Always an interesting debate, this one. I'll have to agree with Dan that NAI has had a major turnaround in the last 18 months. The McAfee 4x product line is nowhere near the quality of the VSE7 product. Just as well, ePO 2.5x isn't perfect, but they had a good idea going with policy-based management and I haven't tested ePO 3 yet but it's "supposed to be good."
I've found that in recent high-priority outbreaks, NAI has consistently beat Symantec in coming out with fully qualified DAT definitions (not beta) by a few hours each time. Of course, no one posting here has really knocked Trend's product or DATS, so that obviously should stand for something. But here's an interesting piece of the puzzle: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/virus/via.asp Microsoft now has an information sharing network with only 2 virus research labs: NAI and Trend. Symantec's name is nowhere on that page. Should this influence things? I'd say of course - when the software developer for the most widely used corporate operating system is sharing information with 2 other software companies, those two companies have a higher probability of quickly releasing a definition or scan engine that is compatible with the OS and effectively prevents or removes infection. Also, FYI, we are also considering a complete conversion to Trend, but for our current situation, full usage of the NAI product line is the most "fitting" choice. Thanks everyone for the USEFUL info - as I said before, old feelings of content and ill-brood don't apply with the newer product lines each vendor is coming out with. NAV 8.6, VSE7, OfficeScan 5.5 can't be compared to their predecessors ... ~Alex -----Original Message----- From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 24, 2003 6:09 AM To: NT 2000 Discussions Subject: RE: Switching from NAV to GroupShield > I am seeing DAT updates come out pretty much in the same > timeline as the > others and the new ePO 3 has been solid in getting them from NAI and > getting them to the clients. I get notices of new threats now and the > extra.dat, pending a full definition, interim file is a piece > of cake to > push to all my clients (no more manual with ePO 3). That's one of the other things I don't like about NAI (and Norton, for that matter) - the concept of patching your definitions while you wait for the once a week refresh of the file. That particular process caused me more headaches than I care to remember, frankly. I'll leave it like this: Look back over the last 5 years of traffic on the Exchange list currently hosted[1] by Swynk, and look at the number of people who have had positive experiences with the products versus those who have had negative experiences with products. In that collection of 4000+ admins, its obvious which ones have issues and which ones don't. Roger -------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. [1] Including before it was hosted by Swynk, when Peter ran it out of his house > -----Original Message----- > From: Dan Bartley [mailto:[EMAIL PROTECTED] > Sent: Tuesday, June 24, 2003 8:59 AM > To: NT 2000 Discussions > Subject: RE: Switching from NAV to GroupShield > > > We use GSE with no problems on E2k and E2k3. However, it did > not used to > be that way. In the past 18 months NAI seems to have > undergone a change > in approach. Their QC seems to be better and their support options > actually function now (I can remember calling support a few years ago > and never actually reaching anyone-sometimes not even a recorded > message). > > Bear in mind that some of the hardest hit corps in recent rounds have > been using Trend and Sybari, as well as others. It all boils down to > proper administration in most cases. Remember, they rate the virus > usually based on how many of "their" customers call in > reporting getting > hit with an infection. They even say so in their press comments. So, > apparently, all the vendors can have a virus get by. > > I am seeing DAT updates come out pretty much in the same > timeline as the > others and the new ePO 3 has been solid in getting them from NAI and > getting them to the clients. I get notices of new threats now and the > extra.dat, pending a full definition, interim file is a piece > of cake to > push to all my clients (no more manual with ePO 3). > > I also have not been hit with any of the prolific Trojans or virus' > (knock on wood-nothing is foolproof). Even when only hours > old. In those > cases where someone has used OE or some other POP3 app, the > desktop has > caught them every time. When I first got here, a couple of years ago, > they were running Symantec and almost every desktop had some kind of > infection. When I migrated the Exchange server to a new one, I got > almost 1500 infected emails caught by GSE that Symantec had let in. > > Yes, NAI will gladly help with the migration and yes you will actually > get someone to talk to in a few minutes or less. > > Despite lumping them all together, I will say that Symantec > seems to be > the last vendor I would ever recommend. As recently as last week there > were reports of one of their definitions causing their