RE: VIPRE versus Trend
Just getting caught up on stuff.. I agree, Steve. I can't keep Vipre running, either. Half the time I look, it's not on any of the clients it should be, and then when I look at the server, the service hasn't been running for who knows how long. I know I should check it every day or hour or something, but in a small company with very limited staff (staff = me,) there isn't the time to babysit it. We're looking to move to either Symantec or go back to Trend next year. Evan From: Steve Kelsay [mailto:kels...@sctax.org] Sent: Wednesday, February 24, 2010 4:43 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com BLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.com BLOCKED::http://www.eaglemds.com/ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
Wonderful. I'll have support contact you off-list. Alex From: Evan Brastow [mailto:ebras...@automatedemblem.com] Sent: Thursday, March 04, 2010 1:06 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Just getting caught up on stuff.. I agree, Steve. I can't keep Vipre running, either. Half the time I look, it's not on any of the clients it should be, and then when I look at the server, the service hasn't been running for who knows how long. I know I should check it every day or hour or something, but in a small company with very limited staff (staff = me,) there isn't the time to babysit it. We're looking to move to either Symantec or go back to Trend next year. Evan From: Steve Kelsay [mailto:kels...@sctax.org] Sent: Wednesday, February 24, 2010 4:43 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
Evan, I'm curious about your Trend experience. How long ago were you on Trend before moving to VIPRE? Thanks, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ From: Evan Brastow [mailto:ebras...@automatedemblem.com] Sent: Thursday, March 04, 2010 1:06 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Just getting caught up on stuff.. I agree, Steve. I can't keep Vipre running, either. Half the time I look, it's not on any of the clients it should be, and then when I look at the server, the service hasn't been running for who knows how long. I know I should check it every day or hour or something, but in a small company with very limited staff (staff = me,) there isn't the time to babysit it. We're looking to move to either Symantec or go back to Trend next year. Evan From: Steve Kelsay [mailto:kels...@sctax.org] Sent: Wednesday, February 24, 2010 4:43 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
Do you have Vipre agents running as a domain service account? That's the situation I have at home where Vipre doesn't start with the machine even though I have it to delayed start and restart the service set at the 3 actions. I find if I manually start the service after the machine has been up for 5-10 minutes (It's also a DHCP/DNS/DC...but for a whopping 2 systems) it starts fine. My clients with Vipre service use the LocalSystem account and no issues. Related? Dunno. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Evan Brastow [mailto:ebras...@automatedemblem.com] Sent: Thursday, March 04, 2010 10:06 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Just getting caught up on stuff.. I agree, Steve. I can't keep Vipre running, either. Half the time I look, it's not on any of the clients it should be, and then when I look at the server, the service hasn't been running for who knows how long. I know I should check it every day or hour or something, but in a small company with very limited staff (staff = me,) there isn't the time to babysit it. We're looking to move to either Symantec or go back to Trend next year. Evan From: Steve Kelsay [mailto:kels...@sctax.org] Sent: Wednesday, February 24, 2010 4:43 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: VIPRE versus Trend
Wow Evan did you really say We’re looking to move to either Symantec?! I'd do anything to get off that worthless POS. Unfortunately I don't get the last say as to what we are told to use. In over 12 years I could count on one hand the number of infected/compromised computers on campus. Since going to Symancrap, it seems all I do is clean and re-image infected computers. And yes - they have the most current DATs. Doesn't matter. It isn't catching/cleaning much of anything. I run Vipre on the machines I'm in charge of away from my daytime job. On Thu, Mar 4, 2010 at 12:05 PM, Evan Brastow ebras...@automatedemblem.comwrote: Just getting caught up on stuff.. I agree, Steve. I can’t keep Vipre running, either. Half the time I look, it’s not on any of the clients it should be, and then when I look at the server, the service hasn’t been running for who knows how long. I know I should check it every day or hour or something, but in a small company with very limited staff (staff = me,) there isn’t the time to babysit it. We’re looking to move to either Symantec or go back to Trend next year. Evan * * * * * * *From:* Steve Kelsay [mailto:kels...@sctax.org] *Sent:* Wednesday, February 24, 2010 4:43 PM *To:* NT System Admin Issues *Subject:* RE: VIPRE versus Trend I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. *From:* Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] *Sent:* Wednesday, February 24, 2010 4:26 PM *To:* NT System Admin Issues *Subject:* VIPRE versus Trend All, We’re looking to move away from McAfee. Right now we’re considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA* *jra...@eaglemds.com* *www.eaglemds.com -- Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. -- Organization and good planning are just crutches for people that can't handle stress and caffeine. - unknown ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
I used Trend OfficeScan for, I don't know, maybe 8-9 years? Seems like it was maybe called something else then, but maybe not. I switched to Vipre last year only because it was cheaper. Trend worked great for me. No complaints. Just got too expensive. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Thursday, March 04, 2010 2:11 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Evan, I'm curious about your Trend experience. How long ago were you on Trend before moving to VIPRE? Thanks, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com BLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.com BLOCKED::http://www.eaglemds.com/ From: Evan Brastow [mailto:ebras...@automatedemblem.com] Sent: Thursday, March 04, 2010 1:06 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Just getting caught up on stuff.. I agree, Steve. I can't keep Vipre running, either. Half the time I look, it's not on any of the clients it should be, and then when I look at the server, the service hasn't been running for who knows how long. I know I should check it every day or hour or something, but in a small company with very limited staff (staff = me,) there isn't the time to babysit it. We're looking to move to either Symantec or go back to Trend next year. Evan From: Steve Kelsay [mailto:kels...@sctax.org] Sent: Wednesday, February 24, 2010 4:43 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com BLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.com BLOCKED::http://www.eaglemds.com/ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
Hi David, Nope. They're running the LocalSystem account. They'll be running fine one day, and then I'll check and see I have no Vipre icon in my tray, so I'll check other users and find the same thing. Then I'll go to the Vipre server and find that the service is not running. When it asks me if I want to do a remote start and I say yes, it lists all of the clients as Inactive, and I have to select them, right click, and choose to Start Agent Kinda frustrating. Evan From: David Lum [mailto:david@nwea.org] Sent: Thursday, March 04, 2010 2:12 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Do you have Vipre agents running as a domain service account? That's the situation I have at home where Vipre doesn't start with the machine even though I have it to delayed start and restart the service set at the 3 actions. I find if I manually start the service after the machine has been up for 5-10 minutes (It's also a DHCP/DNS/DC...but for a whopping 2 systems) it starts fine. My clients with Vipre service use the LocalSystem account and no issues. Related? Dunno. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Evan Brastow [mailto:ebras...@automatedemblem.com] Sent: Thursday, March 04, 2010 10:06 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Just getting caught up on stuff.. I agree, Steve. I can't keep Vipre running, either. Half the time I look, it's not on any of the clients it should be, and then when I look at the server, the service hasn't been running for who knows how long. I know I should check it every day or hour or something, but in a small company with very limited staff (staff = me,) there isn't the time to babysit it. We're looking to move to either Symantec or go back to Trend next year. Evan From: Steve Kelsay [mailto:kels...@sctax.org] Sent: Wednesday, February 24, 2010 4:43 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com BLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.com BLOCKED::http://www.eaglemds.com/ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
I just need something stable and effective. Symantec is mature, at any rate. I'm in the preliminary research phase only, so I'm not looking to start a Symantec is good or bad thing J Trend is my most likely choice for a year or two until Vipre has a little more chance to stabilize. I have faith in Sunbelt and its employees to keep working on everything with great success! From: Vicky Spelshaus [mailto:vicky.spelsh...@gmail.com] Sent: Thursday, March 04, 2010 2:16 PM To: NT System Admin Issues Subject: Re: VIPRE versus Trend Wow Evan did you really say We're looking to move to either Symantec?! I'd do anything to get off that worthless POS. Unfortunately I don't get the last say as to what we are told to use. In over 12 years I could count on one hand the number of infected/compromised computers on campus. Since going to Symancrap, it seems all I do is clean and re-image infected computers. And yes - they have the most current DATs. Doesn't matter. It isn't catching/cleaning much of anything. I run Vipre on the machines I'm in charge of away from my daytime job. On Thu, Mar 4, 2010 at 12:05 PM, Evan Brastow ebras...@automatedemblem.com wrote: Just getting caught up on stuff.. I agree, Steve. I can't keep Vipre running, either. Half the time I look, it's not on any of the clients it should be, and then when I look at the server, the service hasn't been running for who knows how long. I know I should check it every day or hour or something, but in a small company with very limited staff (staff = me,) there isn't the time to babysit it. We're looking to move to either Symantec or go back to Trend next year. Evan From: Steve Kelsay [mailto:kels...@sctax.org] Sent: Wednesday, February 24, 2010 4:43 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com www.eaglemds.com Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. -- Organization and good planning are just crutches for people that can't handle stress and caffeine. - unknown ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: VIPRE versus Trend
I wonder as a short term shim if you could setup Servers Alive (sAlive!) to check for the service, and start it if it finds it stopped ... I think that sAlive! runs on a 5 minute cycle, and may still be free for a limited number of endpoints On Thu, Mar 4, 2010 at 2:22 PM, Evan Brastow ebras...@automatedemblem.comwrote: Hi David, Nope. They’re running the LocalSystem account. They’ll be running fine one day, and then I’ll check and see I have no Vipre icon in my tray, so I’ll check other users and find the same thing. Then I’ll go to the Vipre server and find that the service is not running. When it asks me if I want to do a remote start and I say yes, it lists all of the clients as Inactive, and I have to select them, right click, and choose to “Start Agent”…. Kinda frustrating. Evan * * * * *From:* David Lum [mailto:david@nwea.org] *Sent:* Thursday, March 04, 2010 2:12 PM *To:* NT System Admin Issues *Subject:* RE: VIPRE versus Trend Do you have Vipre agents running as a domain service account? That’s the situation I have at home where Vipre doesn’t start with the machine even though I have it to delayed start and “restart the service” set at the 3 actions. I find if I manually start the service after the machine has been up for 5-10 minutes (It’s also a DHCP/DNS/DC…but for a whopping 2 systems) it starts fine. My clients with Vipre service use the LocalSystem account and no issues. Related? Dunno. *David Lum** **// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 *From:* Evan Brastow [mailto:ebras...@automatedemblem.com] *Sent:* Thursday, March 04, 2010 10:06 AM *To:* NT System Admin Issues *Subject:* RE: VIPRE versus Trend Just getting caught up on stuff.. I agree, Steve. I can’t keep Vipre running, either. Half the time I look, it’s not on any of the clients it should be, and then when I look at the server, the service hasn’t been running for who knows how long. I know I should check it every day or hour or something, but in a small company with very limited staff (staff = me,) there isn’t the time to babysit it. We’re looking to move to either Symantec or go back to Trend next year. Evan * * * * * * *From:* Steve Kelsay [mailto:kels...@sctax.org] *Sent:* Wednesday, February 24, 2010 4:43 PM *To:* NT System Admin Issues *Subject:* RE: VIPRE versus Trend I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. *From:* Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] *Sent:* Wednesday, February 24, 2010 4:26 PM *To:* NT System Admin Issues *Subject:* VIPRE versus Trend All, We’re looking to move away from McAfee. Right now we’re considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA* *jra...@eaglemds.com* *www.eaglemds.com -- Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: VIPRE versus Trend
I was on Trend for many years but switched to ESET about 3 year ago, I currently have 275 seats and I have to say it’s very reliable and not much to maintain. However it’s much more than Vipre and you cannot compare tech support to Sunbelt! However the product is mature and just works I need very little help from their support and If I do I usually have a reply by next business day. I agree give Vipre a few more years and I’ll look at them. BTW I use the Sunbelt E-mail Archiver and it rocks!!! On Thu, Mar 4, 2010 at 2:11 PM, Raper, Jonathan - Eagle jra...@eaglemds.com wrote: Evan, I’m curious about your Trend experience. How long ago were you on Trend before moving to VIPRE? Thanks, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA* *jra...@eaglemds.com* *www.eaglemds.com -- *From:* Evan Brastow [mailto:ebras...@automatedemblem.com] *Sent:* Thursday, March 04, 2010 1:06 PM *To:* NT System Admin Issues *Subject:* RE: VIPRE versus Trend Just getting caught up on stuff.. I agree, Steve. I can’t keep Vipre running, either. Half the time I look, it’s not on any of the clients it should be, and then when I look at the server, the service hasn’t been running for who knows how long. I know I should check it every day or hour or something, but in a small company with very limited staff (staff = me,) there isn’t the time to babysit it. We’re looking to move to either Symantec or go back to Trend next year. Evan * * * * * * *From:* Steve Kelsay [mailto:kels...@sctax.org] *Sent:* Wednesday, February 24, 2010 4:43 PM *To:* NT System Admin Issues *Subject:* RE: VIPRE versus Trend I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. *From:* Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] *Sent:* Wednesday, February 24, 2010 4:26 PM *To:* NT System Admin Issues *Subject:* VIPRE versus Trend All, We’re looking to move away from McAfee. Right now we’re considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA* *jra...@eaglemds.com* *www.eaglemds.com -- Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. -- Stefan Jafs ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: VIPRE versus Trend (now SCCM and Quest etc)
