I've always liked ESET, and when we dropped Symantec, ESET was quoted to
be the least expensive of a bunch we looked at. The ERA appliance is
great, but a self install on Linux was buggy as hell. Glad I moved to
the Virtual Appliance. Their tech support is B+ in my opinion. Upgraded
to an A- as they don't run screaming from Linux. Some of the best I've
dealt with, the main failing is no real route back to devs if there's a
bug, but in terms of using what's there and being aware of work-arounds
- they're among the best I've ever interacted with.
They seem to be pretty effective, but then so was Symantec in our
environment - we don't give out admin, and seem to have enough e-mail
screening via Office 365 and central IT to really limit ransomware,
followed by decent user culture of asking before clicking so there's not
a lot of chances for it to step in. It does kill a few "driveby"
unwanted applications for us, but we haven't (knock on wood) seen much
real malware anyway.
So if you have to tick the box for AV, like we do, ESET is a pretty good
choice IMO. The other obvious "tick the box" one would be Windows
Defender if you don't have to be cross platform. However, I think ESET
is more effective - but as others said, that's not a high bar.
I should point out, even the "traditional AV" isn't traditional AV
anymore - ESET isn't just scanning against signatures. They have HIPS as
well as behavior analysis and the like.
James Pulver
CLASSE Computer Group
Cornell University
On 09/14/2017 12:31 PM, Michael Leone wrote:
We use Kaspersky for our AV needs, and to be honest, it's worked out
well for us. It's certainly caught things that McAfee, our previous AV
solution, didn't. However, they have this slight problem with being a
covert arm of the Russian government, apparently ..
So we need to drop them, as the federal agencies are doing.
There are lots of reviews, such as av-test.org, that we are looking
at. But tell me, who do you have? And - more importantly - if you had
your say in the matter, would you keep them?
We're an sort of enterprise level organization, maybe 1K users, bunch
of laptops issued to remote users. So far, all Win 7 for workstations,
but obviously that will change in the future. Servers are all Win
2008/2012 R2 (so far). So we need something with a centralized
console, to push out rules, updates, etc.
We use Proofpoint as an email gateway, so it does mail scanning. We
have Checkpoint firewalls for managing that sort of traffic.
Thoughts? I know I've heard good things about ESET and Sophos, among
others. Just soliciting some real world opinions, along with our own
research.
