Enterprise anti-virus recommendations and experiences [closed]
Solution 1:
My organization uses Symantec Endpoint Protection (version 11). As many of you know, Symantec products were not the best during the last few years. I am happy to report that the newest version performs much better. It has a small memory footprint and thanks to pull updates, it will not clog your network with useless traffic. It has powerful management capabilities, you can define very granular policies that apply to specific organizational groups, users or even locations (i.e. different policies for out of office laptops vs ones currently in the office).
This is a very powerful tool that is not only an antivirus, but an Endpoint Compliance product as well. With that beings said, I think that the management console has a steep learning curve and is not intuitive at all. Trying to implement something new will often lead you to reading the documentation and FAQs. There is also no real time reporting from the clients like in the old Symantec Antivirus. In case of an infection, you have to generate multiple reports (again, not intuitive), schedule a full scan, and WAIT for results to appear at some point, since the client does not report in real time, but rather gives periodic updates to the console.
Oh, and of course: Microsoft only.
Solution 2:
I tried several solutions including :
AVG : dropped because it let a virus enter our network...
Avast : dropped because it puts a very heavy weight on our servers
Sophos : a very good solution, too bad their technical support is very slow to answer Sophos provides a log of useful fonctionnality including ActiveDirectory automatic synchronisation and deployment