Yup - already on the SCCM list. Jon Harris jk.har...@gmail.com 2/26/2010 5:18 PM Are both of you aware of the MyITForums? They have one of the best support lists for all things System Center and before. Jon On Thu, Feb 25, 2010 at 10:40 PM, James Hill james.h...@superamart.com.au wrote: SCCM is a mammoth beast of a thing that doesn’t “just work”. It is a really powerful product and can make a number of things very very easy. But it isn’t a product that you can just install and have it mastered soon after. You have to like hunting through log files JJust because the gui (the slowest one in the world) said it worked doesn’t mean it did. I’m able to keep it behaving most of the time now but it has taken quite a long time to get to this stage. It’s easy to see why the list for it is so busy. Having said that it is also clear that what can be done with it is almost endless and that I’ve only really scratched the surface. From:Tom Miller [mailto:tmil...@hnncsb.org] Sent: Friday, 26 February 2010 11:53 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend (now SCCM and Quest etc) Okay turning away from Vipre, but I hear you on the SCCM thing. The price is right, but it's not good enough, as I and my colleage have spend many, many manhours just trying to manage SCCM. I've been testing the KACE KBox (now owned by Dell) and have been *very* impressed. The agent install is so easy compared to the SCCM agent that there is no comparison. There is a huge community and list for SCCM, but I find it hard to keep up and we don't have dedicated staff for workstation management. It makes me miss Zenworks. And is it me but the SCCM wait and it will happen is crazy. Regarding your comment of the Quest tools, I also purchased the Quest NDS migrator and was very disappointed in the product. Instead I just wrote my own scripts to remove the Novell client, Zen, iprint, etc and we now only use the workstation migrator, which rarely works. But my Vipre installs rarely failed, except when Symanect refused to uninstall and they both ended up being on the same machine. Not pretty but I guess that was my fault as my scripts didn't check for that. Oops. Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Ray 02/25/10 5:29 PM I for one am looking forward to this. We have McAfee and are testing Vipre. We also had issues with Conflicker and Iloma, and were less than impressed with the McAfee responses. Of course, that might be par for the course when these things hit. We’ve also spent months trying to get SCCM deployed. It’s been an arduous task even with MS help. All kinds of issues with BITS, COM, WMI, permissions, etc. To be fair, we had a whole lot of trouble with the Quest tools when we were converting from Novell. Too many models, too many images, etc etc. What we wish we had when we started with SCCM was a checklist of what’s needed, or even some kind of “pre-requisite”. Of course, SCCM Console does have a pre-requisite scan, and on a new PC, it still failed to install after passing the pre-req. Hopefully Vipre will have something that ensure successful installations. From:Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Thursday, February 25, 2010 3:06 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Going through this list, there are a number of things I can think of that would be causing these issues. Most, if not all, are configuration issues. Cookies, for example, should be set to Report Only. The Dell biometric issue is over a year old. The Confiker issue you're dealing with is due to Confiker being in your environment (from whatever, an unpatched system or a user bringing an infected USB stick) and agents being upgraded and real-time protection being turned off during the upgrade. While this can be managed by the admin, we have dealt with this in version 4 being released next week. I would just recommend a call with management here at Sunbelt to go over in detail your environment. Alex Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: a...@sunbeltsoftware.commsn: alex...@hotmail.com w: www.sunbeltsoftware.comb: www.sunbeltblog.com From:Greg Olson [mailto:gol...@markettools.com] Sent: Thursday, February 25, 2010 4:34 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I have to +1 with this assessment. We’re having all the issues reported below and more. My director of customer support has had it now, and is lobbying hard to get rid of it. I really wanted to see it work well, and lobbied hard to get in into play. And perhaps the new version will fix some if it. I really do believe Sunbelt will get it up to snuff eventually, but its hard to justify our support staff spending 60% of their time on Vipre issues. Here’s a copy of some of an email he sent to myself and our VP of IT. I put some comments in () below. Quote: Here
RE: VIPRE versus Trend
+1 here... I really like that Sunbelt staff (at the very least) are on the list. Also, the sales staff hang around and are quick to make sure your problems are taken care of. There have been several times when I've emailed my sales rep and he pounced on my problem like a hungry cat on a mouse and made sure my problem was resolved promptly. :-) Thanks Bryan! -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, February 25, 2010 7:45 PM To: NT System Admin Issues Subject: Re: VIPRE versus Trend Alex, and other Sunbelt staff, I just have to say this: With no other commercial product that I'm familiar with do we see the CEO and the PM of the product (let alone actual support stat) on a public list working through issues like this. This is part of why I am a fan of VIPRE. Kurt On Thu, Feb 25, 2010 at 14:16, Alex Eckelberry al...@sunbelt-software.com wrote: Notice he said the new VIPRE PM sigh Well have a little chat here with some folks. Alex Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: a...@sunbeltsoftware.com MSN: alex...@hotmail.com w: www.sunbeltsoftware.com b: www.sunbeltblog.com From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] Sent: Thursday, February 25, 2010 4:57 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend LOL Great! Looking forward to it. From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] Sent: Thursday, February 25, 2010 4:56 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Yah. We changed that password! LOL Were getting the new VIPRE PM on the list so that he can answer and clarify some of these issues being discussed. Also, a lot of new stuff in Version 4 addresses several points mentioned. Warm regards, Stu Sjouwerman Co-Founder, Publisher, Sunbelt Media P: +1-727-562-0101 ext 218 F: +1-727-562-5199 s...@sunbelt-software.com From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Thursday, February 25, 2010 4:51 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I predict mischief. From: Donald Bittenbender [mailto:dona...@sunbelt-software.com] Sent: Thursday, February 25, 2010 3:49 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Ok Curt, Obviously any mail you send to ntsysadmin@lyris.sunbelt-software.com will post to the list, like below. It says you are receiving copy of the list emails. Make sure you dont have any mail filters on or they arent setup to go to one of your sub-folders. If you do have to use the web-interface to reply to messages from, login and your username/password is: Username: cu...@sunbelt-software.com Password: p...@ssw0rdmanager I show you currently subscribed to: NTsysadmin Ninjablade cse viper_enterprise -- Donald Bittenbender Salesforce Administrator IT Developer/DBA/Sysadmin Sunbelt Software From: Curt Larson [mailto:cu...@sunbelt-software.com] Sent: Thursday, February 25, 2010 4:34 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend OK, I done did read all of it. Where would you like me to start? Curt Larson VIPRE/CounterSpy Product Manager Sunbelt Software www.SunbeltSoftware.com cu...@sunbeltsoftware.com 727-562-0101 x397 From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] Sent: Thursday, February 25, 2010 4:26 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Oh, were reading all of it. Well come back with some feedback shortly. Warm regards, Stu Sjouwerman Co-Founder, Publisher, Sunbelt Media P: +1-727-562-0101 ext 218 F: +1-727-562-5199 s...@sunbelt-software.com From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 2:17 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I don't see that text in the link you provided, but that(the first link)is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies
Re: VIPRE versus Trend (now SCCM and Quest etc)
Are both of you aware of the MyITForums? They have one of the best support lists for all things System Center and before. Jon On Thu, Feb 25, 2010 at 10:40 PM, James Hill james.h...@superamart.com.auwrote: SCCM is a mammoth beast of a thing that doesn’t “just work”. It is a really powerful product and can make a number of things very very easy. But it isn’t a product that you can just install and have it mastered soon after. You have to like hunting through log files J Just because the gui (the slowest one in the world) said it worked doesn’t mean it did. I’m able to keep it behaving most of the time now but it has taken quite a long time to get to this stage. It’s easy to see why the list for it is so busy. Having said that it is also clear that what can be done with it is almost endless and that I’ve only really scratched the surface. *From:* Tom Miller [mailto:tmil...@hnncsb.org] *Sent:* Friday, 26 February 2010 11:53 AM *To:* NT System Admin Issues *Subject:* RE: VIPRE versus Trend (now SCCM and Quest etc) Okay turning away from Vipre, but I hear you on the SCCM thing. The price is right, but it's not good enough, as I and my colleage have spend many, many manhours just trying to manage SCCM. I've been testing the KACE KBox (now owned by Dell) and have been *very* impressed. The agent install is so easy compared to the SCCM agent that there is no comparison. There is a huge community and list for SCCM, but I find it hard to keep up and we don't have dedicated staff for workstation management. It makes me miss Zenworks. And is it me but the SCCM wait and it will happen is crazy. Regarding your comment of the Quest tools, I also purchased the Quest NDS migrator and was very disappointed in the product. Instead I just wrote my own scripts to remove the Novell client, Zen, iprint, etc and we now only use the workstation migrator, which rarely works. But my Vipre installs rarely failed, except when Symanect refused to uninstall and they both ended up being on the same machine. Not pretty but I guess that was my fault as my scripts didn't check for that. Oops. Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Ray 02/25/10 5:29 PM I for one am looking forward to this. We have McAfee and are testing Vipre. We also had issues with Conflicker and Iloma, and were less than impressed with the McAfee responses. Of course, that might be par for the course when these things hit. We’ve also spent months trying to get SCCM deployed. It’s been an arduous task even with MS help. All kinds of issues with BITS, COM, WMI, permissions, etc. To be fair, we had a whole lot of trouble with the Quest tools when we were converting from Novell. Too many models, too many images, etc etc. What we wish we had when we started with SCCM was a checklist of what’s needed, or even some kind of “pre-requisite”. Of course, SCCM Console does have a pre-requisite scan, and on a new PC, it still failed to install after passing the pre-req. Hopefully Vipre will have something that ensure successful installations. *From:* Alex Eckelberry [mailto:al...@sunbelt-software.com] *Sent:* Thursday, February 25, 2010 3:06 PM *To:* NT System Admin Issues *Subject:* RE: VIPRE versus Trend Going through this list, there are a number of things I can think of that would be causing these issues. Most, if not all, are configuration issues. Cookies, for example, should be set to Report Only. The Dell biometric issue is over a year old. The Confiker issue you're dealing with is due to Confiker being in your environment (from whatever, an unpatched system or a user bringing an infected USB stick) and agents being upgraded and real-time protection being turned off during the upgrade. While this can be managed by the admin, we have dealt with this in version 4 being released next week. I would just recommend a call with management here at Sunbelt to go over in detail your environment. Alex Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: a...@sunbeltsoftware.com MSN: alex...@hotmail.com w: www.sunbeltsoftware.com b: www.sunbeltblog.com *From:* Greg Olson [mailto:gol...@markettools.com] *Sent:* Thursday, February 25, 2010 4:34 AM *To:* NT System Admin Issues *Subject:* RE: VIPRE versus Trend I have to +1 with this assessment. We’re having all the issues reported below and more. My director of customer support has had it now, and is lobbying hard to get rid of it. I really wanted to see it work well, and lobbied hard to get in into play. And perhaps the new version will fix some if it. I really do believe Sunbelt will get it up to snuff eventually, but its hard to justify our support staff spending 60% of their time on Vipre issues. Here’s a copy of some of an email he
RE: VIPRE versus Trend
are lucky it works if we are not it doesn't and if it hates the tech it will say it deployed but wont turn on. (Remove Symantec tool from Sunbelt was also being used in the install, and may have had a hand in some of these complaints) Prior to viper we were using Symantec v9 or v10 on all our clients(not even endpoint protection) and the only time we had higher volume of problems was conficker, now with viper my team is spending 60% of its time everyday resolving pc issues related to viruses/Trojans/malware etc or even worse resolving issues caused by viper. I understand there are claims that the next version of viper is going to resolve most of the above mentioned issues but thus far they are just claims and given the quality of tech support we are receiving from sunbelt I wouldn't vouch for it. Given this scenario I would, on behalf of my entire team, recommend rolling back to Symantec and work on improving our patch management which would have saved us from issues like conficker than spend half of my team's time everyday resolving the above mentioned problems. Also, the stress levels of the users are very clearly being displayed and my team is facing their wrath. This is killing my teams productivity and morale and I would recommend we act on it immediately. I am definitely open to other recommendations but please, if you think viper's next version is the solution, shoot me. End quote. So not all that good. But I will push to get the new version up into a good size (100+ users) test audience before having to go back to Symantec. Uggh, Symantec Uggh. -Greg From: Steve Kelsay [mailto:kels...@sctax.org] Sent: Wednesday, February 24, 2010 1:43 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
to be malicious and is quarantining or deleting them making the user reinstall programs. We can add all these false alarms as exceptions in viper policy and make it work but this will add a huge overhead based on the amount of false alarms we are getting. For example Vipre quarantined its own executables and some HP management software executables as threats. f.No malware engine. Vipre doesn’t seem to have a malware engine or the engine is pretty useless because thus far we have not seen viper detect any malware infections at all. Recently we came across a malware that was causing user machines to reboot as soon as they login and viper was not able to detect it via safe mode or command line utility. We had to install third party solutions in most of the cases where users reported infections to get them cleaned as viper is neither preventing nor cleaning the infections. g. Known threats. We are having at least a few instances everyday where user machines are infected with known exploits and threats and viper, with active protection running, does not prevent or detect the viruses/Trojans/worms etc and we are ending up installing other applications (Symantec endpoint, zonealarm, malware bytes etc) to get rid of these infections. h. Deployments: Vipre has been horrible as far as remote deployments are concerned rolling out viper in our enterprise was a nightmare. Took us 3 months as most of the times remote deployment either failed or cause system issues, I believe lot of us within the team had issues with the deployments too including the CTO. Even now the deployments are a matter of luck, if we are lucky it works if we are not it doesn’t and if it hates the tech it will say it deployed but wont turn on. (Remove Symantec tool from Sunbelt was also being used in the install, and may have had a hand in some of these complaints) Prior to viper we were using Symantec v9 or v10 on all our clients(not even endpoint protection) and the only time we had higher volume of problems was conficker, now with viper my team is spending 60% of its time everyday resolving pc issues related to viruses/Trojans/malware etc or even worse resolving issues caused by viper. I understand there are claims that the next version of viper is going to resolve most of the above mentioned issues but thus far they are just claims and given the quality of tech support we are receiving from sunbelt I wouldn’t vouch for it. Given this scenario I would, on behalf of my entire team, recommend rolling back to Symantec and work on improving our patch management which would have saved us from issues like conficker than spend half of my team’s time everyday resolving the above mentioned problems. Also, the stress levels of the users are very clearly being displayed and my team is facing their wrath. This is killing my teams productivity and morale and I would recommend we act on it immediately. I am definitely open to other recommendations but please, if you think viper’s next version is the solution, shoot me. End quote. So not all that good. But I will push to get the new version up into a good size (100+ users) test audience before having to go back to Symantec. Uggh, Symantec…. Uggh….. -Greg From:Steve Kelsay [mailto:kels...@sctax.org] Sent: Wednesday, February 24, 2010 1:43 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From:Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We’re looking to move away from McAfee. Right now we’re considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com ( blocked::mailto:%20jra
Re: VIPRE versus Trend
