[unisog] Your opinion on your AntiVirus product?

Goverts IV, Paul pgoverts at sjfc.edu
Mon Nov 28 16:59:21 GMT 2005

Just an FYI, version 10.1 has an option in the system center for turning
off the startup autoscan.




Paul Goverts IV
Computer Services
St. John Fisher College
Rochester, NY 14618

"Ask yourself - Where are you going?  Who is going with you?"  -- "Col."
Gordon Shay


From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org] On Behalf Of Michael Schooley
Sent: Monday, November 28, 2005 11:13 AM
To: 'UNIversity Security Operations Group'
Subject: Re: [unisog] Your opinion on your AntiVirus product?


We use Symantec. The newest version 10 is a very good product. It has
anti tampering and anti spyware built in. We use central management and
are very pleased with the latest version. We also use a feature called
rapid release updates which allows us to push out definitions as often
as we like. Currently we have it set for every three hours and have
experienced problems with false positives, but not annoying enough to
have peace of mind that we are ready for the next sober like outbreak
where multiple versions of the same virus are released in one day. We
never considered performance issues and I just looked at my system and
there are 6 processes taking about 50mb. There is a patch for version 10
and a registry fix for disabling an autoscan, but overall we are happy
with it because of the anti tampering, anti spyware, central management
features, and most importantly rapid release definitions. Hope that
helps and happy hunting.


Mike Schooley

Emory University





From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org] On Behalf Of Bartlett, Matt
Sent: Monday, November 28, 2005 9:58 AM
To: unisog at lists.sans.org
Subject: [unisog] Your opinion on your AntiVirus product?


I am on the hunt for opinions of corporate anti-virus products used at
other universities.  What do you use?  Are you satisfied with it?  What
do you find are it's strengths and weaknesses?  Has it presented you
with any unique challenges, or does it have features that provided you
with an unexpected dividend?  Do you have any problems with your mobile
users who may not connect to your network frequently enough?


We are looking to replace our current Trend Micro product suite, which
is why I'm soliciting your opinions.


Here is my opinion on Trend.

The client agent is too resource intensive, using 5 processes totaling
approx. 25MB of system memory when idle.  It has been unable to detect
several variants of IRCBot viruses.  It does have a nice variety of
tools for tasks like deployment and imaging.  The real killer for us has
been the dissatisfaction with the support provided by Trend.


I'd value anyone's input.



Matt Bartlett

St. Louis College of Pharmacy

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/unisog/attachments/20051128/940b5849/attachment.htm

More information about the unisog mailing list