[unisog] Request Opinions on Anti-Virus Software

Mike Stark mstark at ucsd.edu
Mon Jun 6 16:15:50 GMT 2005


   UCSD does not rely on one vendor. We by default use Sophos on mail 
gateways and about 15000 desktops currently. (Probably 20,000 in the 
next couple of years).  But we also have very large groups that use 
Symantec and a few smaller groups that use McAfee or Trend. (We have 
volume license deals for all of these).

   I have seen all of the anti-virus vendors missing something that 
others catch.  I personally like the frequency of sophos definitions 
(asynchronous) with some days having no updates and some having up to 
a dozen when things are hopping.

    Sophos, McAfee and Symantec's management tools tend to be more 
important around here so you can really know if a machine has gotten 
the latest update to the engine or last definition update.

  Since we instituted greylisting on our main mail gateways, that is 
the single biggest improvement since scanning for viruses on the 
incoming mail... as almost all zombie/bot generated junk just goes 
away.

   Having done some pricing of McAfee, get multiple reseller bids if 
you have part numbers. No single vendor was cheapest for all the 
McAfee part numbers. Each seemed to have a better price for one 
product. And sometimes McAfee will sell cheaper new licenses with 
maintenance, than renewals.

  One of my other favorite A-V vendors is Grisoft/AVG if you have not 
looked at them.

  Good luck!

Mike


>Hi, folks.
>
>UMBC has a site license McAfee Anti-Virus software and a server on our
>network that mirrors DAT updates.  We've noticed that we are frequently
>seeing malware infecting campus systems well before (sometimes several
>days) the DAT update that handles the problem appears.
>
>Has anyone else had similar problems?
>
>How do other McAfee users feel about it?
>
>Symantec users: How do you feel about Symantec?
>
>We're trying to decide which way to go for AV software.
>
>Opinions, gripes and grumbles welcome and encouraged.  Please respond to
>the list in case anyone else is facing the same issues.
>
>Thanks,
>
>- Andy Johnston
>
>---------------------------------------------------------------------------
>** Andy Johnston (andy at umbc.edu)         *                               **
>** IT Security                           *PGP key:(afj2005) 4096/1BB51DFA**
>** Office of Information Technology, UMBC* 88 CA 0D 45 C2 0E 0B 0F 3F 55 **
>** 410-455-2583 (v)/410-455-1065 (f)     * 7A BD FE 3C 84 6F 1B B5 1D FA **
>---------------------------------------------------------------------------
>
>_______________________________________________
>unisog mailing list
>unisog at lists.sans.org
>http://www.dshield.org/mailman/listinfo/unisog


-- 
Mike Stark    U.C. San Diego, Academic Computing Services
Manager, Desktop Support, Microsupport & Software Distribution
Voice (858) 534-4060   Fax (858) 534-7018     AP&M 1220
internet: mstark at ucsd.edu


More information about the unisog mailing list