system resources making it impossible for the user to log in. The only solution to this problem according to viper is to disable the agent on the machine in safe mode and reboot the machine, let the user log in and then enable the agent again. This is happening pretty frequently and is causing a lot of productivity downtime. (need to have a min do not scan till xyz minutes after a boot-up to fix this) e. False alarms: we are getting at least 20 to 25 false alarms everyday when viper opens tickets for browser cookies which are mostly harmless and are removed as soon as the user closes his browser session (we have cookies allowed as fyi, but this doesn’t really worry me, the removal of good programs does), sometimes viper is detecting genuine software to be malicious and is quarantining or deleting them making the user reinstall programs. We can add all these false alarms as exceptions in viper policy and make it work but this will add a huge overhead based on the amount of false alarms we are getting. For example Vipre quarantined its own executables and some HP management software executables as threats. f.No malware engine. Vipre doesn’t seem to have a malware engine or the engine is pretty useless because thus far we have not seen viper detect any malware infections at all. Recently we came across a malware that was causing user machines to reboot as soon as they login and viper was not able to detect it via safe mode or command line utility. We had to install third party solutions in most of the cases where users reported infections to get them cleaned as viper is neither preventing nor cleaning the infections. g. Known threats. We are having at least a few instances everyday where user machines are infected with known exploits and threats and viper, with active protection running, does not prevent or detect the viruses/Trojans/worms etc and we are ending up installing other applications (Symantec endpoint, zonealarm, malware bytes etc) to get rid of these infections. h. Deployments: Vipre has been horrible as far as remote deployments are concerned rolling out viper in our enterprise was a nightmare. Took us 3 months as most of the times remote deployment either failed or cause system issues, I believe lot of us within the team had issues with the deployments too including the CTO. Even now the deployments are a matter of luck, if we are lucky it works if we are not it doesn’t and if it hates the tech it will say it deployed but wont turn on. (Remove Symantec tool from Sunbelt was also being used in the install, and may have had a hand in some of these complaints) Prior to viper we were using Symantec v9 or v10 on all our clients(not even endpoint protection) and the only time we had higher volume of problems was conficker, now with viper my team is spending 60% of its time everyday resolving pc issues related to viruses/Trojans/malware etc or even worse resolving issues caused by viper. I understand there are claims that the next version of viper is going to resolve most of the above mentioned issues but thus far they are just claims and given the quality of tech support we are receiving from sunbelt I wouldn’t vouch for it. Given this scenario I would, on behalf of my entire team, recommend rolling back to Symantec and work on improving our patch management which would have saved us from issues like conficker than spend half of my team’s time everyday resolving the above mentioned problems. Also, the stress levels of the users are very clearly being displayed and my team is facing their wrath. This is killing my teams productivity and morale and I would recommend we act on it immediately. I am definitely open to other recommendations but please, if you think viper’s next version is the solution, shoot me. End quote. So not all that good. But I will push to get the new version up into a good size (100+ users) test audience before having to go back to Symantec. Uggh, Symantec…. Uggh….. -Greg *From:* Steve Kelsay [mailto:kels...@sctax.org] *Sent:* Wednesday, February 24, 2010 1:43 PM *To:* NT System Admin Issues *Subject:* RE: VIPRE versus Trend I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good
Re: VIPRE versus Trend
I've had a completely different experience with Vipre Enterprise Steve. We have had some issues with Vipre bpam service using up non-paged pool memory, causing the server to become unresponsive, this happened on a very small subset of servers, but a very significant subset, namely database servers with Oracle on them. In working with Vipre support we completely disabled quick scans, and deep scans, only using active protection on the policy group for database servers. We also made some changes in memory management on the servers per some MS KB articles that we researched and that Vipre support directed us to. We haven't had any issues with this in 2-3 months. I've not ever used Trend, only McAfee and Vipre. Vipre management console is great, easy and intuitive compared to McAfee's ePO. Vipre has caught more stuff than we ever thought possible since we've implemented it, including some password cracker applications on workstations that shouldn't have those kind of things.. I've got Vipre installed on 650 nodes, and am having to up my license count because we're out of licenses. On Wed, Feb 24, 2010 at 3:42 PM, Steve Kelsay kels...@sctax.org wrote: I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. *From:* Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] *Sent:* Wednesday, February 24, 2010 4:26 PM *To:* NT System Admin Issues *Subject:* VIPRE versus Trend All, We’re looking to move away from McAfee. Right now we’re considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA* *jra...@eaglemds.com* *www.eaglemds.com -- Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
I am sure others have had great luck with Vipre. But as I said, we have been working with their top techs since November, and it is still not working well. I mentioned that it would appear to be working, and had we not been hit with the Konficker we would have thought wonderful things about it, but after delving into the realities of the system, it just is not reporting a lot of issues back to the console, and IO have to go find out what is really happening under the covers. Hopefully Version 4 will resolve a lot of issues, but right now, with Sunbelt Tech support working with us, the system is eating 4-6 hours of my day trying to make sure we are secure and able to function. Their support is quite responsive, normally although there are lapses, and very good. The system is just not ready for prime time as of this week. Next week and version 4 may be a different story. From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, February 25, 2010 10:35 AM To: NT System Admin Issues Subject: Re: VIPRE versus Trend I've had a completely different experience with Vipre Enterprise Steve. We have had some issues with Vipre bpam service using up non-paged pool memory, causing the server to become unresponsive, this happened on a very small subset of servers, but a very significant subset, namely database servers with Oracle on them. In working with Vipre support we completely disabled quick scans, and deep scans, only using active protection on the policy group for database servers. We also made some changes in memory management on the servers per some MS KB articles that we researched and that Vipre support directed us to. We haven't had any issues with this in 2-3 months. I've not ever used Trend, only McAfee and Vipre. Vipre management console is great, easy and intuitive compared to McAfee's ePO. Vipre has caught more stuff than we ever thought possible since we've implemented it, including some password cracker applications on workstations that shouldn't have those kind of things.. I've got Vipre installed on 650 nodes, and am having to up my license count because we're out of licenses. On Wed, Feb 24, 2010 at 3:42 PM, Steve Kelsay kels...@sctax.org wrote: I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com www.eaglemds.com Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
I'm right in the middle of evaluating McAfee replacements here, so keep this type info coming, please! Also, if anyone has info (good/bad) about any vendor's solution, please post up. Feel free to contact me offline, if you feel that's necessary. Thx! Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com mailto:don.gu...@prufoxroach.com From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, February 25, 2010 10:35 AM To: NT System Admin Issues Subject: Re: VIPRE versus Trend I've had a completely different experience with Vipre Enterprise Steve. We have had some issues with Vipre bpam service using up non-paged pool memory, causing the server to become unresponsive, this happened on a very small subset of servers, but a very significant subset, namely database servers with Oracle on them. In working with Vipre support we completely disabled quick scans, and deep scans, only using active protection on the policy group for database servers. We also made some changes in memory management on the servers per some MS KB articles that we researched and that Vipre support directed us to. We haven't had any issues with this in 2-3 months. I've not ever used Trend, only McAfee and Vipre. Vipre management console is great, easy and intuitive compared to McAfee's ePO. Vipre has caught more stuff than we ever thought possible since we've implemented it, including some password cracker applications on workstations that shouldn't have those kind of things.. I've got Vipre installed on 650 nodes, and am having to up my license count because we're out of licenses. On Wed, Feb 24, 2010 at 3:42 PM, Steve Kelsay kels...@sctax.org wrote: I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com www.eaglemds.com Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
So far my experience with Vipre is quite good, but the Symantec uninstaller doesn't seem to work on XP x64 clients. Those get a treatment of Cleanwipe in safe mode. This is a pretty small environment so not too big of a deal. The memory footprint is much smaller than our previous Symantec (v10.1). Deployment isn't 100% successful, but then again, it was never 100% successful with Symantec. You have users who don't reboot their systems ever, and you know how finicky Windows can randomly get sometimes. The administrators interface is wonderful, I have to tip my had to them on that. So much more intuitive and straightforward. You don't need to shove a 500 page book into your brain to figure it out. Phillip Partipilo Parametric Solutions Inc. Jupiter, Florida (561) 747-6107 From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, February 25, 2010 10:58 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I'm right in the middle of evaluating McAfee replacements here, so keep this type info coming, please! Also, if anyone has info (good/bad) about any vendor's solution, please post up. Feel free to contact me offline, if you feel that's necessary. Thx! Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, February 25, 2010 10:35 AM To: NT System Admin Issues Subject: Re: VIPRE versus Trend I've had a completely different experience with Vipre Enterprise Steve. We have had some issues with Vipre bpam service using up non-paged pool memory, causing the server to become unresponsive, this happened on a very small subset of servers, but a very significant subset, namely database servers with Oracle on them. In working with Vipre support we completely disabled quick scans, and deep scans, only using active protection on the policy group for database servers. We also made some changes in memory management on the servers per some MS KB articles that we researched and that Vipre support directed us to. We haven't had any issues with this in 2-3 months. I've not ever used Trend, only McAfee and Vipre. Vipre management console is great, easy and intuitive compared to McAfee's ePO. Vipre has caught more stuff than we ever thought possible since we've implemented it, including some password cracker applications on workstations that shouldn't have those kind of things.. I've got Vipre installed on 650 nodes, and am having to up my license count because we're out of licenses. On Wed, Feb 24, 2010 at 3:42 PM, Steve Kelsay kels...@sctax.org wrote: I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com www.eaglemds.com _ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do
RE: VIPRE versus Trend
I've got about 75 clients including the Vipre Server that we switched over from AVG Professional. AVG never even gave me the OPTION of blocking Ad-Ware. They stated they didn't want to bother us with popups about adware. Well, gee whiz.what do you think the pop-up ads are doing to us??? Sheesh. I would strongly recommend against AVG. It may be OK for home use, but I wouldn't want to rely on it for a corporate environment. John-AldrichTile-Tools From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, February 25, 2010 10:58 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I'm right in the middle of evaluating McAfee replacements here, so keep this type info coming, please! Also, if anyone has info (good/bad) about any vendor's solution, please post up. Feel free to contact me offline, if you feel that's necessary. Thx! Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, February 25, 2010 10:35 AM To: NT System Admin Issues Subject: Re: VIPRE versus Trend I've had a completely different experience with Vipre Enterprise Steve. We have had some issues with Vipre bpam service using up non-paged pool memory, causing the server to become unresponsive, this happened on a very small subset of servers, but a very significant subset, namely database servers with Oracle on them. In working with Vipre support we completely disabled quick scans, and deep scans, only using active protection on the policy group for database servers. We also made some changes in memory management on the servers per some MS KB articles that we researched and that Vipre support directed us to. We haven't had any issues with this in 2-3 months. I've not ever used Trend, only McAfee and Vipre. Vipre management console is great, easy and intuitive compared to McAfee's ePO. Vipre has caught more stuff than we ever thought possible since we've implemented it, including some password cracker applications on workstations that shouldn't have those kind of things.. I've got Vipre installed on 650 nodes, and am having to up my license count because we're out of licenses. On Wed, Feb 24, 2010 at 3:42 PM, Steve Kelsay kels...@sctax.org wrote: I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com www.eaglemds.com _ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE
RE: VIPRE versus Trend
Well, here's my situation: Let's start w/ my main location (location A). Location A is our corporate headquarters. It is our only location that has an internet connection. We have 9 other smaller remote offices (location B, C, D, etc). Each remote site has a T1 line connecting them to our provider's VPN cloud and back to our corporate office. These offices have circuits ranging from 512k - full 1.5M depending on their size. Vipre's updates (and method of deploying these updates) is simply put... a nightmare. Everyday, and sometimes twice a day, sunbelt releases MASSIVE definition updates. So in order to stay up-to-date, I have to drag hundreds of MB across my 512k lines (daily). Originally, the Vipre server at location A downloads the updates every 4 hours (the most frequent setting). Based on policies on the server at location A, updates are pushed out to the remote offices. Even if I configure bandwidth throttling, all this does is slow down the amount of time the updates will take to reach the remote users. Often, by the time one update is finished, another one has been released. This setup has caused major network congestion, so I attempted to deploy a remote vipre update server on one of my desktops at a remote site. This remote update server at location B is configured to download updates from sunbelt directly. This is the only way a remote server can update itself. I assumed that it would be able to pull updates from my main server in location A, but I am being told that it has to go out to the internet to get its updates. So I thought one PC downloading an update over the circuit is better than a dozen. However, here is the problem with this arrangement: The remote update server can't be configured to throttle its own updates, so I am still stuck pulling down 100+ MB updates over a 512k line with no control over the bandwidth. Also, the remote update server (just like the agents) can only be configure to get updates every x hours (not at a specified time of day). And... when the Vipre service restarts (due to reboot, MS update, maintenance, power outage, whatever)... the timer starts from that point. I will say that it IS getting better, and version 4 is promising to fix this (and several other) issues. The Vipre Enterprise forum on the Sunbelt website is a great place to keep up w/ info: http://supportforums.sunbeltsoftware.com/ HTH From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, February 25, 2010 10:58 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I'm right in the middle of evaluating McAfee replacements here, so keep this type info coming, please! Also, if anyone has info (good/bad) about any vendor's solution, please post up. Feel free to contact me offline, if you feel that's necessary. Thx! Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com mailto:don.gu...@prufoxroach.com From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, February 25, 2010 10:35 AM To: NT System Admin Issues Subject: Re: VIPRE versus Trend I've had a completely different experience with Vipre Enterprise Steve. We have had some issues with Vipre bpam service using up non-paged pool memory, causing the server to become unresponsive, this happened on a very small subset of servers, but a very significant subset, namely database servers with Oracle on them. In working with Vipre support we completely disabled quick scans, and deep scans, only using active protection on the policy group for database servers. We also made some changes in memory management on the servers per some MS KB articles that we researched and that Vipre support directed us to. We haven't had any issues with this in 2-3 months. I've not ever used Trend, only McAfee and Vipre. Vipre management console is great, easy and intuitive compared to McAfee's ePO. Vipre has caught more stuff than we ever thought possible since we've implemented it, including some password cracker applications on workstations that shouldn't have those kind of things.. I've got Vipre installed on 650 nodes, and am having to up my license count because we're out of licenses. On Wed, Feb 24, 2010 at 3:42 PM, Steve Kelsay kels...@sctax.org wrote: I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote
