Slashdot Mirror
Alternative Enterprise Anti-Virus Solutions?
Darth_brooks asks: "I admin for a great non-profit organization that has spent the last year rebuilding after a massive fire. We've got a pretty tight system running now, especially compared to the unmanaged chaos that existed before the fire. Firefox for surfing and T-bird for for e-mail, WSUS for updates, and we're slowly replacing Office with OpenOffice. But out anti-virus solution (command AV, a holdover from our old system) is not cutting the mustard. Specifically the management console isn't exactly reliable, and we just don't feel like we're getting our money's worth. What alternatives can the Slashdot crowd suggest?"
"The two obvious names that come to mind are Norton and Mcafee. Since all of our machines are donated, we really don't have the resources for Norton (who does?) and Mcafee's just been dealt a black eye. In addition, we're on a limited budget. Our machines are mostly P2 & P3's, and we're an XP / Active Directory shop with some scattered Fedora & BSD boxes scattered about for non-desktop tasks.
The biggest features we're looking for are the ability to centrally manage updates (which rules of AVG's free edition), and a reasonable price tag for licenses for 50-60 machines. Our current solution is only in place because we signed a long term licensing agreement, and I don't want to see us get into another deal for a product that doesn't turn out to be as god as advertised. I'd also like to hear some of the Horror / Success stories from users."
The biggest features we're looking for are the ability to centrally manage updates (which rules of AVG's free edition), and a reasonable price tag for licenses for 50-60 machines. Our current solution is only in place because we signed a long term licensing agreement, and I don't want to see us get into another deal for a product that doesn't turn out to be as god as advertised. I'd also like to hear some of the Horror / Success stories from users."
http://www.nod32.com.sg/home/home.php
techsoup.org - donated and discount technology equipment products. We support a local Boys and Girls Club, and they got their software through there.
Good luck!
I would highly recomend checking out Clam AV.
It comes in both *nix and Windows varients and works pretty well for system scanning. It also works very well in a mail server tool-chain.
MTW
Two year licenses are incredibly useful and their software doesnt suck like Norton.
AVG takes the approach of just working behind the scenes and doing it well...Norton takes the approach of "I need to constantly justify my existance by letting the user know I am doing...something"
AVG works great, so go with it. Their support is pretty good too from the couple of times when I needed to contact them.
It sounds like you pretty much said AVG is good and reasonable so just go with it.
The phrase "more better" is acceptable English. suck it grammar Nazis
ClamAV might work. THe only downside is that it doesn't yet have a real-time process scanner. If you can keep people from executing what they download before scanning it for viruses, ClamWin might do the job. You could manage the virus updates via your logon script, or just use the normal internet update. Plus ClamAV works on your Linux boxen too!
I am MuchTall
F-prot from Frisk software. http://www.f-prot.com/
I just checked, and a 60 seat corporate license with full updates would run you $240 a year.
chown -R us.
actually, wouldn't the license agreement rule out AVG FREE edition in your situation?
however, they do have a fairly decent commercial product for the price. look at their network edition http://www.grisoft.com/doc/Networks/lng/us/tpl/tp
It wouldn't hurt to call up Grisoft and explain that you're a non-profit looking for a good AV solution. You might get a pretty sweet deal if you talk to them.
My Sysadmin Blog
AVG has a enterprise version that's much cheaper than norton. You should check it out.
We just switched to it after battling the behemoths, and it's been a real boon to me. Management console works well, the product has been catching a ton of stuff that Symantec didn't, price was good, and it does a nice job of push installation (even here - we've got Samba domain controllers - it didn't care). I've had good experiences with their phone jockeys also. Downside - simple file sharing has to be turned off on winxp clients, but if you're on AD that's easy enough to fix.
political_news.c: warning: comparison is always true due to limited range of data type
Although it has great corporate management capabilities, like a centralized program/dictionary update server and permissions on settings (so end users can't stop/break it), it's better than your average ghoul at sucking the life out of your desktop computers.
I would invest in Sophos Antivirus. I am using it in our office and the program is great. Install the enterprise manager on the server and it will automatically download new versions when available and all the desktops will then download them from there.
Setup MailMonitor on a Linux box for incoming email scanning and you will end up with a solid AV solution.
(\(\
(^.^)
(")")
*This is the cute bunny virus, please copy this into your sig so it can spread
Try Avast Antivirus. It's got a far more powerful and configurable network manager than Symantec's, costs about half as much (for 3 years!), and updates MUCH more frequently, using smaller updates. It also automatically uses a local mirroring system so that your clients don't hog the bandwidth trying to get updates from the internet. The client has a smaller memory footprint than Symantec's client.
The best part is you can download it and run it completely unrestricted for 60 days to see if it works for you.
End of lesson. You may press the button.
