What AV solution does your Company use - KiXtart.org - official site

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Lounge » What AV solution does your Company use

Page 2 of 5

2

Topic Options

#113043 - 2004-02-03 08:27 PM Re: What AV solution does your Company use
MightyR1 MightyR1 MM club member Registered: 1999-09-09 Posts: 1264 Loc: The Netherlands	Moving to E-trust 7.0 from ca.com _________________________ Greetz, Patrick Rutten - We'll either find a way or make one... - Knowledge is power; knowing how to find it is more powerful... - Problems don't exist; they are challenges...
Top

#205806 - 2012-09-24 11:52 PM Re: What AV solution does your Company use [Re: Bryce]
Robdutoit Robdutoit Hey THIS is FUN Registered: 2012-03-27 Posts: 363 Loc: London, England	I came across this thread from 8 years ago and I thought that I would bump the question. It would be interesting to see what people are running nowadays compared to what they were running 8 years ago. Nowadays you couldn't pay me to touch Norton or Symantec as they call themselves now! Macafee is just so slow ! It's not perfect, but I am very happy with Avira. The detection rate is brilliant and the management system is very simple to administer. Does anyone else like Avira or are you guys still using the big boys Symantec, Mcafee and Sophos?
Top

#205807 - 2012-09-25 12:21 AM Re: What AV solution does your Company use [Re: Robdutoit]
Glenn Barnas Glenn Barnas KiX Supporter Registered: 2003-01-28 Posts: 4401 Loc: New Jersey	Normally, we'd frown on unearthing a thread this old... $;\)$ We haven't changed.. we don't run AV on servers. The workstations do get Microsoft Security Essentials now. About the only AV product we use is on our mail gateway. We run HMail SMTP servers in front of our Exchange environment, and they provide pretty strong SPAM Filtering. They use Clam AV to scan messages on arrival if they pass the SPAM filter. Our security team regularly does penetration tests, including attempted virus injection by email and it's caught everything they've sent. Glenn _________________________ Actually I am a Rocket Scientist! $\:D$
Top

#205808 - 2012-09-25 02:19 AM Re: What AV solution does your Company use [Re: Glenn Barnas]
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	We are still using McAfee, VSE now on version 8.8 and ePO 4.6. I hope you washed your hands after digging up this corpse. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#205809 - 2012-09-25 09:07 AM Re: What AV solution does your Company use [Re: Les]
Mart Mart KiX Supporter Registered: 2002-03-27 Posts: 4673 Loc: The Netherlands	Originally Posted By: Les We are still using McAfee, VSE now on version 8.8 and ePO 4.6. .... Same here. Originally Posted By: Les .... I hope you washed your hands after digging up this corpse. LOL _________________________ Mart - Chuck Norris once sold ebay to ebay on ebay.
Top

#205810 - 2012-09-26 12:04 AM Re: What AV solution does your Company use [Re: Mart]
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11625 Loc: CA	You might be interested in some independent testing of different AV and AM products http://www.mrg-effitas.com/current-tests/flash-test-results/
Top

#205814 - 2012-09-26 08:15 AM Re: What AV solution does your Company use [Re: NTDOC]
Arend_ Arend_ MM club member Registered: 2005-01-17 Posts: 1896 Loc: Hilversum, The Netherlands	We've (unfortunately) switched to Trend Micro.
Top

#205823 - 2012-09-26 11:09 PM Re: What AV solution does your Company use [Re: Arend_]
Robdutoit Robdutoit Hey THIS is FUN Registered: 2012-03-27 Posts: 363 Loc: London, England	Arend, why is it unfortunate that you have switched to Trend Micro. I have never used them, so I know nothing about Trend. I keep meaning to review Microsoft Security Essentials by also keep forgetting about it. NTDOC, I think that review is more fairly applied to malware scanning and not virus scanning. Which does remind me, I have been meaning to research whether most computer infections are from viruses or malware as we are all taught to use an anti virus scanner, but hardly anyone recommends installing malwarebytes as well.
Top

