Alternative Enterprise Anti-Virus Solutions? 148
Darth_brooks asks: "I admin for a great non-profit organization that has spent the last year rebuilding after a massive fire. We've got a pretty tight system running now, especially compared to the unmanaged chaos that existed before the fire. Firefox for surfing and T-bird for for e-mail, WSUS for updates, and we're slowly replacing Office with OpenOffice. But out anti-virus solution (command AV, a holdover from our old system) is not cutting the mustard. Specifically the management console isn't exactly reliable, and we just don't feel like we're getting our money's worth. What alternatives can the Slashdot crowd suggest?"
"The two obvious names that come to mind are Norton and Mcafee. Since all of our machines are donated, we really don't have the resources for Norton (who does?) and Mcafee's just been dealt a black eye. In addition, we're on a limited budget. Our machines are mostly P2 & P3's, and we're an XP / Active Directory shop with some scattered Fedora & BSD boxes scattered about for non-desktop tasks.
The biggest features we're looking for are the ability to centrally manage updates (which rules of AVG's free edition), and a reasonable price tag for licenses for 50-60 machines. Our current solution is only in place because we signed a long term licensing agreement, and I don't want to see us get into another deal for a product that doesn't turn out to be as god as advertised. I'd also like to hear some of the Horror / Success stories from users."
NOD32 (Score:5, Informative)
Considering you're a non-profit, check out... (Score:4, Informative)
Good luck!
Clam AV (Score:5, Informative)
It comes in both *nix [clamav.net] and Windows [sosdg.org] varients and works pretty well for system scanning. It also works very well in a mail server tool-chain.
MTW
Just get AVG and be done with it (Score:5, Informative)
AVG takes the approach of just working behind the scenes and doing it well...Norton takes the approach of "I need to constantly justify my existance by letting the user know I am doing...something"
AVG works great, so go with it. Their support is pretty good too from the couple of times when I needed to contact them.
It sounds like you pretty much said AVG is good and reasonable so just go with it.
F-Prot (Score:4, Informative)
I just checked, and a 60 seat corporate license with full updates would run you $240 a year.
pay for avg (Score:4, Informative)
actually, wouldn't the license agreement rule out AVG FREE edition in your situation?
however, they do have a fairly decent commercial product for the price. look at their network edition http://www.grisoft.com/doc/Networks/lng/us/tpl/tp
AVG (Score:2, Informative)
Sophos AV (Score:5, Informative)
Don't get TrendMicro OfficeScan (Score:3, Informative)
Get Sophos (Score:3, Informative)
Setup MailMonitor on a Linux box for incoming email scanning and you will end up with a solid AV solution.
Re:Clam AV (Score:3, Informative)
Re:NOD32 (Score:3, Informative)
Re:Just get AVG and be done with it (Score:4, Informative)
Re:I'd call AVG... (Score:5, Informative)
AVG Admin will save you time. If you use Windows Desktop Protection in the Shared Computer Toolkit, Grisoft will even send you the script for auto-updates when Windows Updates from your WSUS run.
AVG Free edition is ruled out by the licensing which doesn't cover non-home users pretty much. Even libraries are excluded from using it legally.
Re:ClamAV/ClamWin (Score:1, Informative)
Re:AVAST! (Score:3, Informative)
I agree. I recommended AVG for years to my customers, but decided to give Avast! a try on a customer's infected PC after AVG. Avast! found a virus AVG didn't and uses 15%-20% less memory.
But I also recommend winpatrol [winpatrol.com]. Not an AV program, it blocks out most malware, including some of the nastier stuff that can stealth-download itself into a Windows computer as long as the user is online. It only uses about 4 mb of memory to run in the background -- but I have no idea how much an enterprise solution would cost, as the regular version is free to home users. WinPatrol Plus costs $29.95 normally, so if there is no enterprise version, I guess it would depend on how many computers you need to isntall it on.
Re:Just get AVG and be done with it (Score:3, Informative)
My laptop is a P-III 600MHz / 512Meg RAM running WinXP Pro and frankly, AVG doesn't seem to have any impact on performance at all. If I do nothing, Task Manager reports 0% usage, so I don't think that AVG gets much in the way. ;-))
What AVG does do is a dayly check and if you're working while it does that, you might "feel" it. Normally it's at 8am for me, but I don't know if its a rule (or if I configured it that way) At 8am, I'm so sleepy that I usually don't do much on my computer anyway
(It doesn't deal with spyware)
It does detect stuff like Diallers tough, but those are technically trojans. Spyware is not an issue if you have secured your machine and avoid Internet Explorer like the pest. I run SpyBot and Ad-aware on semi regular intervals and none of them ever reports anything. Reason: my network is appropriately firewalled, my Windows is patched, and I only use Firefox....
Re:Uh, use open source? (Score:1, Informative)
BitDefender, comparison link (Score:2, Informative)
BitDefender
http://www.bitdefender.com/ [bitdefender.com]
The New Virus Fighters: Our Antivirus Picks
http://www.pcworld.com/reviews/article/0,aid,1241
Re:Just get AVG and be done with it (Score:4, Informative)
Ad-Aware's free edition is called Ad-Aware Personal and updates have never stopped being free. In fact, I just tried it myself, just to make sure. Go here [lavasoftusa.com] and see for yourself.
Great response (Score:4, Informative)
Second: cripes, I've finally developed computer user grammer. It passes spell check but not basic grammar.
Third: some clarifications. The reason we keep AV running is that is because it's the right thing to do. Firefox, T-bird, and the firewall keep most of the bad stuff out. OpenOffice will cut down the risks even further, but we've still got a couple of points of entry to worry about. One is laptops. Even though no one has admin except those who need it (me and the other members of the tech. group), users can still install some simple programs. It's only a matter of time before somebody gets a network aware worm and brings the machine on site. Another point of entry is USB drives. We're pushing people towards those instead of floppies for the sake of relieability. In order to balence safety with usability, we add the layer of protection offered by AV.
In addition, WSUS isn't always on the ball. Occasionally you get a machine that quits grabbing updates, or one that never showed up in the first place. It's nice that I can keep those machines somewhat better protected with an additional program. On top of all that, we're an all volunteer group, so AV software gives us an addition layer of "false sense of security." I know that I can count on the firewall, the patch server, AND AV to buy me 48 to 72 hours of safety should the crap hit the fan like it did with Sasser or Blaster. Anti-virus, like any single layer of protection, isn't infallable, but it damn sure helps.
Linux: We're doing that in some areas, but the whole site isn't an option right now. Most of our users are technophobes, usually retirees. Actually, recovering technophobes now
Thanks again for the responses. I've gotten exactly what I wanted, solid reading material for a few days and some worthwhile points to ponder.