RE: VIPRE versus Trend
Don't get me wrong. Vipre is still the best around, I believe, but it is not workable in my case. There are just too many things that appear to be working just fine until you delve into things and find them not reporting back. The automatic disabling of real time protection every time there is a software update is an issue that is totally unacceptable to me (someone has already mentioned the frequent updates), but Version 4 is supposed to allow you to schedule these. Currently it just happens and they turn off your protection until you reboot. In version 4, it will be able to be scheduled, but the server reboot is automatic, so is again not acceptable, as it will require yet another reboot of 400 servers during a very tight maintenance window. I would prefer to update Vipre, then run the MS updates, and do one reboot, but I am told that is not going to be an option. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 11:38 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend All - Thank you very much for your responses. I apologize for the length, but I've tried to answer and address everyone who has responded to me in one email to save on hitting everybody's inbox so many times. I think I got everyone, but if I didn't that was not my intent. Kurt - thanks for pointing out that I should have included the environment specs... DOH! Also, we seem to have had similar experiences with McAfee. So for the environment, here goes: Geographic dispersion: 12 facilities geographically dispersed throughout the city, with one location in the next town over (16 miles away). Most sites are within 5 miles or so to my Data Center). User count ranges from 16 or so at one facility to well over 50 at another, and everything in between. Workstations: Roughly 500 workstations, almost all Windows XP Pro with a few 2000 Pro still in prod (but not for much longer). About 100 or so of those 500 are Thin Clients running Windows CE connecting back to W2k3 TS farm - we're looking at moving to Xen Desktop, but not quite there yet. 150 of the 500 are Lenovo X200T Tablet PCs used for Point of Care documentation during patient visits, connected over Cisco 802.11n with Cisco ACS for authentication - we're teetering between v4.2 and 5.1 right now - both are actually in production, but not by choice (long story). Server environment: 70ish (mostly W2k3, with a few 2000 and a number of 2008) servers, almost all of which are running on ESX 3.5. AD is w2k3, one DC is physical, and one is virtual. Network (LAN) environment: All new Cisco switchgear: Catalyst 3560 or 3750 closet switches, PIXes all soon to be replaced with ASAs (budgeted and planned for this quarter). As previously mentioned wireless is pure Cisco 802.11n utilizing 1142 Wireless LAN Controllers and Cisco ACS 4.2 AND 5.1 in production. Network (WAN) environment: WAN consists of fiber, RF line of sight, RF non-line of sight, and Free Space Optics. WAN speeds are no less than 5 Mb Full Duplex over fiber, with some WAN speeds of GigE over a combination of fiber and Free Space Optics. Erik - thanks for the info. Considering our WAN speeds, it may not impact us, but it is definitely something to take into consideration. David - Thanks for the detailed information - sounds like you know McAfee REALLY well. Aside from your long experience and significant comfort level with Trend, what is it about Trend that you particularly like over VIPRE or McAfee? We know McAfee can do a lot, but I think that's part of the problem. We're so complex in other areas, that we simply don't have the time required to learn all the ins and outs of McAfee. At one point in time I had an admin that knew it really well, but when he left, the knowledge of the product went with him. We simply can't afford for that to happen again. McAfee is like a big fat hairy tool chest where you can't seem to find what you're looking for even though you know its in there somewhere. All we need is the simplicity and elegance of Swiss Army knife or a Leatherman. Another significant part of the problem is that we don't have any malware protection, and that's what has bitten us in the rear more over the past year than anything. We're up for renewal, and don't have time for McAfee's games of, oh, well, you should have product x, y, and z, especially with an interface that has such a huge learning curve. Steve - Your experience is troubling - thanks for your candor. I've asked my contact at VIPRE if he would like to comment on your case. I'll be very interested to see if he responds. Whatever the case, I do hope that you find a suitable resolution. Richard - thanks for the link. I was aware of the new version, but had not seen (nor looked for, yet) the Beta. Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com www.eaglemds.com
RE: VIPRE versus Trend
For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall scan policy was really slowing down updates. Yes, you really must get a remote update server at each site. Just make it a PC, no server necessary. Then only one will update across your VPN/frame relay. If you instruct your remote update server to update from Sunbelt, that seems odd, since it would still have to traverse the VPN to get to HQ, then to the Internet. Is your main Console server overloaded that it cannot handle the remote update requests? Just trying to understand. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:15 AM Well, here's my situation: Let's start w/ my main location (location A). Location A is our corporate headquarters. It is our only location that has an internet connection. We have 9 other smaller remote offices (location B, C, D, etc). Each remote site has a T1 line connecting them to our provider's VPN cloud and back to our corporate office. These offices have circuits ranging from 512k - full 1.5M depending on their size. Vipre's updates (and method of deploying these updates) is simply put... a nightmare. Everyday, and sometimes twice a day, sunbelt releases MASSIVE definition updates. So in order to stay up-to-date, I have to drag hundreds of MB across my 512k lines (daily). Originally, the Vipre server at location A downloads the updates every 4 hours(the most frequent setting). Based on policies on the server at location A, updates are pushed out to the remote offices. Even if I configure bandwidth throttling, all this does is slow down the amount of time the updates will take to reach the remote users. Often, by the time one update is finished, another one has been released. This setup has caused major network congestion, so I attempted to deploy a remote vipre update server on one of my desktops at a remote site. This remote update server at location B is configured to download updates from sunbelt directly. This is the only way a remote server can update itself. I assumed that it would be able to pull updates from my main server in location A, but I am being told that it has to go out to the internet to get its updates. So I thought one PC downloading an update over the circuit is better than a dozen. However, here is the problem with this arrangement: The remote update server can't be configured to throttle its own updates, so I am still stuck pulling down 100+ MB updates over a 512k line with no control over the bandwidth. Also, the remote update server (just like the agents) can only be configure to get updates every x hours (not at a specified time of day). And… when the Vipre service restarts (due to reboot, MS update, maintenance, power outage, whatever)… the timer starts from that point. I will say that it IS getting better, and version 4 is promising to fix this (and several other) issues. The Vipre Enterprise forum on the Sunbelt website is a great place to keep up w/ info: http://supportforums.sunbeltsoftware.com/ HTH From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, February 25, 2010 10:58 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I’m right in the middle of evaluating McAfee replacements here, so keep this type info coming, please! Also, if anyone has info (good/bad) about any vendor’s solution, please post up. Feel free to contact me offline, if you feel that’s necessary. Thx! Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com From:Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, February 25, 2010 10:35 AM To: NT System Admin Issues Subject: Re: VIPRE versus Trend I've had a completely different experience with Vipre Enterprise Steve. We have had some issues with Vipre bpam service using up non-paged pool memory, causing the server to become unresponsive, this happened on a very small subset of servers, but a very significant subset, namely database servers with Oracle on them. In working with Vipre support we completely disabled quick scans, and deep scans, only using active protection on the policy group for database servers. We also made some changes in memory management on the servers per some MS KB articles that we researched and that Vipre support directed us to. We haven't had any issues with this in 2-3 months. I've not ever used Trend, only McAfee and Vipre. Vipre management console is great, easy and intuitive compared to McAfee's ePO. Vipre has caught more stuff than we ever thought possible since we've
RE: VIPRE versus Trend
We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall scan policy was really slowing down updates. Yes, you really must get a remote update server at each site. Just make it a PC, no server necessary. Then only one will update across your VPN/frame relay. If you instruct your remote update server to update from Sunbelt, that seems odd, since it would still have to traverse the VPN to get to HQ, then to the Internet. Is your main Console server overloaded that it cannot handle the remote update requests? Just trying to understand. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:15 AM Well, here's my situation: Let's start w/ my main location (location A). Location A is our corporate headquarters. It is our only location that has an internet connection. We have 9 other smaller remote offices (location B, C, D, etc). Each remote site has a T1 line connecting them to our provider's VPN cloud and back to our corporate office. These offices have circuits ranging from 512k - full 1.5M depending on their size. Vipre's updates (and method of deploying these updates) is simply put... a nightmare. Everyday, and sometimes twice a day, sunbelt releases MASSIVE definition updates. So in order to stay up-to-date, I have to drag hundreds of MB across my 512k lines (daily). Originally, the Vipre server at location A downloads the updates every 4 hours (the most frequent setting). Based on policies on the server at location A, updates are pushed out to the remote offices. Even if I configure bandwidth throttling, all this does is slow down the amount of time the updates will take to reach the remote users. Often, by the time one update is finished, another one has been released. This setup has caused major network congestion, so I attempted to deploy a remote vipre update server on one of my desktops at a remote site. This remote update server at location B is configured to download updates from sunbelt directly. This is the only way a remote server can update itself. I assumed that it would be able to pull updates from my main server in location A, but I am being told that it has to go out to the internet to get its updates. So I thought one PC downloading an update over the circuit is better than a dozen. However, here is the problem with this arrangement: The remote update server can't be configured to throttle its own updates, so I am still stuck pulling down 100+ MB updates over a 512k line with no control over the bandwidth. Also, the remote update server (just like the agents) can only be configure to get updates every x hours (not at a specified time of day). And... when the Vipre service restarts (due to reboot, MS update, maintenance, power outage, whatever)... the timer starts from that point. I will say that it IS getting better, and version 4 is promising to fix this (and several other) issues. The Vipre Enterprise forum on the Sunbelt website is a great place to keep up w/ info: http://supportforums.sunbeltsoftware.com/ HTH From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, February 25, 2010 10:58 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I'm right in the middle of evaluating McAfee replacements here, so keep this type info coming, please! Also, if anyone has info (good/bad) about any vendor's solution, please post up. Feel free to contact me offline, if you feel that's necessary. Thx! Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com mailto:don.gu...@prufoxroach.com From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, February 25, 2010 10:35 AM To: NT System Admin Issues Subject: Re: VIPRE versus Trend I've had a completely different experience with Vipre Enterprise Steve. We have had some issues with Vipre bpam service using up non-paged pool memory, causing the server to become
RE: VIPRE versus Trend
Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:58 AM We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall scan policy was really slowing down updates. Yes, you really must get a remote update server at each site. Just make it a PC, no server necessary. Then only one will update across your VPN/frame relay. If you instruct your remote update server to update from Sunbelt, that seems odd, since it would still have to traverse the VPN to get to HQ, then to the Internet. Is your main Console server overloaded that it cannot handle the remote update requests? Just trying to understand. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:15 AM Well, here's my situation: Let's start w/ my main location (location A). Location A is our corporate headquarters. It is our only location that has an internet connection. We have 9 other smaller remote offices (location B, C, D, etc). Each remote site has a T1 line connecting them to our provider's VPN cloud and back to our corporate office. These offices have circuits ranging from 512k - full 1.5M depending on their size. Vipre's updates (and method of deploying these updates) is simply put... a nightmare. Everyday, and sometimes twice a day, sunbelt releases MASSIVE definition updates. So in order to stay up-to-date, I have to drag hundreds of MB across my 512k lines (daily). Originally, the Vipre server at location A downloads the updates every 4 hours(the most frequent setting). Based on policies on the server at location A, updates are pushed out to the remote offices. Even if I configure bandwidth throttling, all this does is slow down the amount of time the updates will take to reach the remote users. Often, by the time one update is finished, another one has been released. This setup has caused major network congestion, so I attempted to deploy a remote vipre update server on one of my desktops at a remote site. This remote update server at location B is configured to download updates from sunbelt directly. This is the only way a remote server can update itself. I assumed that it would be able to pull updates from my main server in location A, but I am being told that it has to go out to the internet to get its updates. So I thought one PC downloading an update over the circuit is better than a dozen. However, here is the problem with this arrangement: The remote update server can't be configured to throttle its own updates, so I am still stuck pulling down 100+ MB updates over a 512k line with no control over the bandwidth. Also, the remote update server (just like the agents) can only be configure to get updates every x hours (not at a specified time of day). And… when the Vipre service restarts (due to reboot, MS update, maintenance, power outage, whatever)… the timer starts from that point. I will say that it IS getting better, and version 4 is promising to fix this (and several other) issues. The Vipre Enterprise forum on the Sunbelt website is a great place to keep up w/ info: http://supportforums.sunbeltsoftware.com/ HTH From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, February 25, 2010 10:58 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I’m right in the middle of evaluating McAfee replacements here, so keep this type info coming, please! Also, if anyone has info (good/bad) about any vendor’s solution, please post up. Feel free to contact me offline, if you feel that’s necessary. Thx! Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com
RE: VIPRE versus Trend
