[unisog] Your opinion on your AntiVirus product?

Michael Schooley michael.schooley at emory.edu
Mon Nov 28 16:13:14 GMT 2005

We use Symantec. The newest version 10 is a very good product. It has anti
tampering and anti spyware built in. We use central management and are very
pleased with the latest version. We also use a feature called rapid release
updates which allows us to push out definitions as often as we like.
Currently we have it set for every three hours and have experienced problems
with false positives, but not annoying enough to have peace of mind that we
are ready for the next sober like outbreak where multiple versions of the
same virus are released in one day. We never considered performance issues
and I just looked at my system and there are 6 processes taking about 50mb.
There is a patch for version 10 and a registry fix for disabling an
autoscan, but overall we are happy with it because of the anti tampering,
anti spyware, central management features, and most importantly rapid
release definitions. Hope that helps and happy hunting.


Mike Schooley

Emory University





From: unisog-bounces at lists.sans.org [mailto:unisog-bounces at lists.sans.org]
On Behalf Of Bartlett, Matt
Sent: Monday, November 28, 2005 9:58 AM
To: unisog at lists.sans.org
Subject: [unisog] Your opinion on your AntiVirus product?


I am on the hunt for opinions of corporate anti-virus products used at other
universities.  What do you use?  Are you satisfied with it?  What do you
find are it's strengths and weaknesses?  Has it presented you with any
unique challenges, or does it have features that provided you with an
unexpected dividend?  Do you have any problems with your mobile users who
may not connect to your network frequently enough?


We are looking to replace our current Trend Micro product suite, which is
why I'm soliciting your opinions.


Here is my opinion on Trend.

The client agent is too resource intensive, using 5 processes totaling
approx. 25MB of system memory when idle.  It has been unable to detect
several variants of IRCBot viruses.  It does have a nice variety of tools
for tasks like deployment and imaging.  The real killer for us has been the
dissatisfaction with the support provided by Trend.


I'd value anyone's input.



Matt Bartlett

St. Louis College of Pharmacy

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/unisog/attachments/20051128/8168d264/attachment-0001.htm

More information about the unisog mailing list