scanning engine > to shut down. > > Best Regards, > > Dan Bartley > > -----Original Message----- > From: Roger Seielstad [mailto:[EMAIL PROTECTED] > Sent: Tuesday, June 24, 2003 08:31 > To: NT 2000 Discussions > > On Exchange, there are only two vendors worth considering. > One is Trend > (my > choice), the other is Sybari. No one else has correctly created a > process > for accessing the mail data and passing it to the scanning engine. > Norton, > NAI and others have never had a completely stable hook into the mail > stores. > > Over the last 5-6 years, I've done a seat of the pants tracking of > antivirus > definitions, and without fail, Trend is one of the earliest and is the > most > consistent in releasing definitions to catch and clean data. > > We have used Norton on the desktop for the last 2-3 years, and > consistently > have issues with the instability it brings to the client PCs. Our > support is > up at the end of the year and we will be replacing it with OfficeScan > from > Trend. > > Prior to Norton, we had the NAI/McAfee corporate solution (I > want to say > the > 4.x range of products, its been 3 years), and consistently and without > fail > could not keep more than 50% of our clients current. We went as far as > having one of the NAI engineers onsite to demonstrate and > help configure > an > ePO server for testing. That server never successfully > managed a single > client. > > On the other hand, we've run Trend for close to 4 years, and > I ran Trend > for > a few prior to my arrival here, and have yet to be the victim of any > email > borne virus outbreaks. > > In the end, Trend's track record in my envrionment, with our > experiences, > has proven its the best product out there for our money. > > -------------------------------------------------------------- > Roger D. Seielstad - MTS MCSE MS-MVP > Sr. Systems Administrator > Inovis Inc. > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, June 24, 2003 8:13 AM > > To: NT 2000 Discussions > > Subject: RE: Switching from NAV to GroupShield > > > > > > Roger, > > > > Why? You obviously have some feelings on the issue. Please share. > > > > ======================== > > Not to Roger specifically. But wanted to put this in w/out > > doing a new > > message. > > > > Corporate NAV 8 users: > > "We experienced a major failure in our Symantec Antivirus > protection > > software today, caused by a faulty set of definition updates > > from Symantec. > > Specifically, the updates they released yesterday > > (rc:Thursday, June 19th) > > via their Intelligent Updater mechanism had a problem that > > caused all 8.0 > > clients to choke. Earlier versions of clients (7.5) were not > > affected. The > > problem was somewhere in the mechanism that performs > "microdefinition > > updates". " > > > > Symantec tech support said they were aware of the problem, > > and provided me > > with a way to fix affected systems: copy the full 4 MB .VDB > > file to those > > systems, and then restart the service or reboot the system if > > the service > > could not be restarted. > > > > Issue: > > Symantec has not issued any security alert for this issue, > > nor have they > > posted any information on their website, at least not in any > > location that > > I've been able to find so far. > > > > > > > > At 06:14 6/24/2003, you wrote: > > >No one in their right mind would do that, so I'm thinking > > you won't get many > > >real world examples of it. > > > > > >-------------------------------------------------------------- > > >Roger D. Seielstad - MTS MCSE MS-MVP > > >Sr. Systems Administrator > > >Inovis Inc. > > > > > > > > > > -----Original Message----- > > > > From: Alexander Kha Do [mailto:[EMAIL PROTECTED] > > > > Sent: Monday, June 23, 2003 7:05 PM > > > > To: NT 2000 Discussions > > > > Subject: Switching from NAV to GroupShield > > > > > > > > > > > > Anyone ever converted an Exchange 2000 server from Norton for > > > > Exchange to GroupShield 5.2 for Exchange? > > > > > > > > Know what the issues are? Residual effects on performance / > > > > stability? > > > > > > > > Thanks, > > > > Alex > > > > > > > > ------ > > > > You are subscribed as [EMAIL PROTECTED] > > > > Web Interface: > > > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=nt2000&tex > > >t_mode=&lang=english > > >To unsubscribe send a blank email to %%email.unsub%% > > > > > >------ > > >You are subscribed as [EMAIL PROTECTED] > > >Web Interface: > > >http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=nt2000&te > xt_mode=&lang=english > >To unsubscribe send a blank email to %%email.unsub%% > > > > > ------ > You are subscribed as [EMAIL PROTECTED] > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=nt2000&tex t_mode=&la ng=e nglish To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=nt2000&text_mode=&la ng=english To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=nt2000&text_mode=&lang=e nglish To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=nt2000&text_mode=&lang=english To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=nt2000&text_mode=&lang=english To unsubscribe send a blank email to [EMAIL PROTECTED]