Fergal, thanks for the response. Prior to the upgrade, what was your satisfaction level? Since the upgrade, what sort of problems? Thanks, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ From: Fergal O'Connell [mailto:foconn...@curamsoftware.com] Sent: Thursday, February 25, 2010 12:50 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend We have installed Trend (OfficeScan) a few years ago now but have recently upgraded from v8 to v10 - and have nothing but problems. This is going on about 4 months to and from Trend without any results - I'd say we are going to look to moving away from Trend. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: 24 February 2010 21:26 To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: VIPRE versus Trend
I don't think so. The policy updates should come from the main server, but the branch update servers can get their updates directly from Sunbelt. Branch clients point to their local update server for updates but to the main policy server for policy updates. That's how I've configured things in two networks. Die dulci fruere! Roger Wright ___ On Thu, Feb 25, 2010 at 2:17 PM, Tom Miller tmil...@hnncsb.org wrote: I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=2378highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those updates come from the internet. Currently there is not an option to have the remote update servers pull their definitions from a central policy server, but it has been requested as a feature. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1626highlight_key=y I did check into this, and we have a feature request on the backlog to add this functionality. I do not have an ETA on that addition though. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 12:20 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:58 AM We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall scan policy was really slowing down updates. Yes, you really must get a remote update server at each site. Just make it a PC, no server necessary. Then only one will update across your VPN/frame relay. If you instruct your remote update server to update from Sunbelt, that seems odd, since it would still have to traverse the VPN to get to HQ, then to the Internet. Is your main Console server overloaded that it cannot handle the remote update requests? Just trying to understand. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:15 AM Well, here's my situation: Let's
Re: VIPRE versus Trend
Roger, for your branch offices update servers, what server name/IP do you have for the update? Roger Wright rhw...@gmail.com 2/25/2010 2:22 PM I don't think so. The policy updates should come from the main server, but the branch update servers can get their updates directly from Sunbelt. Branch clients point to their local update server for updates but to the main policy server for policy updates. That's how I've configured things in two networks. Die dulci fruere! Roger Wright ___ On Thu, Feb 25, 2010 at 2:17 PM, Tom Miller tmil...@hnncsb.org wrote: I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=2378highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those updates come from the internet. Currently there is not an option to have the remote update servers pull their definitions from a central policy server, but it has been requested as a feature. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1626highlight_key=y I did check into this, and we have a feature request on the backlog to add this functionality. I do not have an ETA on that addition though. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 12:20 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:58 AM We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall scan policy was really slowing down updates. Yes, you really must get a remote update server at each site. Just make it a PC, no server necessary. Then only one will update across your VPN/frame relay. If you instruct your remote update server to update from Sunbelt, that seems odd, since it would still have to traverse the VPN to get to HQ, then to the Internet. Is your main Console server overloaded that it cannot handle the remote
Re: VIPRE versus Trend
Same here for three sites Sent from my BlackBerry® wireless device -Original Message- From: Roger Wright rhw...@gmail.com Date: Thu, 25 Feb 2010 14:22:20 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Subject: Re: VIPRE versus Trend I don't think so. The policy updates should come from the main server, but the branch update servers can get their updates directly from Sunbelt. Branch clients point to their local update server for updates but to the main policy server for policy updates. That's how I've configured things in two networks. Die dulci fruere! Roger Wright ___ On Thu, Feb 25, 2010 at 2:17 PM, Tom Miller tmil...@hnncsb.org wrote: I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=2378highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those updates come from the internet. Currently there is not an option to have the remote update servers pull their definitions from a central policy server, but it has been requested as a feature. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1626highlight_key=y I did check into this, and we have a feature request on the backlog to add this functionality. I do not have an ETA on that addition though. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 12:20 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:58 AM We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall scan policy was really slowing down updates. Yes, you really must get a remote update server at each site. Just make it a PC, no server necessary. Then only one will update across your VPN/frame relay. If you instruct your remote update server to update from Sunbelt, that seems odd, since it would still have to traverse the VPN
Re: VIPRE versus Trend
The agents on my update servers point them to 127.0.0.1 for updates and to the main policy server for policy updates. Die dulci fruere! Roger Wright ___ On Thu, Feb 25, 2010 at 2:25 PM, Tom Miller tmil...@hnncsb.org wrote: Roger, for your branch offices update servers, what server name/IP do you have for the update? Roger Wright rhw...@gmail.com 2/25/2010 2:22 PM I don't think so. The policy updates should come from the main server, but the branch update servers can get their updates directly from Sunbelt. Branch clients point to their local update server for updates but to the main policy server for policy updates. That's how I've configured things in two networks. Die dulci fruere! Roger Wright ___ On Thu, Feb 25, 2010 at 2:17 PM, Tom Miller tmil...@hnncsb.org wrote: I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=2378highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those updates come from the internet. Currently there is not an option to have the remote update servers pull their definitions from a central policy server, but it has been requested as a feature. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1626highlight_key=y I did check into this, and we have a feature request on the backlog to add this functionality. I do not have an ETA on that addition though. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 12:20 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:58 AM We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall scan policy was really slowing down updates. Yes, you really must get a remote update server at each site. Just make it a PC, no server necessary. Then only one will update across your VPN
Re: VIPRE versus Trend
http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 Die dulci fruere! Roger Wright ___ On Thu, Feb 25, 2010 at 2:39 PM, Roger Wright rhw...@gmail.com wrote: The agents on my update servers point them to 127.0.0.1 for updates and to the main policy server for policy updates. Die dulci fruere! Roger Wright ___ On Thu, Feb 25, 2010 at 2:25 PM, Tom Miller tmil...@hnncsb.org wrote: Roger, for your branch offices update servers, what server name/IP do you have for the update? Roger Wright rhw...@gmail.com 2/25/2010 2:22 PM I don't think so. The policy updates should come from the main server, but the branch update servers can get their updates directly from Sunbelt. Branch clients point to their local update server for updates but to the main policy server for policy updates. That's how I've configured things in two networks. Die dulci fruere! Roger Wright ___ On Thu, Feb 25, 2010 at 2:17 PM, Tom Miller tmil...@hnncsb.org wrote: I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=2378highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those updates come from the internet. Currently there is not an option to have the remote update servers pull their definitions from a central policy server, but it has been requested as a feature. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1626highlight_key=y I did check into this, and we have a feature request on the backlog to add this functionality. I do not have an ETA on that addition though. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 12:20 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:58 AM We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall scan policy
Re: VIPRE versus Trend
Second that. We have update servers in our overseas offices, and they pull updates from the US office, and we control client deployment, scheduling and all that from here in the US. Kurt On Thu, Feb 25, 2010 at 11:17, Tom Miller tmil...@hnncsb.org wrote: I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=2378highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those updates come from the internet. Currently there is not an option to have the remote update servers pull their definitions from a central policy server, but it has been requested as a feature. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1626highlight_key=y I did check into this, and we have a feature request on the backlog to add this functionality. I do not have an ETA on that addition though. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 12:20 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:58 AM We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall scan policy was really slowing down updates. Yes, you really must get a remote update server at each site. Just make it a PC, no server necessary. Then only one will update across your VPN/frame relay. If you instruct your remote update server to update from Sunbelt, that seems odd, since it would still have to traverse the VPN to get to HQ, then to the Internet. Is your main Console server overloaded that it cannot handle the remote update requests? Just trying to understand. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:15 AM Well, here's my situation: Let's start w/ my main location (location A). Location A is our corporate headquarters. It is our only location that has an internet connection. We have 9 other smaller
RE: VIPRE versus Trend
I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. ( http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1155highlight_key=y ) ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=2378highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those updates come from the internet. Currently there is not an option to have the remote update servers pull their definitions from a central policy server, but it has been requested as a feature. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1626highlight_key=y I did check into this, and we have a feature request on the backlog to add this functionality. I do not have an ETA on that addition though. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 12:20 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:58 AM We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall scan policy was really slowing down updates. Yes, you really must get a remote update server at each site. Just make it a PC, no server necessary. Then only one will update across your VPN/frame relay. If you instruct your remote update server to update from Sunbelt, that seems odd, since it would still have to traverse the VPN to get to HQ, then to the Internet. Is your main Console server overloaded that it cannot handle the remote update requests? Just trying to understand. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:15 AM Well, here's my situation: Let's start w/ my main location (location A). Location A is our corporate headquarters. It is our only location that has an internet connection. We have 9 other smaller remote offices (location B, C, D, etc). Each remote site has a T1 line connecting them to our provider's VPN cloud and back to our corporate office. These offices have circuits ranging from 512k - full 1.5M depending on their size. Vipre's updates (and method
RE: VIPRE versus Trend
Eric, You need to install an update agent at each remote site - Fergal From: Erik Goldoff [mailto:egold...@gmail.com] Sent: 24 February 2010 22:49 To: NT System Admin Issues Subject: RE: VIPRE versus Trend negative experience with Trend at a couple small businesses I help support. They all have a main office and branches connected via VPN at T1 or DSL speeds with NetGear firewalls. When Trend does a workstation update, it floods the network, especially over the VPN to the point that terminal server sessions over the VPN timeout and fail . To be fair, I don't know if Trend has fixed this, but I've run into the same issue three times last year and the quick resolution was to change the update schedule to outside business hours. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27thre adid=1155highlight_key=y ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threa did=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threa did=2378highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those updates come from the internet. Currently there is not an option to have the remote update servers pull their definitions from a central policy server, but it has been requested as a feature. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threa did=1626highlight_key=y I did check into this, and we have a feature request on the backlog to add this functionality. I do not have an ETA on that addition though. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 12:20 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:58 AM We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall scan policy was really slowing down updates. Yes, you really must get a remote update server at each site. Just make it a PC, no server necessary. Then only one will update across your VPN/frame relay. If you instruct your remote update server to update from Sunbelt, that seems odd, since it would still have to traverse the VPN to get to HQ, then to the Internet. Is your main Console server overloaded that it cannot handle the remote update requests? Just trying to understand. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:15 AM Well, here's my situation: Let's start w/ my main location (location A). Location A is our corporate headquarters. It is our only location that has an internet connection. We have 9 other smaller remote offices (location B, C, D, etc). Each remote site has a T1 line connecting them to our provider's VPN cloud and back to our corporate office. These offices have circuits ranging from 512k - full 1.5M depending on their size. Vipre's updates (and method of deploying these updates) is simply put... a nightmare. Everyday, and sometimes twice a day, sunbelt releases MASSIVE definition updates. So in order to stay up-to-date, I have to drag hundreds of MB across my 512k lines (daily). Originally, the Vipre server at location A downloads the updates every 4 hours (the most frequent setting). Based on policies on the server at location A, updates are pushed out to the remote offices. Even if I configure bandwidth throttling, all this does is slow down the amount of time the updates will take to reach the remote users. Often, by the time one update
RE: VIPRE versus Trend
on live chat right now w/ SB I'll post the conversation in a few mins... From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 2:17 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27thre adid=1155highlight_key=y ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threa did=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threa did=2378highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those updates come from the internet. Currently there is not an option to have the remote update servers pull their definitions from a central policy server, but it has been requested as a feature. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threa did=1626highlight_key=y I did check into this, and we have a feature request on the backlog to add this functionality. I do not have an ETA on that addition though. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 12:20 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:58 AM We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall scan policy was really slowing down updates. Yes, you really must get a remote update server at each site. Just make it a PC, no server necessary. Then only one will update across your VPN/frame relay. If you instruct your remote update server to update from Sunbelt, that seems odd, since it would still have to traverse the VPN to get to HQ, then to the Internet. Is your main Console server overloaded that it cannot handle the remote update requests? Just trying to understand. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:15 AM Well, here's my situation: Let's start w/ my main location (location A). Location A is our corporate headquarters. It is our
RE: VIPRE versus Trend