#205828 - 2012-09-27 03:20 AM Re: What AV solution does your Company use [Re: Robdutoit]
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11625 Loc: CA	I'm not here to push any AV or even Malwarebytes, but please tell me when was the last time your computer or any computer you manage hit with an actual VIRUS? ZeroAccess is currently the most common Trojan infection and most AV products cannot fully or properly remove it own their own. One of the best tools as long as it's used under supervision of someone that knows how to use it and is used before other tools mess it up trying and failing to remove ZeroAccess is Combofix. Please read the following posts (my screen name is AdvancedSetup) and perhaps that might give you a bit more to read on the subject. Kaspersky missed some malware, I had to use Malwarebytes MBAM Pro - what is scans No conflict shown or proven Is My NIS 2011 actually working? Profile on Malwarebytes
Top

#205835 - 2012-09-27 03:17 PM Re: What AV solution does your Company use [Re: NTDOC]
Glenn Barnas Glenn Barnas KiX Supporter Registered: 2003-01-28 Posts: 4401 Loc: New Jersey	Not counting new clients with existing issues due to poor security implementations, it's been almost 3 years since the last virus/malware infection on a client's computer.. user had no AV software installed, went to an infected web site and clicked on the "Update your Antivirus Software" popup, instantly realizing what they had done. They had done this on their home computer a few weeks earlier and wound up reloading their O/S and apps from scratch. I remotely logged into their machine, backed up their Outlook profile and Favorites, deleted their user profile, and had them log back in. I restored their Outlook profile and favorites and they were back in business in about 5 minutes. What made this easy is that none of the users use "My anything" (My Documents, Music, Pictures, etc) and none are local administrators. We do an annual security review for our managed clients, including checks for viruses and malware on servers and workstations. I've yet to find a virus, and the instance above has been the only malware instance. Glenn _________________________ Actually I am a Rocket Scientist! $\:D$
Top

#205837 - 2012-09-27 06:29 PM Re: What AV solution does your Company use [Re: Glenn Barnas]
Robdutoit Robdutoit Hey THIS is FUN Registered: 2012-03-27 Posts: 363 Loc: London, England	Yes NTDOC, you misunderstood me. I actually agree with you. I have been thinking for some time, that I don't seem to get any virus infections. They always seem to be malware. But I have never got around to researching the issue. One consideration is that because computers don't run malware protection programs, its understandable that you only notice the malware infection because the anti virus program informs the end user that there is something trying to infect the network and asks the end user if they want to delete the file. But Glenn your point is also very valid. If computers were setup securely so that nobody is a local administrator etc, the likelihood of getting infected is pretty much nil as they usually require some kind of admin privilege to infect the machine. I will still research the issue of malware protection versus anti virus protection. Avira does do basic malware protection as indeed most anti virus scanners do. I will have a look at combofix. Thanks Rob
Top

#205838 - 2012-09-27 07:11 PM Re: What AV solution does your Company use [Re: Robdutoit]
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11625 Loc: CA	The issue of getting infected or not has to do with a few things but hard to believe that you've only seen one in 3 years Glenn. Being logged on as a limited user is certainly very helpful in preventing one but if you have Java on the computer it has system rights and even a limited user hitting a site that can exploit old Java can infect the box. Flash can as well but for the most part they seem to have stopped using that plugin as an attack vector at least as frequently as they used to, Acrobat Reader as well. Then you have a recent exploit of IE that can also allow a remote attacker to gain access (with the same rights as the user, but from that point their are many other tools and methods that can be tried to elevate one's rights) Also not sure what you're running at the site Glenn but I try to run a tight ship too but there are still programs that come along that require the user to have admin rights and you don't have time to sit down and analyze and reset permissions for these programs all the time either. If time was not limited yes you could track down and make the program work without the user being an admin but in today's economy all you get is more and more work and less and less help to do it. Then you get hit up by the owner telling you to just make it work right now, which doesn't help. Quote: I will have a look at combofix. Thanks Rob You need to be very careful of that tool. It's a great tool but it has also deleted the Windows folder before due to minor mistake in the code. As a regular user you don't know when or if there is something wrong with the code because it's only discussed in private forums. Just like KiXtart it has many functions it can be told to do as well but again that is not available to the general public. Reimage is probably the fastest, safest route if you have the company setup well to do that.
Top