As with most solutions to these situations you may find yourself needing a -mix-.
Personally, I use ClamAV on the mailserver (incombination with Xamime - http://xamime.com/ works well and keeps a majority of the things out.
However, you really need an orthagonal approach too, that includes banning things that aren't meant to be coming into your network in the first place, as well has having perhaps a different branded AV agent on the client machines.
Getting rid of (if possible) the vectors used by the viruses on the workstations helps a lot too. ActiveX, Macros (okay, not many people can live without those in office I suppose).
http://www.f-prot.com/
$5 per PC/yr, less in volume. At >100 it goes down to $2/yr.
A bit of a clunky interface, but the users will never have to bother with it. Set it to auto-update from a server (which updates from f-prot), tell it to mail you when a virus hits the real-time scanner. Simple, cheap, fast, and effective. The updater and real-time scanner take less than 1MB memory.
Try the free trial, keep the (free) DOS scanner on a bootable CD with your tools, even if you don't buy the GUI version.
The latest Slashdot meme.
Although this is marked troll, and possibly was meant as one. The original article does mention having switched to firefox, thunderbird and OOo. So frankly I fail to see why it wouldn't be quite an easy step. It would probably provide faster and certainly cheaper desktops. Ignore the "is it ready for the desktop" waffle we've seen on /. for years, this is a place where there is a support staff, so users just need to use their desktops for work and the hard stuff is done by the admin.
I haven't seen any BitDefener recommendations yet. I will be considering it along with Kaspersky, F-Secure and NOD32.
6 3,pg,3,00.asp
BitDefender
http://www.bitdefender.com/
The New Virus Fighters: Our Antivirus Picks
http://www.pcworld.com/reviews/article/0,aid,1241
I've heard some good things about CA's eTrust antivirus (that it's a good virus catcher and has low resource usage), although I have not used it myself, so would be curious to see what folks here think.
Regarding costs, they claim on their page that: "Affordability. eTrust Antivirus gives you industrial-strength protection at a low price. We guarantee a lower price over the cost of renewing your current antivirus subscription, and we offer the lowest total cost of ownership of any antivirus software solution on the market today." Sounds pretty good to me.
First and foremost, thanks for all of the responses! Lots of information and (so far) no suggestions that I just [freaking] google it. My faith in slashdot has been revived.
:). We concern ourselves with WW2 Aircraft, Radial engines, things of that nature. Technology didn't play a big role for the masses pre-fire. We wanted to change that, but never had a good starting point. When the rebuild started, we had to get the organization up and running in some capacity *YESTERDAY*. We had the proverbial chance to "strike while the iron was hot" and there wasn't time to hem and haw about the possiblity of mass migration. Right now, the machine that sees the most use by our least technical users (the Museum docents) is a Fedora Core box. The logic being that it would be the hardest for them to break. So far that has proven true. But our users that had experience had it using windows so, in order to aid in our evolution from "a couple machines here and there connected by coax (yes, coax. at the end of 2004.) with no real network connection" to "50-ish machines, ethernet, on a domain, network storage, off site backup, and an honest to god professional grade network that I would be proud to show off, and that moves this organization from 1993 to 2006 and beyond" we sacrificed and opted to stick with windows. Linux keeps coming up, but it's going to be a slow move.
Second: cripes, I've finally developed computer user grammer. It passes spell check but not basic grammar.
Third: some clarifications. The reason we keep AV running is that is because it's the right thing to do. Firefox, T-bird, and the firewall keep most of the bad stuff out. OpenOffice will cut down the risks even further, but we've still got a couple of points of entry to worry about. One is laptops. Even though no one has admin except those who need it (me and the other members of the tech. group), users can still install some simple programs. It's only a matter of time before somebody gets a network aware worm and brings the machine on site. Another point of entry is USB drives. We're pushing people towards those instead of floppies for the sake of relieability. In order to balence safety with usability, we add the layer of protection offered by AV.
In addition, WSUS isn't always on the ball. Occasionally you get a machine that quits grabbing updates, or one that never showed up in the first place. It's nice that I can keep those machines somewhat better protected with an additional program. On top of all that, we're an all volunteer group, so AV software gives us an addition layer of "false sense of security." I know that I can count on the firewall, the patch server, AND AV to buy me 48 to 72 hours of safety should the crap hit the fan like it did with Sasser or Blaster. Anti-virus, like any single layer of protection, isn't infallable, but it damn sure helps.
Linux: We're doing that in some areas, but the whole site isn't an option right now. Most of our users are technophobes, usually retirees. Actually, recovering technophobes now
Thanks again for the responses. I've gotten exactly what I wanted, solid reading material for a few days and some worthwhile points to ponder.
There are some people that if they don't know, you can't tell 'em.