- Symantec EndPoint WITHOUT their Network Threat Protection firewall (because we've had issues with it in the past)
- Windows Firewall
- Symantec Information Foundation for Exchange
- Basic hardware firewall/NAT (typically a Cisco RV082)
- mostly Windows XP clients
While Symantec has worked fairly well for us in the past, lately our customers are getting more and more infections. I'm certain most are opening emails they shouldn't be or visiting sites they shouldn't be on work computers, but rarely do they admit to anything.
The biggest issue is that our clients tend to be lower-budget (especially in this economic climate) and have no in-house IT, so locking everything down in a strict manner is not practical for them. Also, since they do not have in-house IT, most are not up-to-date with latest security patches, anti-virus builds, etc. They can't afford to call us every time a user needs to install a new program or printer on a PC, they can't afford to have us install every new Symantec build that gets pushed out or have us install security updates on every PC. They can't afford to deal with overly restrictive settings or software that might stop them from doing something work related On the other hand, they can't afford to keep calling us every time a user is infected with a virus.
So, basically it's a tough situation and a delicate balancing act of providing protection that will stop the majority of viruses but not affect normal business operations, at a reasonable cost, without requiring too much management and maintenance.
I'm in the early stages of investigating ESET NOD32, but don't know if it's truly any better than Symantec at stopping these infections. I'm also working on a document that describes best practices in hopes of educating users. But, the bottom line is we need a product that will stop a majority of infections even when the user does something they shouldn't be doing, even though a PC might not have the latest security patches.
I'm interested in what others in similar situations are doing for protection:
- What products are you using on the client PC?
- What products are you using on the Exchange server?
- Can anyone recommend 3rd party DNS providers that might help, or other DNS-related solutions?
- What about hardware products that claim to stop infections?
Again, we're looking for products and solutions that are low overhead - don't need the newest PCs to run, don't need in-house IT to manage and maintain.
I appreciate any comments or suggestions from others in similar situations!
Edited by Kremlar, 22 July 2010 - 08:01 AM.