Slashdot Mirror

← Back to Stories (view on slashdot.org)

Symantec's AntiVirus 10 Deployment Woes?

Posted by Cliff on from the stuck-with-buggy-commercial-software dept.

loraksus asks: "We recently deployed Symantec AV Corporate version 10 across on our network and have been having nothing but problems. The new client breaks the MS Office install and causes machines to slow down significantly - some almost to the point of being completely unusable. The client (doscan.exe) also crashes very frequently (daily), and tends to take other things down with it. Symantec's 'workaround' is to drop by every workstation and insert the Office (or Wordperfect, it screws up both applications) CD, remove some office shortcuts and disable some virus scans. Since we manage clients over WAN links hundreds of miles away, this really isn't an option, nor is it an acceptable option given the number of workstations we manage. Are there any other admins dealing with this? Any advice? Solutions?" "It seems that more and more closed source companies are now rushing software out the door that not only has a couple bugs, but glaring errors that would have easily been caught in even the most basic testing. Of course, we in IT usually have no recourse against these companies other than never buying their products, again.

Do you folks have any advice when it comes to dealing vendors who release software that is unusuable and can't provide an acceptable resolution?"

20 of 102 comments (clear)

  1. Sure by dtfinch · · Score: 3, Informative

    Do you folks have any advice when it comes to dealing vendors who release software that is unusuable and can't provide an acceptable resolution?

    Just tarnish their name with a slashdot article.

    I personally don't run virus scanners because of the problems they create. We have Symantec Antivirus 8 at work, but we've removed it from our slower systems and opted for more preventative measures.

    Virus scanners do like 1000 times the scanning necessary to be _reasonably_ sure that your system is virus-free. While useful when they actually stop something, overall the cure is worse than the disease. A human just has to check the task manager and run msconfig to spot 90% of the malware out there.

    1. Re:Sure by dtfinch · · Score: 4, Funny

      There's a simple solution to that. You just change all the server admin passwords, unplug their workstation from the ethernet switch, and when they ask what's going on, tell them to clean their desk.

    2. Re:Sure by Madoc+Owain · · Score: 2, Insightful

      We're talking about corporate antivirus at the desktop level. You can't first reasonably expect any user who is not intimately familiar with the names of all process threads running on their PC to sift through msconfig looking for what shouldn't be there. Secondly, even if you work in a shop of Windows brainaics, the amount of productivity lost due to users checking their processes is huge compared to the minor inconvenience of a poorly-timed antivirus scan.

  2. What I've seen by MikeDawg · · Score: 3, Informative

    We just got the new Symantec 10 version. An IT co-worker of mine installed it independent of the control center, and we have noticed major problems with it already too. Outlook works fine, however it completely breaks Thunderbird, and also the terrible performance hit that Windows XP took on his machine. We have the control center installed on a Win 2003 server right now, but the server is completely bare, but there is really no performance hit with nothing else running. We are still testing it though.

    --

    YOU'RE WINNER !
    Another lame blog

    1. Re:What I've seen by over_exposed · · Score: 3, Informative

      I just did a rollout on about 400 XP Pro (SP2) machines and only about 2% of them had that Office issue. All it took was pointing that dialogue box to our network installation source and viola! No more problems. It's actually gone surprisingly smooth given the very random assortment of hardware we have.

      We have remote offices too and we VNC or RDC over the WAN. It's slowish, but I think having the Office installation on a network share would alleviate many of the submitters woes. It's helped us big time...

      --
      "The object of war is not to die for your country, but to make the other bastard die for his." - Patton
    2. Re:What I've seen by loraksus · · Score: 2, Interesting

      The thing is, if you have office 2k on win 2k, you don't get a nice dialogue box and it isn't 2%, but closer to 100%.
      Guess what we are running? :(
      XP boxes tend to not have the same amount of trouble with this.

      --
      1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcfv gbhnjmk,l.;/
  3. My advice: by virid · · Score: 2, Interesting

    Very simple. Get a refund and call Trend Micro.

