If you had to pick an antivirus/anti-malware tool, which would you choose?

Discussion in 'Software Stuff' started by spyrule, Jan 10, 2018.

  1. spyrule

    spyrule Active Member

    Joined:
    Oct 8, 2013
    Messages:
    433
    Likes Received:
    39
    Current company that I just took IT management control of (there was no prior management, just a cheap company plugging things in) has been using Eset security, but I'm not 100% convinced its worth the cost (and its up for renewal in 3 weeks). We havn't had issues, but were about to merge with another company and I'm not sure how effective it will be at preventing ransomware and other emerging network threats.

    I'm just looking for opinions and experiences with any corporate/business level AV/AM software that you've either loved or hated.

    Thanks in advance.

    I plan on changing most of the network switches/firewall/gateway to ubiquiti products, so anything that you know works well with that is appreciated.
     
    #1
  2. StammesOpfer

    StammesOpfer Active Member

    Joined:
    Mar 15, 2016
    Messages:
    337
    Likes Received:
    100
    Nobody gets fired for going with Mcafee or Symantec. Are they the cheapest probably not. With the installed user base and the size of companies running it they have things worked out and excellent integration. If something does break it will get fixed quickly.
     
    #2
  3. nkw

    nkw Active Member

    Joined:
    Aug 28, 2017
    Messages:
    130
    Likes Received:
    44
    My personal view is third-party antivirus utilities introduce more (or more serious) vulnerabilities than they protect against.

    See, e.g., Project Zero: How to Compromise the Enterprise Endpoint and https://support.microsoft.com/en-us...ndows-security-updates-and-antivirus-software
     
    #3
    StevenDTX likes this.
  4. audio catalyst

    Joined:
    Jan 4, 2014
    Messages:
    77
    Likes Received:
    11
    sophos would be good, that being said, ms has pretty much covert anti virus.
    you be better off protecting the incomming traffic, mail and im traffic at a scanning proxy/gateway, and some basic user training

    send from a mobile device, so typo's are to be expected
     
    #4
    StammesOpfer likes this.
  5. Evan

    Evan Well-Known Member

    Joined:
    Jan 6, 2016
    Messages:
    1,994
    Likes Received:
    284
    McAfee, Symantec, Sophos
    I would always try to use a different vendor on server than desktop and also make sure you have you UTM/Proxy doing malware and virus checking
     
    #5
  6. Jannis Jacobsen

    Jannis Jacobsen Active Member

    Joined:
    Mar 19, 2016
    Messages:
    218
    Likes Received:
    34
    Palo Alto Traps

    -Jannis
     
    #6
  7. squidman

    squidman Member

    Joined:
    Jul 8, 2017
    Messages:
    92
    Likes Received:
    3
    Curious as well..have used in the past, Kaspersky, Sophos, McAffee (wow probably 15 + years ago!) for my home office, probably several others as well. Anything wrong for us SOHO SMB users to just stick with the built-in windows defender? Realize that thread starter may be talking about enterprise versions etc of course...
     
    #7
  8. StammesOpfer

    StammesOpfer Active Member

    Joined:
    Mar 15, 2016
    Messages:
    337
    Likes Received:
    100
    Nothing wrong with Defender it is a reasonably good signature based anti virus. If you need something more like HIDS/HIPS, centrally managed or more advanced heuristic based AV then something else may be appropriate.
     
    #8
  9. cluefr

    cluefr New Member

    Joined:
    Feb 11, 2018
    Messages:
    2
    Likes Received:
    0
    Kaspersky seems best solutions for linux and very good solution on windows (server and even workstation)
    mcafee or norton on linux have very low detection and maybe good at windows
     
    #9
  10. StammesOpfer

    StammesOpfer Active Member

    Joined:
    Mar 15, 2016
    Messages:
    337
    Likes Received:
    100
    Kaspersky has a reputation problem these days. Maybe it is deserved, maybe not, but it is hard to recommend it when you have several governments banning it or recommending against its use.
     
    #10
  11. T_Minus

    T_Minus Moderator

    Joined:
    Feb 15, 2015
    Messages:
    6,255
    Likes Received:
    1,254

    Personally I wouldn't go looking to fix a problem that doesn't exist.

    Figure out more info about the merger, what more you need to protect against vs. now, etc, and base decision on that with help/feedback from here.

    I'm not sure the size of the company but it sounds small(ish)... in such a case I'd run the pros/cons of switching by management too, if it's a med+ and you're running IT and don't get overseen like you do in small companies, well that's different :D
     
    #11
  12. pricklypunter

    pricklypunter Well-Known Member

    Joined:
    Nov 10, 2015
    Messages:
    1,330
    Likes Received:
    356
    My money would go on BitDefender just now, if I were inclined to go looking for a solution with someone else's cheque book. As already mentioned, fixing a perceived issue might not be the best course of action anyway and may even bring some surprise headaches for you along with it :)
     
    #12
  13. William

    William Active Member

    Joined:
    May 7, 2015
    Messages:
    608
    Likes Received:
    206
    Agreed.

    I use it on my main workstation. I often look around to try and switch to something else because of what you said, but nothing seems better. I use Kaspersky and Malwarebytes. With this I also block pop-ups, ad's etc. There was a growing number of threats coming through ad's for awhile so I felt this combo was a reasonable protection. Both block these reasonably well alone but one will let somethings through while the other gets them.

    I often go screw all this performance grabbing stuff... but when you run a fresh install without anti-virus / ad-blocking and get assaulted by ad's while surfing I just go nope.
     
    #13
  14. i386

    i386 Well-Known Member

    Joined:
    Mar 18, 2016
    Messages:
    1,178
    Likes Received:
    267
    :p
     
    #14
  15. mstone

    mstone Active Member

    Joined:
    Mar 11, 2015
    Messages:
    373
    Likes Received:
    89
    This is why I block ads. When they start policing themselves, I'll stop blocking.
     
    #15
    William likes this.
  16. /dev/null

    /dev/null New Member

    Joined:
    May 16, 2018
    Messages:
    1
    Likes Received:
    0
    We have ongoing problems with Symantec's false positives. As far as I am aware they are the only AV vendor that completely disregards EV signatures on executable files and nukes them just because they hasn't been seen much in the wild. This creates a problem every single time some other vendor rolls out an update and the clients start pulling it down. New update -> little to no field presence -> must be a virus -> nuke it.
     
    #16
  17. audio catalyst

    Joined:
    Jan 4, 2014
    Messages:
    77
    Likes Received:
    11
    this pure economic warfare, nothing more, nothing less.
    besides, there are legion products that do the same.

    ever though that kaspersky maybe wasnt playing ball with those 3 letter agencies in the us and provide backdoor access ?

    the usa dont exactly have the best reputation, privacy wise, bullying wise, or any other wise

    send from a mobile device, so typo's are to be expected
     
    #17
  18. StammesOpfer

    StammesOpfer Active Member

    Joined:
    Mar 15, 2016
    Messages:
    337
    Likes Received:
    100
    That is where the "Maybe deserved, Maybe not" part came in but no matter what you think personally it is hard to justify the choice to the boss when he sees a news story on TV about Kaspersky being a Russian front. No matter how true it is.
     
    #18

Share This Page