Prior to the upgrade it worked well for us. We upgraded from say 6, 7,8 to 10 - the issue may lie on the server itself - The issues are Trend v10 appears to use a lot more resources - our development teams have noticed an increase in the time that builds compile using various tools like checksyle.. As we are led to believe that our issue is an isolated one and v10 has worked well on a number of others sites. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: 25 February 2010 17:59 To: NT System Admin Issues Subject: RE: VIPRE versus Trend Fergal, thanks for the response. Prior to the upgrade, what was your satisfaction level? Since the upgrade, what sort of problems? Thanks, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ From: Fergal O'Connell [mailto:foconn...@curamsoftware.com] Sent: Thursday, February 25, 2010 12:50 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend We have installed Trend (OfficeScan) a few years ago now but have recently upgraded from v8 to v10 - and have nothing but problems. This is going on about 4 months to and from Trend without any results - I'd say we are going to look to moving away from Trend. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: 24 February 2010 21:26 To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
We have installed Trend (OfficeScan) a few years ago now but have recently upgraded from v8 to v10 - and have nothing but problems. This is going on about 4 months to and from Trend without any results - I'd say we are going to look to moving away from Trend. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: 24 February 2010 21:26 To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you are not the intended addressee please contact the sender and dispose of this e-mail. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
Here we go... Jason M: I believe the standard configuration, it is programmed within the update server to get all updates from us at Sunbelt Software. Not the Main Policy server. you: Correct. I would rather have the remote update server get its updates from my main Vipre server instead of the Internet... is this possible? Jason M: It is NOT possible at this time. I just checked the other documentation I have. It is currently a feature request within our next release of VIPRE Enterprise. From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] Sent: Thursday, February 25, 2010 3:04 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend on live chat right now w/ SB I'll post the conversation in a few mins... From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 2:17 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27thre adid=1155highlight_key=y ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threa did=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threa did=2378highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those updates come from the internet. Currently there is not an option to have the remote update servers pull their definitions from a central policy server, but it has been requested as a feature. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threa did=1626highlight_key=y I did check into this, and we have a feature request on the backlog to add this functionality. I do not have an ETA on that addition though. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 12:20 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:58 AM We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns out my firewall
RE: VIPRE versus Trend
Well. That sucks. That should be been integrated ages ago. Thanks for the clarification. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 3:14 PM Here we go... Jason M: I believe the standard configuration, it is programmed within the update server to get all updates from us at Sunbelt Software. Not the Main Policy server. you: Correct. I would rather have the remote update server get its updates from my main Vipre server instead of the Internet... is this possible? Jason M: It is NOT possible at this time. I just checked the other documentation I have. It is currently a feature request within our next release of VIPRE Enterprise. From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] Sent: Thursday, February 25, 2010 3:04 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend on live chat right now w/ SB I'll post the conversation in a few mins... From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 2:17 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. ( http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1155highlight_key=y ) ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=2378highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those updates come from the internet. Currently there is not an option to have the remote update servers pull their definitions from a central policy server, but it has been requested as a feature. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1626highlight_key=y I did check into this, and we have a feature request on the backlog to add this functionality. I do not have an ETA on that addition though. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 12:20 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:58 AM We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 11:51 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend For your remote offices: do they connect via direct point to point/frame relay or via a VPN? I just want to be certain. If using a VPN, does this route via your firewall? I have many smaller sites set up this way, but be careful if you have any scanning/blocking policies, as that may impact vipre updates. I had some issues with remote updates and it turns
RE: VIPRE versus Trend
Makes me think the other people on this list either got it work somehow (which I would love to know) or they mistakenly believe this is how it is working. From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 3:17 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Well. That sucks. That should be been integrated ages ago. Thanks for the clarification. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 3:14 PM Here we go... Jason M: I believe the standard configuration, it is programmed within the update server to get all updates from us at Sunbelt Software. Not the Main Policy server. you: Correct. I would rather have the remote update server get its updates from my main Vipre server instead of the Internet... is this possible? Jason M: It is NOT possible at this time. I just checked the other documentation I have. It is currently a feature request within our next release of VIPRE Enterprise. From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] Sent: Thursday, February 25, 2010 3:04 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend on live chat right now w/ SB I'll post the conversation in a few mins... From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 2:17 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27thre adid=1155highlight_key=y ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threa did=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threa did=2378highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those updates come from the internet. Currently there is not an option to have the remote update servers pull their definitions from a central policy server, but it has been requested as a feature. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threa did=1626highlight_key=y I did check into this, and we have a feature request on the backlog to add this functionality. I do not have an ETA on that addition though. - Brian Ross Malware Removal Specialist Sunbelt Software Support Contact Info: supp...@sunbeltsoftware.com ~/SNIP/~~ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 12:20 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Remote update servers are supposed to get their updates from the main console servers. That's the way I have my Vipre configured and it works fine. I wonder who at Sunbelt told you remote PCs/servers should get updates via the Internet. That's counter-intuitive for hub-and-spoke networks. This is the doc I used to set this up here: http://support.sunbeltsoftware.com/Default.aspx?answerid=1859 David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 11:58 AM We have a VPN, I will check w/ the PIX in regards to policy and scanning. re: If you instruct your remote update server to update from Sunbelt, that seems odd Currently, this is the only way a remote update server CAN update itself. The main console could certainly handle pushing updates to the remote update servers (this is how Symantec Corp Ed worked), but Vipre doesn't offer this (yet). thx From: Tom Miller
RE: VIPRE versus Trend
Fail. :) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
Going through this list, there are a number of things I can think of that would be causing these issues. Most, if not all, are configuration issues. Cookies, for example, should be set to Report Only. The Dell biometric issue is over a year old. The Confiker issue you're dealing with is due to Confiker being in your environment (from whatever, an unpatched system or a user bringing an infected USB stick) and agents being upgraded and real-time protection being turned off during the upgrade. While this can be managed by the admin, we have dealt with this in version 4 being released next week. I would just recommend a call with management here at Sunbelt to go over in detail your environment. Alex Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: a...@sunbeltsoftware.commailto:a...@sunbeltsoftware.com MSN: alex...@hotmail.commailto:alex...@hotmail.com w: www.sunbeltsoftware.comhttp://www.sunbeltsoftware.com b: www.sunbeltblog.comhttp://www.sunbeltblog.com From: Greg Olson [mailto:gol...@markettools.com] Sent: Thursday, February 25, 2010 4:34 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I have to +1 with this assessment. We're having all the issues reported below and more. My director of customer support has had it now, and is lobbying hard to get rid of it. I really wanted to see it work well, and lobbied hard to get in into play. And perhaps the new version will fix some if it. I really do believe Sunbelt will get it up to snuff eventually, but its hard to justify our support staff spending 60% of their time on Vipre issues. Here's a copy of some of an email he sent to myself and our VP of IT. I put some comments in () below. Quote: Here is a summary of the problems that we are facing with Vipre from the information that I gathered from my team: a. Vipre becomes inactive on machines for no evident reason. When VIpre support was contacted the response was that this will be fixed in the next version upgrade (hoping it will, nervous about jumping to the new version though, but are testing it) b. Vipre starts crashing user machines. This behavior is seen in machines that also run the security software by Dell which works on disk encryption and biometric authentication. According to viper the only solution is to not use the Dell security software which is not a good option because with the proposed windows 7 rollout we are planning to implement disk encryption and also the biometric authentication is a good feature to use in windows 7. (This I thought was fixed, but I listened in on the support call he had with Sunbelt, and the Tech did say it might still have issues with the newer version, but he (meaning us) will just have to try it an see) c. Vipre gets uninstalled from clients: This happened in a few instances and when contacted by viper this happens if the definitions downloaded by the client are not installed appropriately and there is no solution for this problem according to viper. They claim that this issue is resolved in their latest version but we will not know that for sure until we start having these problems again but there is no way to detect these problems until a client reports this themselves which is very unlikely. (very disturbing, and has left us with over 30 laptops that have had this issue so far, including the CIO's machine, defiantly need some sort of patch upgrade failback and retry, it should NEVER uninstall its self and leave a machine totally venerable, I'm pretty sure they will fix this one in the new version, its too insane not too) d. Vipre starts a scan as soon as the machines boots and utilizes all the available system resources making it impossible for the user to log in. The only solution to this problem according to viper is to disable the agent on the machine in safe mode and reboot the machine, let the user log in and then enable the agent again. This is happening pretty frequently and is causing a lot of productivity downtime. (need to have a min do not scan till xyz minutes after a boot-up to fix this) e. False alarms: we are getting at least 20 to 25 false alarms everyday when viper opens tickets for browser cookies which are mostly harmless and are removed as soon as the user closes his browser session (we have cookies allowed as fyi, but this doesn't really worry me, the removal of good programs does), sometimes viper is detecting genuine software to be malicious and is quarantining or deleting them making the user reinstall programs. We can add all these false alarms as exceptions in viper policy and make it work but this will add a huge overhead based on the amount of false alarms we are getting. For example Vipre quarantined its own executables and some HP management software executables as threats. f.No malware engine. Vipre doesn't seem to have a malware engine or the engine
RE: VIPRE versus Trend
I for one am looking forward to this. We have McAfee and are testing Vipre. We also had issues with Conflicker and Iloma, and were less than impressed with the McAfee responses. Of course, that might be par for the course when these things hit. We've also spent months trying to get SCCM deployed. It's been an arduous task even with MS help. All kinds of issues with BITS, COM, WMI, permissions, etc. To be fair, we had a whole lot of trouble with the Quest tools when we were converting from Novell. Too many models, too many images, etc etc. What we wish we had when we started with SCCM was a checklist of what's needed, or even some kind of pre-requisite. Of course, SCCM Console does have a pre-requisite scan, and on a new PC, it still failed to install after passing the pre-req. Hopefully Vipre will have something that ensure successful installations. From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Thursday, February 25, 2010 3:06 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Going through this list, there are a number of things I can think of that would be causing these issues. Most, if not all, are configuration issues. Cookies, for example, should be set to Report Only. The Dell biometric issue is over a year old. The Confiker issue you're dealing with is due to Confiker being in your environment (from whatever, an unpatched system or a user bringing an infected USB stick) and agents being upgraded and real-time protection being turned off during the upgrade. While this can be managed by the admin, we have dealt with this in version 4 being released next week. I would just recommend a call with management here at Sunbelt to go over in detail your environment. Alex Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: mailto:a...@sunbeltsoftware.com a...@sunbeltsoftware.com MSN: mailto:alex...@hotmail.com alex...@hotmail.com w: http://www.sunbeltsoftware.com www.sunbeltsoftware.com b: http://www.sunbeltblog.com www.sunbeltblog.com From: Greg Olson [mailto:gol...@markettools.com] Sent: Thursday, February 25, 2010 4:34 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I have to +1 with this assessment. We're having all the issues reported below and more. My director of customer support has had it now, and is lobbying hard to get rid of it. I really wanted to see it work well, and lobbied hard to get in into play. And perhaps the new version will fix some if it. I really do believe Sunbelt will get it up to snuff eventually, but its hard to justify our support staff spending 60% of their time on Vipre issues. Here's a copy of some of an email he sent to myself and our VP of IT. I put some comments in () below. Quote: Here is a summary of the problems that we are facing with Vipre from the information that I gathered from my team: a. Vipre becomes inactive on machines for no evident reason. When VIpre support was contacted the response was that this will be fixed in the next version upgrade (hoping it will, nervous about jumping to the new version though, but are testing it) b. Vipre starts crashing user machines. This behavior is seen in machines that also run the security software by Dell which works on disk encryption and biometric authentication. According to viper the only solution is to not use the Dell security software which is not a good option because with the proposed windows 7 rollout we are planning to implement disk encryption and also the biometric authentication is a good feature to use in windows 7. (This I thought was fixed, but I listened in on the support call he had with Sunbelt, and the Tech did say it might still have issues with the newer version, but he (meaning us) will just have to try it an see) c. Vipre gets uninstalled from clients: This happened in a few instances and when contacted by viper this happens if the definitions downloaded by the client are not installed appropriately and there is no solution for this problem according to viper. They claim that this issue is resolved in their latest version but we will not know that for sure until we start having these problems again but there is no way to detect these problems until a client reports this themselves which is very unlikely. (very disturbing, and has left us with over 30 laptops that have had this issue so far, including the CIO's machine, defiantly need some sort of patch upgrade failback and retry, it should NEVER uninstall its self and leave a machine totally venerable, I'm pretty sure they will fix this one in the new version, its too insane not too) d. Vipre starts a scan as soon as the machines boots and utilizes all the available system resources making it impossible for the user to log in. The only solution to this problem according to viper is to disable the agent on the machine in safe mode