    --
    "The world only exists in your eyes. You can make it as big or as small as you want." - F Scott Fitzgerald
  4. Re:uh by JamesTRexx · · Score: 2, Insightful

    Problem with a passive scanner is that it would only find a virus after the pc has been infected and spreading the trojan/worm all over the place.
    Especially with worms that spread themselves through open ports you need an active scanner to prevent it from creating a file on the system in the first place.

    --
    home
  5. Symantec = bad by mabu · · Score: 2, Funny

    Symantec's products are the only software I've ever seen that can take a 2Gz P5 and make it perform like a P-133. It is really nothing short of amazing how bloated and resource-intensive their products are. I'm beginning to think this is part of their anti-virus strategy: they make the system so ill-performing and unstable, no virus or worm could properly operate.

  6. The name should have been your first clue by MarkusQ · · Score: 4, Funny

    The client (doscan.exe) also crashes very frequently (daily), and tends to take other things down with it.

    That would probably be the reason they named it that.

    You can't even say they didn't warn you.

    --MarkusQ

    P.S. If the next update contains a program called something like "fuscan.exe," "bsodscan.exe," or "solscan.exe" I'd advise against running it.

  7. I just rolled it out..... by nozlman72 · · Score: 2, Informative

    I just rolled it out to around 300 XP Pro machines on my LAN and 60 across our WAN. So far only a couple head aches with just a few machines on the LAN, mostly with MS Office (Outlook). The patch that Symantec provides works though. This all seems normal to me. NoZ

  8. Re:Uh... you tested it first right? by zephos · · Score: 2, Interesting

    Actually its only your fault if the software works as expected but YOU screwed something up for it not to work properly. If Symantic promised that it would scan virii without messing up his system(s) and he followed the install/configuration procedures perfectly then it isn't his fault that the software doesn't work as expected. It is the vendors fault for selling faulty software. Now it wasn't advantageous for him to have rolled it out untested, but it isn't the admins fault if the product doesn't work as it is advertised. It was foolish NOT to test the software first, but it isn't their fault that it broke everything. If i buy a new car, it is smart to test drive it first, but it isn't an obligation. If I don't test drive it, then buy it, and then on the highway the breaks fail and I crash into another car, I'm not responsible, the dealer [or manufacturor] is. People might not think I'm a genious, but they won't fault me. [Or at least they shouldn't.]

  9. Re:pain by G-Licious! · · Score: 3, Insightful

    Even though I'm really all for the projects you mentioned, if I had any modpoints left, I'd mod you down.

    He's managing systems across a WAN, it should be obvious that that's even less a solution than Synaptic suggested.

    I do like to get one point across, though: all those virus scanners, malware removers, and lots of other Windows 'toys' have all this unnecessary cruft around them. They all have a different look and feel, or even a theming system people really don't care about when they use them. There's only a handful of applications I'd apply a theming system too; I even consider Winamp a questionable case.

    This just seems like waste, the money invested in the programming and design for such an interface could probably have been spend on reaching the goals the application was actually made for, or fixing stupid bugs. You can have a friendly interface using Windows' native look. If the user wants eyecandy, get him to use WindowBlinds or something.

    I hope I don't get to see any of this on my favourite OS anytime soon..

  10. No incentive to make decent AV-ware by mabu · · Score: 4, Insightful

    The legacy that Microsoft created, of bundling free software with other core products has scared away many good software developers from wanting to compete in this and other arenas. So just a few who have managed to stay alive because they got started early (Symantec and McAffee) are still around, but there's really not much incentive for them to make their products solid -- I suspect most of these companies are outsourcing programming to India anyway, and their products are so compartmentalized for the purpose of managing big, cheap programming teams, this results in crappy software.

    Symantec relies on a mafia-subscription-type structure, and software so complicated and bad, that un-installing it in many cases isn't an option unless you want to have to re-format your hard drive. That's their business model. It's not based around producing a really excellent product.

    This is one of those scenarios where the "competition" has become so lazy, it's almost desirable for Microsoft to put the final nail in the coffin and put them out of business. Their products couldn't be any worse than Microsoft's versions, and at least we'd probably have better work-arounds with bugs.

