrated as Trend. Every time I've evaluated our situation I've stuck with Trend. Some of our users revolt and purchase Symantec because it's the standard. *sigh* We're a consulting company and 95% of our users have never stepped foot in the office, so I need something that works well outside the firewall. == John == From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Friday, August 22, 2008 9:12 AM To: NT System Admin Issues Subject: Re: Corporate antivirus recommendation I want to dump trend just so I don't have to hear their horrendous hold song anymore. That and the more then one hour hold times to speak to a tech then when I get a tech there is a 50/50 chance I wont be able to understand him or her. James -- Devin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- Sent from Gmail for mobile | mobile.google.com ~ Finally