#205846 - 2012-09-28 01:01 AM Re: What AV solution does your Company use [Re: NTDOC]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	glenn is one of those ppl who gets to "dictate" the security level of the network. so I don't wonder his number of infections at all. if you have proper control at the network level and decent protection in the systems themselves, infections on the computers are indeed rare. I don't remember how many I've got to deal with in the past years but a handful at tops and the infections came in non-controlled scenarios (CEO takes laptop on his trip to thailand, etc) _________________________ ! download KiXnet
Top

#205853 - 2012-09-28 03:07 PM Re: What AV solution does your Company use [Re: Lonkero]
Glenn Barnas Glenn Barnas KiX Supporter Registered: 2003-01-28 Posts: 4401 Loc: New Jersey	Yeah - it's always the CIO or CEO that doesn't follow the rules, even when they hire us to define and enforce them.. "everyone except us" is their idea. They think they are too important/powerful to follow basic security rules, and are dumbfounded when their laptop gets infected. $\:D$ When that happens, the only solution we offer is to reimage their laptop with a standard, secure image. Ron - I've seen several, but only that one at sites where we implement environmental security controls. One client that we aquired had a terminal server where everyone was both a local and domain admin because their prior 3 IT companies could not figure out how to apply TS permissions.. they were riddled with viruses despite having Symantec AV installed. They actually had a virus that disabled the AV and allowed other viruses and malware to infect the system. Yes, it's a pain to figure out what permissions are needed when a developer is too lazy to learn how to write code without requiring admin rights. Adobe - are you listening? You can't run Photoshop without major security hacking of the file and registry permissions, and that's for the licensing, not the actual app. Glenn _________________________ Actually I am a Rocket Scientist! $\:D$
Top

#206106 - 2012-11-02 04:06 PM Re: What AV solution does your Company use [Re: Glenn Barnas]
Robdutoit Robdutoit Hey THIS is FUN Registered: 2012-03-27 Posts: 363 Loc: London, England	NTDOC. I have finally had some time to review the links that you posted up and I just wanted to say that I quite liked your article on the Kaspersky forum. It pretty much mirrors my viewpoint. I will have to have another try at Noscript. I tried it, but got fedup with with the security, because I buy online from so many different websites, that it was distracting me from my work. Most of my purchases are work related and I don't want to be faffing with the security. But yay, another firefox fan ! Oh Lonkero, you might want to amend your signatur statement - Firefox no longer uses 50% cpu while idle. My cpu is on 0% on idle with the latest version of firefox lol. Don't use acrobat NTDOC, I recommend tracker pdf-xchange. Miles better man! Also you could try a firefox addon called Flash on off. Brilliant as it turns off flash player with a click of a button. A speeds up web browsing and makes it more secure too! I will once again review Kaspersky. Last time I tried it, I found it slowed my computer down noticeably compared to Avira. Which is why I didn't find it of much interest. But that was about 3 years ago. Thanks NTDOC
Top

#206108 - 2012-11-02 04:43 PM Re: What AV solution does your Company use [Re: Robdutoit]
ShaneEP ShaneEP MM club member Registered: 2002-11-29 Posts: 2127 Loc: Tulsa, OK	I had used Firefox for the last several years, until recently when I finally gave Chrome a shot. I must say that Chrome has seemed a bit more responsive overall. Firefox just seems to get more sluggish with every update they release. However there are still work related pages where I must order product, that still do not accept Chrome as an acceptable browser which is a shame. Other than that, Chrome's built in print dialog is a little too much, but that can be solved by either using Ctrl+Shift+P when printing or clicking the link that says 'Print using system dialog' once their print window comes up. Both are compatible with the AdBlock Plus add-on which is a must. And I'm still getting used to the Home and Refresh button being on the opposite side of the address bar in Chrome. Anyways...Not really AV related, but just my 2 cents on the browser bit. Honestly I've been less than impressed by any of the new browsers. But perhaps the problem lies more with how excessive webpages are becoming.
Top

