+1 for a lateral move of Kaspersky to ESET. I'm not advocating a switch, but if forced to, that's what I would do based on personal malware cleanup experiences.
-- Espi On Fri, Sep 15, 2017 at 4:47 AM, James M. Pulver <[email protected]> wrote: > I've always liked ESET, and when we dropped Symantec, ESET was quoted to > be the least expensive of a bunch we looked at. The ERA appliance is great, > but a self install on Linux was buggy as hell. Glad I moved to the Virtual > Appliance. Their tech support is B+ in my opinion. Upgraded to an A- as > they don't run screaming from Linux. Some of the best I've dealt with, the > main failing is no real route back to devs if there's a bug, but in terms > of using what's there and being aware of work-arounds - they're among the > best I've ever interacted with. > > They seem to be pretty effective, but then so was Symantec in our > environment - we don't give out admin, and seem to have enough e-mail > screening via Office 365 and central IT to really limit ransomware, > followed by decent user culture of asking before clicking so there's not a > lot of chances for it to step in. It does kill a few "driveby" unwanted > applications for us, but we haven't (knock on wood) seen much real malware > anyway. > > So if you have to tick the box for AV, like we do, ESET is a pretty good > choice IMO. The other obvious "tick the box" one would be Windows Defender > if you don't have to be cross platform. However, I think ESET is more > effective - but as others said, that's not a high bar. > > I should point out, even the "traditional AV" isn't traditional AV anymore > - ESET isn't just scanning against signatures. They have HIPS as well as > behavior analysis and the like. > > James Pulver > CLASSE Computer Group > Cornell University > > > On 09/14/2017 12:31 PM, Michael Leone wrote: > >> We use Kaspersky for our AV needs, and to be honest, it's worked out >> well for us. It's certainly caught things that McAfee, our previous AV >> solution, didn't. However, they have this slight problem with being a >> covert arm of the Russian government, apparently .. >> >> So we need to drop them, as the federal agencies are doing. >> >> There are lots of reviews, such as av-test.org, that we are looking >> at. But tell me, who do you have? And - more importantly - if you had >> your say in the matter, would you keep them? >> >> We're an sort of enterprise level organization, maybe 1K users, bunch >> of laptops issued to remote users. So far, all Win 7 for workstations, >> but obviously that will change in the future. Servers are all Win >> 2008/2012 R2 (so far). So we need something with a centralized >> console, to push out rules, updates, etc. >> >> We use Proofpoint as an email gateway, so it does mail scanning. We >> have Checkpoint firewalls for managing that sort of traffic. >> >> Thoughts? I know I've heard good things about ESET and Sophos, among >> others. Just soliciting some real world opinions, along with our own >> research. >> >> >> > >
