Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

best commercial anti-virus package for small business including Exchange?


  • Please log in to reply
8 replies to this topic

#1 Kremlar

Kremlar

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:40 AM

Posted 22 July 2010 - 08:00 AM

I am an IT consultant with business clients ranging from 2 users to 200. Most of our clients run:

- Symantec EndPoint WITHOUT their Network Threat Protection firewall (because we've had issues with it in the past)
- Windows Firewall
- Symantec Information Foundation for Exchange
- Basic hardware firewall/NAT (typically a Cisco RV082)
- mostly Windows XP clients

While Symantec has worked fairly well for us in the past, lately our customers are getting more and more infections. I'm certain most are opening emails they shouldn't be or visiting sites they shouldn't be on work computers, but rarely do they admit to anything.

The biggest issue is that our clients tend to be lower-budget (especially in this economic climate) and have no in-house IT, so locking everything down in a strict manner is not practical for them. Also, since they do not have in-house IT, most are not up-to-date with latest security patches, anti-virus builds, etc. They can't afford to call us every time a user needs to install a new program or printer on a PC, they can't afford to have us install every new Symantec build that gets pushed out or have us install security updates on every PC. They can't afford to deal with overly restrictive settings or software that might stop them from doing something work related On the other hand, they can't afford to keep calling us every time a user is infected with a virus.

So, basically it's a tough situation and a delicate balancing act of providing protection that will stop the majority of viruses but not affect normal business operations, at a reasonable cost, without requiring too much management and maintenance.

I'm in the early stages of investigating ESET NOD32, but don't know if it's truly any better than Symantec at stopping these infections. I'm also working on a document that describes best practices in hopes of educating users. But, the bottom line is we need a product that will stop a majority of infections even when the user does something they shouldn't be doing, even though a PC might not have the latest security patches.

I'm interested in what others in similar situations are doing for protection:

- What products are you using on the client PC?
- What products are you using on the Exchange server?
- Can anyone recommend 3rd party DNS providers that might help, or other DNS-related solutions?
- What about hardware products that claim to stop infections?


Again, we're looking for products and solutions that are low overhead - don't need the newest PCs to run, don't need in-house IT to manage and maintain.

I appreciate any comments or suggestions from others in similar situations!

Edited by Kremlar, 22 July 2010 - 08:01 AM.


BC AdBot (Login to Remove)

 


#2 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:04:40 AM

Posted 22 July 2010 - 12:43 PM

I'll say, ... one word ... Kaspersky. This is the best antivirus protection you can get. And best of all, they have forums, kind staff there, and so users can join and learn from the other members of the community. Kaspersky has a way of letting nothing through. watch the reviews on Youtube and you'll see what I mean.

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge


#3 Kremlar

Kremlar
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:40 AM

Posted 22 July 2010 - 02:01 PM

My only issue with Kaspersky is that, in my limited experience, it is TOO invasive. I have seen it block a bunch of legitimate applications, and in a few cases with no reasonable way to whitelist.

#4 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:04:40 AM

Posted 22 July 2010 - 06:48 PM

Ah ... I see. You want something where the users don't have to answer tons and tons of questions. Okay then. NOD32 is a good choice. The nice thing about that is if there is no in-house It, then the users with the problems can call Eset (local 619 California number), and they will get the best support in the land. all of the folks at Eset are patient, educated about the problem that is occurring, and best of all, they love their job from my own personal experience. I'll tell you. I had to call them one time over licensing issues, and the guy was as patient as anything with me. And then I registered on the forum over there, and I had a question about an infection I was luckily able to remove. My concern was that I had disabled one of NOD's protection modules accidentally, and that's why it hadn't caught the thing prior to it reaching my drive. well, truth was, that the program just hadn't updated yet. I wouldn't have known that if it weren't for the support staff. And I'm just curious, what particular Applications have you seen Kaspersky Antivirus block? I ask that because a friend of mine uses Kaspersky, and she has never had an issue. Kaspersky has actually saved her from some nasties. But because she does use Kaspersky internet Security, she gets questions a lot from the firewall built into it. But again, it has never been a problem for her. And what do you mean by that there is no way to whitelist the legitimate applications that are being blocked? There is a trusted list built into the program, and anything that is legitimate that is being flagged, can be added to that list and then it should leave you alone. In terms of DNS solutions, go with open DNS. Good luck.

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge


#5 the dummy

the dummy

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 22 July 2010 - 07:15 PM

The head of security for boeing was let go recently because the chinese were able to hack their system, so ultimately 2 systems with a human interface in between would be the safest bet.

#6 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:04:40 AM

Posted 22 July 2010 - 11:15 PM

What do you mean exactly by the term "two systems with a human interface in between"?

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge


#7 Kremlar

Kremlar
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:40 AM

Posted 26 July 2010 - 01:10 PM

And I'm just curious, what particular Applications have you seen Kaspersky Antivirus block? I ask that because a friend of mine uses Kaspersky, and she has never had an issue. Kaspersky has actually saved her from some nasties. But because she does use Kaspersky internet Security, she gets questions a lot from the firewall built into it. But again, it has never been a problem for her. And what do you mean by that there is no way to whitelist the legitimate applications that are being blocked?


It's a home automation networked device called an ISY. It's a piece of hardware that launches a Java application. The Java application sends updates back and forth to the network device. With Kaspersky installed, the Java app and network device were not communicating (no status updates). No pop-up warnings, no anything - the Java app simply did not work.

Disabling BOTH the Web AntiVirus module and the Proactive Defense module allowed it to work, but I did not see a way to whitelist that would allow it to work otherwise. I also spent some time with Kaspersky support.

Although it was an odd situation, that experience stayed with me.

#8 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:04:40 AM

Posted 26 July 2010 - 01:47 PM

You'd think that since you told Support what your situation was, that they'd have something to work around it. So my advice is for you to go with NOD32. But just curious, what did Kaspersky support say when you told them your situation and how that particular piece of hardware is important to you?

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge


#9 Kremlar

Kremlar
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:40 AM

Posted 27 July 2010 - 09:11 PM

I never actually called their normal support dept, because I was actually doing some work for the manufacturer of the device. I exchanged emails with someone at Kaspersky's developer support dept, and they asked if any Kaspersky messages were being displayed, they had me check some settings, and asked which modules I had to disable to get things working. I sent a couple emails over, but simply never heard back.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users