#206109 - 2012-11-02 05:02 PM Re: What AV solution does your Company use [Re: ShaneEP]
Robdutoit Robdutoit Hey THIS is FUN Registered: 2012-03-27 Posts: 363 Loc: London, England	I wasn't keen on chrome from the security point of view as well as the fact that I like to use refcontrol addon for firefox which effectively prevents the referrer from being sent. I don't see why its necessary for a website to know which website you have just visited. The privacy issue around that is important as well as the security issue. And also being able to switch off flash player with a click of a button really does improve the speed of loading web pages. I agree with what you say in general, firefox, IE etc have over the years become bloated, but I think that firefox have got it right now. It is currently using 185MB RAM and pretty much nothing on the cpu. It also not much slower than Chrome to load anymore. but one must recognise that everyone has a browser preference. Its about whats important to you. Browsers are kinda like mac versus windows i.e. don't start that war lol.
Top

#206110 - 2012-11-02 07:52 PM Re: What AV solution does your Company use [Re: Robdutoit]
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11625 Loc: CA	I don't use Chrome because of Google, their entire financial model is designed around obtaining, storing, analyzing, and SELLING anything and everything about you to the highest bidders. They have had more than their fair share of "accidental" leaks of your indexed personal data released out into the general public over the years. Sorry - point blank I just don't trust Google. I have an Android phone and it sucks that it's tied to Google - so you can't get away from them but I don't have to put their product on my PC too. Also if you're into malware you'll find that Chrome is laced with it too just like other browsers except its not always easy to remove without a clean removal of Chrome. On the subject of tracker pdf-xchange well we do thousands of high quality print images and we've tried just about every knock-off PDF tool known to man but none of them can compete in the quality of prints when do hi-volume prints. The only reason some of these other tools are not attacked is because of their low profile numbers, if they were up in the hundreds of millions of downloads they'd be under attack by malware too and the author constantly fighting to fix holes. No doubt that NoScript does take a lot of effort to get it "trained" but once you're over the main hurdle and have it working on your main sites and ordering sites you'll wonder how you ever did without it. If you want an eye opener of how websites actually work behind the scenes then try the following. Install Firefox and then go install both of these plugins and start surfing the Web and you'll see just how many sites are running dozens of scripts and talking with dozens of other sites and in most cases if you're using IE you'd never even know all of this was going on. The vast majority of infections these days are from drive by attacks from websites. Well NoScript and RequestPolicy prevent those scripts from running. I've spent numerous hours surfing all kinds of sites and Warez sites and Game hacks, etc trying to infect a computer running only SP3 on XP Pro with no other updates and no Antivirus and after hours and hours of hundreds of sites I was not able to infect the computer with anything. You don't have to use Firefox and these plugins but just as an experiment to see what it shows you might be good NoScript RequestPolicy
Top

#206111 - 2012-11-03 01:43 PM Re: What AV solution does your Company use [Re: NTDOC]
Robdutoit Robdutoit Hey THIS is FUN Registered: 2012-03-27 Posts: 363 Loc: London, England	Thats what I meant about the security of chrome. I was referring to the data collection and spying of google. Try PDF-Viewer and see if its any good. If not, then you still have Adobe to go back to. I will try with Noscript again, as you are right, its worth the effort. I looked at RequestPolicy and unless I am missing something, Noscript actually does this as well. There is a section on cross-site blocking with NoScript. So RequestPolicy seems kinda redundant. Do you have any special firewall like Comodo firewall?
Top

#206112 - 2012-11-03 02:37 PM Re: What AV solution does your Company use [Re: NTDOC]
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	Originally Posted By: NTDOC I don't use Chrome because of Google, their entire financial model is designed around obtaining, storing, analyzing, and SELLING anything and everything about you to the highest bidders. I don't have a problem with that and actually sign in with my gmail account so they know. I had an odd experience with google adsense a while back. Usually they are spot on with the ads they show me but for a while I was getting ads for feminine products and wondered why google was gender confused. Anyway... one day I'm on my laptop and the wife interrupts me to model some new clothes she bought. I return my gaze to my laptop and see a feminine ad... the lightbulb comes on... recently she was borrowing my laptop rather than use her own. DOH! _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

Page 2 of 5

2

Previous Topic

Previous Topic View All Topics

View All Topics

Index Next Topic

Next Topic

Moderator: Arend_, Allen, Jochen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Mart

Hop to:

Shout Box

Who's Online

0 registered and 229 anonymous users online.

Newest Members

BeeEm, min_seow, Audio, Hoschi, Comet
17882 Registered Users

Generated in 0.154 seconds in which 0.107 seconds were spent on a total of 13 queries. Zlib compression enabled.

click tracking