If you can't afford the fancy stuff, I'd take a look at ESET, via say
CDW. They had good pricing, good licensing (you buy X seats and can use
Windows ,Linux , Mac, server ...) and if you use their virtual appliance
for the server it is dead simple to set up. They also have pretty savvy
tech support.
The product is a nice blend (on Windows anyway) of traditional AV,
behavior analysis, firewall, NPS, IDS, and HIPS. I can also say that the
HIPS works, to my pain sometimes - It'll kill dead things like Dell
Privilege Manager till you whitelist it, it also seems to stop remote
ctrl-alt-del from software like LogMeIn until whitelisted.
Anyway I have found it to be really lightweight, and only one bug -
users can try and run syspector (some sort of system analysis tool for
tech support as far as I can tell) but they wouldn't have Windows
permissions and it loops starting and exiting rather than throwing an
error. Simple user training or configuration can prevent this though.
James Pulver
CLASSE Computer Group
Cornell University
On 09/05/2017 05:56 PM, Joe Tinney wrote:
Hey folks,
I'm interested in working with a reseller that has a strong knowledge of
current security software (anti-malware, app whitelisting, endpoint
firewall, etc). Before I go with what I know (Symantec Endpoint
Protection) I want to make sure I've vetted some of the newer offerings.
I've seen lots of different suggestions come through from everyone and
if you have any more of those that would be great as well.
Basically, I'm looking to provide a solid layer of prevention (right now
we've invested heavily in response via logging and reporting tools like
Netwrix, AlienVault, etc). By prevention I meant I'm interested in
looking at a solution that provides endpoint network isolation,
authorization management, application whitelisting, behavioral analysis,
etc.
We've come out of contract with a vendor that was providing TrendMicro's
cloud product and I was very underwhelmed. I've trialed Symantec
Endpoint Cloud and again, the same. These small business products just
aren't up to the task I'm looking to accomplish.
I believe that I do not have the time at the moment to learn, design and
implement solutions using Group Policy nor do I have extensive MS
licensing that would allow me to employ more advanced solutions like
AppLocker. The implementation of products that I'm interested in may of
course change my mind depending on how protracted the configuration can be.
If anyone has someone they enjoy working with and is sharp please let me
know. This would be for a company based in the Midwestern Region of the US.
Regards,
Joe