RE: VIPRE versus Trend
Rather than replying in-line to each question, I'll answer each point raised in sequence. 1. To my knowledge this has been addressed in version 4.0. As well, we have planned Hotfix 1 and Hotfix 2 with to-be-defined tasks to address critical issues that arise when we start the roll-out of 4.0. Our first Hotfix I would like to have ready to ship mid-April, with the theory that 1) we'll catch many customers before they've completed their deployments, and 2) we'll get the big-hitters that were missed in beta fixed rapidly. Hotfix 2 will follow, and that timeframe will be adjudicated by the umber and severity of issues. In short, we're planning to provide good customer support for any issues that you may have with the 4.0 product. I'm also working on the 4.1 product content with several requested features, and that will be released further down the road. 2. Any further issues with Dell Embassy Suites is fully resolved in version 4.0, as well as any other similar issues from other programs that have unusual interactions with the OS. 3. This should not happen with a failed defs update, completely separate sections of code. This problem occurred recently? 4. There is an option to make up a missed scan at boot in the console. I can look it up if you need help, contact me off-list. 5. We have a massive whitelisting team that compiles this info. We've added a lot of apps, however we may have missed some specialty apps. We have a whitelisting utility that will capture all the apps on your box and provide info to us to automatically add to our whitelist. With cookies, you can choose to ignore these during a scan. 6. VIPRE's engine is an antivirus/antispyware/antimalware engine, drawing on our award-winning CounterSpy engine, re-written from the ground up to be high-performance and low resource usage. In addition, our detections of recently released threats exceeds our competition. If we've missed a threat, please get it to us (zipped and password-protected, even if it's the quarantined file) and we'll get it in fast. 7. With 4.0, we have a new deployment technology that speeds up deployment across large organizations, and is a more robust technology. You should find the 4.0 deployment and upgrade experience superior to 3.1. Curt Larson VIPRE/CounterSpy Product Manager Sunbelt Software www.SunbeltSoftware.comhttp://www.SunbeltSoftware.com cu...@sunbeltsoftware.commailto:cu...@sunbeltsoftware.com 727-562-0101 x397 From: Greg Olson [mailto:gol...@markettools.com] Sent: Thursday, February 25, 2010 4:34 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I have to +1 with this assessment. We're having all the issues reported below and more. My director of customer support has had it now, and is lobbying hard to get rid of it. I really wanted to see it work well, and lobbied hard to get in into play. And perhaps the new version will fix some if it. I really do believe Sunbelt will get it up to snuff eventually, but its hard to justify our support staff spending 60% of their time on Vipre issues. Here's a copy of some of an email he sent to myself and our VP of IT. I put some comments in () below. Quote: Here is a summary of the problems that we are facing with Vipre from the information that I gathered from my team: a. Vipre becomes inactive on machines for no evident reason. When VIpre support was contacted the response was that this will be fixed in the next version upgrade (hoping it will, nervous about jumping to the new version though, but are testing it) b. Vipre starts crashing user machines. This behavior is seen in machines that also run the security software by Dell which works on disk encryption and biometric authentication. According to viper the only solution is to not use the Dell security software which is not a good option because with the proposed windows 7 rollout we are planning to implement disk encryption and also the biometric authentication is a good feature to use in windows 7. (This I thought was fixed, but I listened in on the support call he had with Sunbelt, and the Tech did say it might still have issues with the newer version, but he (meaning us) will just have to try it an see) c. Vipre gets uninstalled from clients: This happened in a few instances and when contacted by viper this happens if the definitions downloaded by the client are not installed appropriately and there is no solution for this problem according to viper. They claim that this issue is resolved in their latest version but we will not know that for sure until we start having these problems again but there is no way to detect these problems until a client reports this themselves which is very unlikely. (very disturbing, and has left us with over 30 laptops that have had this issue so far, including the CIO's machine, defiantly need some sort of patch upgrade failback and retry, it should NEVER
Re: VIPRE versus Trend
Alex, and other Sunbelt staff, I just have to say this: With no other commercial product that I'm familiar with do we see the CEO and the PM of the product (let alone actual support stat) on a public list working through issues like this. This is part of why I am a fan of VIPRE. Kurt On Thu, Feb 25, 2010 at 14:16, Alex Eckelberry al...@sunbelt-software.com wrote: Notice he said “the new VIPRE PM” sigh We’ll have a little chat here with some folks. Alex Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: a...@sunbeltsoftware.com MSN: alex...@hotmail.com w: www.sunbeltsoftware.com b: www.sunbeltblog.com From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] Sent: Thursday, February 25, 2010 4:57 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend LOL Great! Looking forward to it. From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] Sent: Thursday, February 25, 2010 4:56 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Yah. We changed that password! LOL We’re getting the new VIPRE PM on the list so that he can answer and clarify some of these issues being discussed. Also, a lot of new stuff in Version 4 addresses several points mentioned. Warm regards, Stu Sjouwerman Co-Founder, Publisher, Sunbelt Media P: +1-727-562-0101 ext 218 F: +1-727-562-5199 s...@sunbelt-software.com From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Thursday, February 25, 2010 4:51 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I predict mischief. From: Donald Bittenbender [mailto:dona...@sunbelt-software.com] Sent: Thursday, February 25, 2010 3:49 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Ok Curt, Obviously any mail you send to ntsysadmin@lyris.sunbelt-software.com will post to the list, like below. It says you are receiving copy of the list emails. Make sure you don’t have any mail filters on or they aren’t setup to go to one of your sub-folders. If you do have to use the web-interface to reply to messages from, login and your username/password is: Username: cu...@sunbelt-software.com Password: p...@ssw0rdmanager I show you currently subscribed to: NTsysadmin Ninjablade cse viper_enterprise -- Donald Bittenbender Salesforce Administrator IT Developer/DBA/Sysadmin Sunbelt Software From: Curt Larson [mailto:cu...@sunbelt-software.com] Sent: Thursday, February 25, 2010 4:34 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend OK, I done did read all of it. Where would you like me to start? Curt Larson VIPRE/CounterSpy Product Manager Sunbelt Software www.SunbeltSoftware.com cu...@sunbeltsoftware.com 727-562-0101 x397 From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] Sent: Thursday, February 25, 2010 4:26 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Oh, we’re reading all of it. We’ll come back with some feedback shortly. Warm regards, Stu Sjouwerman Co-Founder, Publisher, Sunbelt Media P: +1-727-562-0101 ext 218 F: +1-727-562-5199 s...@sunbelt-software.com From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 2:17 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=2378highlight_key=y VIPRE Enterprise is able to be configured as an update server, but those
RE: VIPRE versus Trend
Yep, that is true. -G -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, February 25, 2010 4:45 PM To: NT System Admin Issues Subject: Re: VIPRE versus Trend Alex, and other Sunbelt staff, I just have to say this: With no other commercial product that I'm familiar with do we see the CEO and the PM of the product (let alone actual support stat) on a public list working through issues like this. This is part of why I am a fan of VIPRE. Kurt On Thu, Feb 25, 2010 at 14:16, Alex Eckelberry al...@sunbelt-software.com wrote: Notice he said “the new VIPRE PM” sigh We’ll have a little chat here with some folks. Alex Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: a...@sunbeltsoftware.com MSN: alex...@hotmail.com w: www.sunbeltsoftware.com b: www.sunbeltblog.com From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] Sent: Thursday, February 25, 2010 4:57 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend LOL Great! Looking forward to it. From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] Sent: Thursday, February 25, 2010 4:56 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Yah. We changed that password! LOL We’re getting the new VIPRE PM on the list so that he can answer and clarify some of these issues being discussed. Also, a lot of new stuff in Version 4 addresses several points mentioned. Warm regards, Stu Sjouwerman Co-Founder, Publisher, Sunbelt Media P: +1-727-562-0101 ext 218 F: +1-727-562-5199 s...@sunbelt-software.com From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Thursday, February 25, 2010 4:51 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I predict mischief. From: Donald Bittenbender [mailto:dona...@sunbelt-software.com] Sent: Thursday, February 25, 2010 3:49 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Ok Curt, Obviously any mail you send to ntsysadmin@lyris.sunbelt-software.com will post to the list, like below. It says you are receiving copy of the list emails. Make sure you don’t have any mail filters on or they aren’t setup to go to one of your sub-folders. If you do have to use the web-interface to reply to messages from, login and your username/password is: Username:cu...@sunbelt-software.com Password: p...@ssw0rdmanager I show you currently subscribed to: NTsysadmin Ninjablade cse viper_enterprise -- Donald Bittenbender Salesforce Administrator IT Developer/DBA/Sysadmin Sunbelt Software From: Curt Larson [mailto:cu...@sunbelt-software.com] Sent: Thursday, February 25, 2010 4:34 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend OK, I done did read all of it. Where would you like me to start? Curt Larson VIPRE/CounterSpy Product Manager Sunbelt Software www.SunbeltSoftware.com cu...@sunbeltsoftware.com 727-562-0101 x397 From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] Sent: Thursday, February 25, 2010 4:26 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Oh, we’re reading all of it. We’ll come back with some feedback shortly. Warm regards, Stu Sjouwerman Co-Founder, Publisher, Sunbelt Media P: +1-727-562-0101 ext 218 F: +1-727-562-5199 s...@sunbelt-software.com From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 2:17 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27thr eadid=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across the T1 line from site to site. Curt - Curt Larson Product Manager Sunbelt Software cu...@sunbeltsoftware.com
Re: VIPRE versus Trend
Yup, gotta agree with ya on that one Kurt. On Thu, Feb 25, 2010 at 6:45 PM, Kurt Buff kurt.b...@gmail.com wrote: Alex, and other Sunbelt staff, I just have to say this: With no other commercial product that I'm familiar with do we see the CEO and the PM of the product (let alone actual support stat) on a public list working through issues like this. This is part of why I am a fan of VIPRE. Kurt On Thu, Feb 25, 2010 at 14:16, Alex Eckelberry al...@sunbelt-software.com wrote: Notice he said “the new VIPRE PM” sigh We’ll have a little chat here with some folks. Alex Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: a...@sunbeltsoftware.com MSN: alex...@hotmail.com w: www.sunbeltsoftware.com b: www.sunbeltblog.com From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] Sent: Thursday, February 25, 2010 4:57 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend LOL Great! Looking forward to it. From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] Sent: Thursday, February 25, 2010 4:56 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Yah. We changed that password! LOL We’re getting the new VIPRE PM on the list so that he can answer and clarify some of these issues being discussed. Also, a lot of new stuff in Version 4 addresses several points mentioned. Warm regards, Stu Sjouwerman Co-Founder, Publisher, Sunbelt Media P: +1-727-562-0101 ext 218 F: +1-727-562-5199 s...@sunbelt-software.com From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Thursday, February 25, 2010 4:51 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I predict mischief. From: Donald Bittenbender [mailto:dona...@sunbelt-software.com] Sent: Thursday, February 25, 2010 3:49 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Ok Curt, Obviously any mail you send to ntsysad...@lyris.sunbelt-software.comwill post to the list, like below. It says you are receiving copy of the list emails. Make sure you don’t have any mail filters on or they aren’t setup to go to one of your sub-folders. If you do have to use the web-interface to reply to messages from, login and your username/password is: Username:cu...@sunbelt-software.com Password: p...@ssw0rdmanager I show you currently subscribed to: NTsysadmin Ninjablade cse viper_enterprise -- Donald Bittenbender Salesforce Administrator IT Developer/DBA/Sysadmin Sunbelt Software From: Curt Larson [mailto:cu...@sunbelt-software.com] Sent: Thursday, February 25, 2010 4:34 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend OK, I done did read all of it. Where would you like me to start? Curt Larson VIPRE/CounterSpy Product Manager Sunbelt Software www.SunbeltSoftware.com cu...@sunbeltsoftware.com 727-562-0101 x397 From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] Sent: Thursday, February 25, 2010 4:26 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Oh, we’re reading all of it. We’ll come back with some feedback shortly. Warm regards, Stu Sjouwerman Co-Founder, Publisher, Sunbelt Media P: +1-727-562-0101 ext 218 F: +1-727-562-5199 s...@sunbelt-software.com From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, February 25, 2010 2:17 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I don't see that text in the link you provided, but that (the first link) is a pretty old discussion and there have been upgrades since then. I think what Sunbelt means is the main server gets its updates from Sunbelt servers but all other servers should be pointed to that main server for updates. Then the remote server in turn updates its agents within the policy scope. At least that's the way it works here, very similar to how I had Symantec working. As for the second threat that makes no sense. If I were you I'd send this thread to Sunbelt for clarification and let us know the response. David Mazzaccaro david.mazzacc...@hudsonhhc.com 2/25/2010 12:34 PM Really??? Both Curt and Brian from Sunbelt Software on the forum say otherwise. ~/SNIP/~~ http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=1155highlight_key=y A remote update server pulls definitions directly from Sunbelt and downloads them to those agents. All policies and reporting are still handled by the VIPRE service, thus the remote machines remain in contact. The remote update server negates the need to push updates across
RE: VIPRE versus Trend (now SCCM and Quest etc)