  11. Re:pain by Paul+Jakma · · Score: 2, Interesting

    if I had any modpoints left, I'd mod you down. ... He's managing systems across a WAN, it should be obvious that that's even less a solution than Synaptic suggested.

    It's a much better solution. Granted it'd take time to plan and implement and familiarise users with new software, but in the long run - much better solution.

    Note that I gave the URL for ClamWin, which would be a 'quick' (well, quicker) solution. I've havn't used ClamWin extensively, but its light enough to run on windows running under Qemu without noticeable effect, and ClamAV on Unix has worked amazingly well for me in keeping mailboxes I administer free of Windows virus crap. Also free. If his existing AV software sucks, he could try that.

    However, in the long run, trying to work around frustration after frustration in programmes which apparently are in a battle to run the clock out on Moore's "law", whose only reason for existing is the awful security of the OS they run on, the other options on my list are definitely better solutions, in the long run.

    --paulj

    --
    I use Friend/Foe + mod-point modifiers as a karma/reputation system.
  12. Testing by RabidMonkey · · Score: 3, Insightful

    As much as everyone hates testing, this is one thing that should have been caught in QA before the patch/update was released. Come on - you just dropped a major version into how many machines? You mean you didn't catch something like frequent crashes and office breaking in your QA Cycle? In your pilot?

    As much as I hate doing QA and Pilots, they work. For little stuff, screw change management and just change it. But for something like a major release or update, you need to do some testing before you dump the code out to users.

    It just makes sense in a CYA way, and makes the weekends yours again.

    --
    We emerge from our mother's womb an unformatted diskette; our culture formats us. - Douglas Coupland
  13. SAV CE 10 is pretty bad by k00laid · · Score: 3, Informative
    We got into the testing phase of deployment and it didn't make it past there, instead we've gone back to 9.0.3. A couple things of note from our experience though:
    1. Doscan.exe isn't the primary client application, rather it is the startup scanner app. It is also the proverbial root of all evil. When Doscan is allowed to run, it kicks off a memory leak in Rtvscan.exe (the real client) and we saw memory usage hit the 75-100 MB range, causing the sluggish performance.

    2. The fix that Symantec is going with now is to keep the startup scan from running through a registry change, either before or after installation (KB article here). I tried this and it did help, but not enough to make it worth it , since I still saw a 30 MB+ memory hit.

    3. As far as I know anything between 9.0.1 and 10.0 is not readily available or even offered unless you call Symantec Licensing Support and ask for it. The very latest version of 9 is the 9.0.3 we have and it seems pretty good.
  14. Re:Tech Support? by Keith+Russell · · Score: 2, Insightful

    An IT professional consulting a forum of his peers when official tech support channels* prove to be unhelpful? How uncouth.

    *: Or did you miss the "workaround" link?

    --
    This sig intentionally left blank.
  15. TEST TEST TEST by BenTheDewpendent · · Score: 2, Insightful

    You just deployed a product to your whole network with out testing? Now you bitch about issues you are bumping into? Do you buy a car with out testdriving it?

    TEST TEST TEST! if you had done any testing before hand or research you could hae found information of these problems perhaps taken preventivtive measures against some of the problems you are seeing.

    All AV software causese a performance hit and my understanding is this software is also now taking out adware, spyware etc regkeys and all in nearlyone motion. I also belive the min reqirements are 128MB ram which means its not accounting for RAM being used by office, SQL, etc, that is for windows and SAV10 alone. So if you are just sporting 128,256, or 384 meg of ram on a machine I would expect to see a performance hit.

  16. Re:symantec/norton are utter crap by AntiGenX · · Score: 2, Informative
    Actually I found NOD32 thru the Virus Bulletin. Maybe YOU should go check Virus Bulletin, as far as I can tell the look about the same. So yeah, I'll take the one that doesn't bog my system down. Come back when you have some facts troll.

    http://www.virusbtn.com/vb100/archives/products.xm l?eset.xml

    http://www.virusbtn.com/vb100/archives/products.xm l?symantec.xml