Slashdot Mirror
Symantec's AntiVirus 10 Deployment Woes?
loraksus asks: "We recently deployed Symantec AV Corporate version 10 across on our network and have been having nothing but problems.
The new client breaks the MS Office install and causes machines to slow down significantly - some almost to the point of being completely unusable. The client (doscan.exe) also crashes very frequently (daily), and tends to take other things down with it. Symantec's 'workaround' is to drop by every workstation and insert the Office (or Wordperfect, it screws up both applications) CD, remove some office shortcuts and disable some virus scans. Since we manage clients over WAN links hundreds of miles away, this really isn't an option, nor is it an acceptable option given the number of workstations we manage. Are there any other admins dealing with this? Any advice? Solutions?"
"It seems that more and more closed source companies are now rushing software out the door that not only has a couple bugs, but glaring errors that would have easily been caught in even the most basic testing. Of course, we in IT usually have no recourse against these companies other than never buying their products, again.
Do you folks have any advice when it comes to dealing vendors who release software that is unusuable and can't provide an acceptable resolution?"
Do you folks have any advice when it comes to dealing vendors who release software that is unusuable and can't provide an acceptable resolution?"
Uh... you tested it first right?
In my area of responsibility, something not working is MY fault. It is not the vendors fault, it is my fault for not testing enough or not chosing the right product.
New or updated software gets testing. Then a *limited* rollout. IF, and ONLY IF, it works for the three test users/servers, then it gets rolled out everywhere.
Problem with a passive scanner is that it would only find a virus after the pc has been infected and spreading the trojan/worm all over the place.
Especially with worms that spread themselves through open ports you need an active scanner to prevent it from creating a file on the system in the first place.
home
We're talking about corporate antivirus at the desktop level. You can't first reasonably expect any user who is not intimately familiar with the names of all process threads running on their PC to sift through msconfig looking for what shouldn't be there. Secondly, even if you work in a shop of Windows brainaics, the amount of productivity lost due to users checking their processes is huge compared to the minor inconvenience of a poorly-timed antivirus scan.
Even though I'm really all for the projects you mentioned, if I had any modpoints left, I'd mod you down.
He's managing systems across a WAN, it should be obvious that that's even less a solution than Synaptic suggested.
I do like to get one point across, though: all those virus scanners, malware removers, and lots of other Windows 'toys' have all this unnecessary cruft around them. They all have a different look and feel, or even a theming system people really don't care about when they use them. There's only a handful of applications I'd apply a theming system too; I even consider Winamp a questionable case.
This just seems like waste, the money invested in the programming and design for such an interface could probably have been spend on reaching the goals the application was actually made for, or fixing stupid bugs. You can have a friendly interface using Windows' native look. If the user wants eyecandy, get him to use WindowBlinds or something.
I hope I don't get to see any of this on my favourite OS anytime soon..
The legacy that Microsoft created, of bundling free software with other core products has scared away many good software developers from wanting to compete in this and other arenas. So just a few who have managed to stay alive because they got started early (Symantec and McAffee) are still around, but there's really not much incentive for them to make their products solid -- I suspect most of these companies are outsourcing programming to India anyway, and their products are so compartmentalized for the purpose of managing big, cheap programming teams, this results in crappy software.
Symantec relies on a mafia-subscription-type structure, and software so complicated and bad, that un-installing it in many cases isn't an option unless you want to have to re-format your hard drive. That's their business model. It's not based around producing a really excellent product.
This is one of those scenarios where the "competition" has become so lazy, it's almost desirable for Microsoft to put the final nail in the coffin and put them out of business. Their products couldn't be any worse than Microsoft's versions, and at least we'd probably have better work-arounds with bugs.
As much as everyone hates testing, this is one thing that should have been caught in QA before the patch/update was released. Come on - you just dropped a major version into how many machines? You mean you didn't catch something like frequent crashes and office breaking in your QA Cycle? In your pilot?
As much as I hate doing QA and Pilots, they work. For little stuff, screw change management and just change it. But for something like a major release or update, you need to do some testing before you dump the code out to users.
It just makes sense in a CYA way, and makes the weekends yours again.
We emerge from our mother's womb an unformatted diskette; our culture formats us. - Douglas Coupland
An IT professional consulting a forum of his peers when official tech support channels* prove to be unhelpful? How uncouth.
*: Or did you miss the "workaround" link?
This sig intentionally left blank.
You just deployed a product to your whole network with out testing? Now you bitch about issues you are bumping into? Do you buy a car with out testdriving it?
TEST TEST TEST! if you had done any testing before hand or research you could hae found information of these problems perhaps taken preventivtive measures against some of the problems you are seeing.
All AV software causese a performance hit and my understanding is this software is also now taking out adware, spyware etc regkeys and all in nearlyone motion. I also belive the min reqirements are 128MB ram which means its not accounting for RAM being used by office, SQL, etc, that is for windows and SAV10 alone. So if you are just sporting 128,256, or 384 meg of ram on a machine I would expect to see a performance hit.