Okay turning away from Vipre, but I hear you on the SCCM thing. The price is right, but it's not good enough, as I and my colleage have spend many, many manhours just trying to manage SCCM. I've been testing the KACE KBox (now owned by Dell) and have been *very* impressed. The agent install is so easy compared to the SCCM agent that there is no comparison. There is a huge community and list for SCCM, but I find it hard to keep up and we don't have dedicated staff for workstation management. It makes me miss Zenworks. And is it me but the SCCM wait and it will happen is crazy. Regarding your comment of the Quest tools, I also purchased the Quest NDS migrator and was very disappointed in the product. Instead I just wrote my own scripts to remove the Novell client, Zen, iprint, etc and we now only use the workstation migrator, which rarely works. But my Vipre installs rarely failed, except when Symanect refused to uninstall and they both ended up being on the same machine. Not pretty but I guess that was my fault as my scripts didn't check for that. Oops. Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Ray rz...@qwest.net02/25/10 5:29 PM v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} o:p/o:p o:p /o:p We’ve also spent months trying to get SCCM deployed. It’s been an arduous task even with MS help. All kinds of issues with BITS, COM, WMI, permissions, etc. To be fair, we had a whole lot of trouble with the Quest tools when we were converting from Novell. Too many models, too many images, etc etc. o:p/o:p o:p /o:p What we wish we had when we started with SCCM was a checklist of what’s needed, or even some kind of “pre-requisite”. Of course, SCCM Console does have a pre-requisite scan, and on a new PC, it still failed to install after passing the pre-req. o:p/o:p o:p /o:p Hopefully Vipre will have something that ensure successful installations. o:p/o:p o:p /o:p Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Thursday, February 25, 2010 3:06 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trendo:p/o:p o:p /o:p Going through this list, there are a number of things I can think of that would be causing these issues. Most, if not all, are configuration issues. Cookies, for example, should be set to Report Only. o:p/o:p o:p /o:p The Dell biometric issue is over a year old. o:p/o:p o:p /o:p The Confiker issue you're dealing with is due to Confiker being in your environment (from whatever, an unpatched system or a user bringing an infected USB stick) and agents being upgraded and real-time protection being turned off during the upgrade. While this can be managed by the admin, we have dealt with this in version 4 being released next week. o:p/o:p o:p /o:p I would just recommend a call with management here at Sunbelt to go over in detail your environment. o:p/o:p o:p /o:p Alexo:p/o:p o:p /o:p Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: w: www.sunbeltblog.como:p/o:p o:p/o:p o:p/o:p o:p /o:p o:p /o:p Greg Olson [mailto:gol...@markettools.com] Sent: Thursday, February 25, 2010 4:34 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trendo:p/o:p o:p /o:p I have to +1 with this assessment. We’re having all the issues reported below and more. My director of customer support has had it now, and is lobbying hard to get rid of it. I really wanted to see it work well, and lobbied hard to get in into play. And perhaps the new version will fix some if it. I really do believe Sunbelt will get it up to snuff eventually, but its hard to justify our support staff spending 60% of their time on Vipre issues. o:p/o:p o:p /o:p Here’s a copy of some of an email he sent to myself and our VP of IT. I put some comments in () below.o:p/o:p Quote:o:p/o:p Here is a summary of the problems that we are facing with Vipre from the information that I gathered from my team:o:p/o:p o:p /o:p o:p /o:p (hoping it will, nervous about jumping to the new version though, but are testing it)o:p/o:p (This I thought was fixed, but I listened in on the support call he had with Sunbelt, and the Tech did say it might still have issues with the newer version, but he (meaning us) will just have to try it an see)o:p/o:p (very disturbing, and has left us with over 30 laptops that have had this issue so far, including the CIO’s machine, defiantly need some sort of patch upgrade failback and retry, it should NEVER uninstall its self and leave a machine totally venerable, I’m pretty sure they will fix this one in the new version, its too insane not too)o:p/o:p (need to have a min do not scan till xyz minutes after a boot-up to fix this)o:p/o:p session (we have cookies allowed as fyi, but this doesn’t really worry me, the removal of good
RE: VIPRE versus Trend (now SCCM and Quest etc)
SCCM is a mammoth beast of a thing that doesn't just work. It is a really powerful product and can make a number of things very very easy. But it isn't a product that you can just install and have it mastered soon after. You have to like hunting through log files :) Just because the gui (the slowest one in the world) said it worked doesn't mean it did. I'm able to keep it behaving most of the time now but it has taken quite a long time to get to this stage. It's easy to see why the list for it is so busy. Having said that it is also clear that what can be done with it is almost endless and that I've only really scratched the surface. From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Friday, 26 February 2010 11:53 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend (now SCCM and Quest etc) Okay turning away from Vipre, but I hear you on the SCCM thing. The price is right, but it's not good enough, as I and my colleage have spend many, many manhours just trying to manage SCCM. I've been testing the KACE KBox (now owned by Dell) and have been *very* impressed. The agent install is so easy compared to the SCCM agent that there is no comparison. There is a huge community and list for SCCM, but I find it hard to keep up and we don't have dedicated staff for workstation management. It makes me miss Zenworks. And is it me but the SCCM wait and it will happen is crazy. Regarding your comment of the Quest tools, I also purchased the Quest NDS migrator and was very disappointed in the product. Instead I just wrote my own scripts to remove the Novell client, Zen, iprint, etc and we now only use the workstation migrator, which rarely works. But my Vipre installs rarely failed, except when Symanect refused to uninstall and they both ended up being on the same machine. Not pretty but I guess that was my fault as my scripts didn't check for that. Oops. Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Ray 02/25/10 5:29 PM I for one am looking forward to this. We have McAfee and are testing Vipre. We also had issues with Conflicker and Iloma, and were less than impressed with the McAfee responses. Of course, that might be par for the course when these things hit. We've also spent months trying to get SCCM deployed. It's been an arduous task even with MS help. All kinds of issues with BITS, COM, WMI, permissions, etc. To be fair, we had a whole lot of trouble with the Quest tools when we were converting from Novell. Too many models, too many images, etc etc. What we wish we had when we started with SCCM was a checklist of what's needed, or even some kind of pre-requisite. Of course, SCCM Console does have a pre-requisite scan, and on a new PC, it still failed to install after passing the pre-req. Hopefully Vipre will have something that ensure successful installations. From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Thursday, February 25, 2010 3:06 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend Going through this list, there are a number of things I can think of that would be causing these issues. Most, if not all, are configuration issues. Cookies, for example, should be set to Report Only. The Dell biometric issue is over a year old. The Confiker issue you're dealing with is due to Confiker being in your environment (from whatever, an unpatched system or a user bringing an infected USB stick) and agents being upgraded and real-time protection being turned off during the upgrade. While this can be managed by the admin, we have dealt with this in version 4 being released next week. I would just recommend a call with management here at Sunbelt to go over in detail your environment. Alex Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: a...@sunbeltsoftware.commailto:a...@sunbeltsoftware.com MSN: alex...@hotmail.commailto:alex...@hotmail.com w: www.sunbeltsoftware.comhttp://www.sunbeltsoftware.com/ b: www.sunbeltblog.comhttp://www.sunbeltblog.com/ From: Greg Olson [mailto:gol...@markettools.com] Sent: Thursday, February 25, 2010 4:34 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend I have to +1 with this assessment. We're having all the issues reported below and more. My director of customer support has had it now, and is lobbying hard to get rid of it. I really wanted to see it work well, and lobbied hard to get in into play. And perhaps the new version will fix some if it. I really do believe Sunbelt will get it up to snuff eventually, but its hard to justify our support staff spending 60% of their time on Vipre issues. Here's a copy of some of an email he sent to myself and our VP of IT. I put some comments in () below. Quote: Here is a summary of the problems that we are facing with Vipre from the information that I gathered from my team: a. Vipre
Re: VIPRE versus Trend
Sunbelt is about a week away from releasing a totally new version of Vipre (4.0). I suspect it'll take a while for the bugs to shake out so you can do a straight up comparison against Trend or any of the others. There is a beta RC available if you want to play with it. http://beta.sunbeltsoftware.com/messageview.aspx?catid=182threadid=3262enterthread=y (free registration required) On Wed, Feb 24, 2010 at 4:26 PM, Raper, Jonathan - Eagle jra...@eaglemds.com wrote: All, We’re looking to move away from McAfee. Right now we’re considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA* *jra...@eaglemds.com* *www.eaglemds.com -- Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com BLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.com BLOCKED::http://www.eaglemds.com/ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
I support Trend WorryFree 6.0 at a client of 55, Vipre at home, a client of 17 and a client of 10. I also use McAfee (ePO4.5, Agent 4.5, VScan 8.7) at %DAYJOB% (450 seats). Vipre still eats the occasional legitimate *.EXE (Outlook being the most common). None of the 3 generate performance-related tickets once configured (read: exceptions made per Microsoft and other vendor's recommendations). McAfee offers *incredible* granularity compared to Trend and Vipre, but it's console is a kludge. I've spent so much time with it I'm OK with it now though. Trend and McAfee offer granular firewall control of inbound and outbound (Win2K8 / Vista/Win7 make this moot). McAfee gives the power to make machines a kiosk if company policy would allow. You can use it as a poor-man's SMS and get notified of new *.EXE's in Windows, Program Files, and Temp folders (and block/allow within each one if you want). You can see (and or block) new items in HKLM\Softare\Microsoft\Windows\CurrentVersion\Run. Etc etc. As far as how well they protect, that's very tough for me to say which is best. They are varying environments and the users have very different mentalities, but I have had zero infections on any of my clients' PC's in the last 7 years. In general though, I prefer Trend, probably because I've used it the longest and in spite of me knowing McAfee better. I'm satisfied with Vipre enough to not get rid of it, but between Vipre and Trend I'd recommend Trend. Full disclosure: I have 7 years experience directly supporting Trend, 2 supporting McAfee and 1.5 supporting Vipre. By directly support I mean I actually am in the consoles once a week or better and can stand-up/deploy any one of these three to a 200-user cent soup-to-nuts in one business day - none of this well, I've been in the client GUI a couple times/month in the last couple years. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 1:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
negative experience with Trend at a couple small businesses I help support. They all have a main office and branches connected via VPN at T1 or DSL speeds with NetGear firewalls. When Trend does a workstation update, it floods the network, especially over the VPN to the point that terminal server sessions over the VPN timeout and fail . To be fair, I don't know if Trend has fixed this, but I've run into the same issue three times last year and the quick resolution was to change the update schedule to outside business hours. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' _ From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA BLOCKED::mailto:%20jra...@eaglemds.com jra...@eaglemds.com BLOCKED::http://www.eaglemds.com/ www.eaglemds.com _ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: VIPRE versus Trend
What is your environment like? We use VIPRE at $WORK, and I like VIPRE for three really big reasons: 1) We found McAfee ePolicy console almost unusable 2) We have two overseas offices that we support through the central console, with subsidiary servers in each office to cut down on latency and badnwidth usage. 3) We found that McAfee didn't work all that well for catching malware in our environment, and VIPRE excels, with nearly zero false positives, all of which have been minor and immediately remediable. So, no, I can't give you recent Trend experience, but point 2 above might or might not be relevant to you, and worth considering Kurt On Wed, Feb 24, 2010 at 13:26, Raper, Jonathan - Eagle jra...@eaglemds.com wrote: All, We’re looking to move away from McAfee. Right now we’re considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products. Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products? Can you provide any reasons to choose one over the other, aside from price? Thanks in advance, Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com www.eaglemds.com Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VIPRE versus Trend
All - Thank you very much for your responses. I apologize for the length, but I've tried to answer and address everyone who has responded to me in one email to save on hitting everybody's inbox so many times. I think I got everyone, but if I didn't that was not my intent. Kurt - thanks for pointing out that I should have included the environment specs... DOH! Also, we seem to have had similar experiences with McAfee. So for the environment, here goes: Geographic dispersion: 12 facilities geographically dispersed throughout the city, with one location in the next town over (16 miles away). Most sites are within 5 miles or so to my Data Center). User count ranges from 16 or so at one facility to well over 50 at another, and everything in between. Workstations: Roughly 500 workstations, almost all Windows XP Pro with a few 2000 Pro still in prod (but not for much longer). About 100 or so of those 500 are Thin Clients running Windows CE connecting back to W2k3 TS farm - we're looking at moving to Xen Desktop, but not quite there yet. 150 of the 500 are Lenovo X200T Tablet PCs used for Point of Care documentation during patient visits, connected over Cisco 802.11n with Cisco ACS for authentication - we're teetering between v4.2 and 5.1 right now - both are actually in production, but not by choice (long story). Server environment: 70ish (mostly W2k3, with a few 2000 and a number of 2008) servers, almost all of which are running on ESX 3.5. AD is w2k3, one DC is physical, and one is virtual. Network (LAN) environment: All new Cisco switchgear: Catalyst 3560 or 3750 closet switches, PIXes all soon to be replaced with ASAs (budgeted and planned for this quarter). As previously mentioned wireless is pure Cisco 802.11n utilizing 1142 Wireless LAN Controllers and Cisco ACS 4.2 AND 5.1 in production. Network (WAN) environment: WAN consists of fiber, RF line of sight, RF non-line of sight, and Free Space Optics. WAN speeds are no less than 5 Mb Full Duplex over fiber, with some WAN speeds of GigE over a combination of fiber and Free Space Optics. Erik - thanks for the info. Considering our WAN speeds, it may not impact us, but it is definitely something to take into consideration. David - Thanks for the detailed information - sounds like you know McAfee REALLY well. Aside from your long experience and significant comfort level with Trend, what is it about Trend that you particularly like over VIPRE or McAfee? We know McAfee can do a lot, but I think that's part of the problem. We're so complex in other areas, that we simply don't have the time required to learn all the ins and outs of McAfee. At one point in time I had an admin that knew it really well, but when he left, the knowledge of the product went with him. We simply can't afford for that to happen again. McAfee is like a big fat hairy tool chest where you can't seem to find what you're looking for even though you know its in there somewhere. All we need is the simplicity and elegance of Swiss Army knife or a Leatherman. Another significant part of the problem is that we don't have any malware protection, and that's what has bitten us in the rear more over the past year than anything. We're up for renewal, and don't have time for McAfee's games of, oh, well, you should have product x, y, and z, especially with an interface that has such a huge learning curve. Steve - Your experience is troubling - thanks for your candor. I've asked my contact at VIPRE if he would like to comment on your case. I'll be very interested to see if he responds. Whatever the case, I do hope that you find a suitable resolution. Richard - thanks for the link. I was aware of the new version, but had not seen (nor looked for, yet) the Beta. Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com www.eaglemds.com -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Wednesday, February 24, 2010 6:16 PM To: NT System Admin Issues Subject: Re: VIPRE versus Trend What is your environment like? We use VIPRE at $WORK, and I like VIPRE for three really big reasons: 1) We found McAfee ePolicy console almost unusable 2) We have two overseas offices that we support through the central console, with subsidiary servers in each office to cut down on latency and badnwidth usage. 3) We found that McAfee didn't work all that well for catching malware in our environment, and VIPRE excels, with nearly zero false positives, all of which have been minor and immediately remediable. So, no, I can't give you recent Trend experience, but point 2 above might or might not be relevant to you, and worth considering Kurt On Wed, Feb 24, 2010 at 13:26, Raper, Jonathan - Eagle jra...@eaglemds.com wrote: All, We're looking to move away from McAfee. Right now we're considering Trend Micro OfficeScan