I have a ~50 user 8 server setup. I have had none of the issues reported here. I had one issue about 6 months ago that would cause a scheduled scan to tie up all system resources and make the machine unusable, and scans took 3 hours or more. I was a bit disappointed that the rep wouldn't admit that it was the update causing it. I knew it was the update, too, because users in the field with the previous definitions weren't reporting problems.
Other than that, my experience with Vipre has been postitive. It catches stuff, it doesn't take a lot of resources, is easy to deploy and manage unlike any other AV or EP product I've used. On Thu, Feb 25, 2010 at 10:07 AM, Tom Miller <[email protected]> wrote: > Just to comment on a few thing: > > The Vipre agent rollout has been very easy here compared to other software > rollouts (like the Microsoft Configuration Manager client - very fussy). > The Sunbelt script for removing Symantec is just a simple AutoIt script. I > wrote the original and the Sunbelt team improved it greatly. I didn't use > it, since I didn't like to force reboot and I gave various messages to my > staff. > > I did see the agent "going away" and having to be re-installed, but that > was on older versions and have not seen it in a while. > > Are you folks with issues using a remote PC/server as the update server? I > do that and at the remote sites have no issues. > > Vipre scan: check that you don't have the scan after reboot enabled? I > did, found the scans going all the time, and turned it off. On my PCs there > local drives are huge with various ISOs and the (full) scans run for hours. > > I was using SAV until a few years ago. The console was very granular but I > didn't have the time to constantly tweak it. > > As for false positives, I do see some occasionally but report them to > Sunbelt and it's resolved in the next update. I use "quarantine" instead of > delete and this makes it easy to undo false positives. > > Sunbelt has the best support in my experience. I always had trouble just > getting support with Symantec products. Maybe it's improved though. > > One other thing I'd recommend it to be sure your PCs are kept patched with > current security patches. Doing that has kept our viruses to a minimum. > > > > > > Tom Miller > Engineer, Information Technology > Hampton-Newport News Community Services Board > 757-788-0528 > > >>> Greg Olson <[email protected]> 2/25/2010 4:34 AM >>> > > I have to +1 with this assessment. We’re having all the issues reported > below and more. My director of customer support has had it now, and is > lobbying hard to get rid of it. I really wanted to see it work well, and > lobbied hard to get in into play. And perhaps the new version will fix some > if it. I really do believe Sunbelt will get it up to snuff eventually, but > its hard to justify our support staff spending 60% of their time on Vipre > issues. > > > > Here’s a copy of some of an email he sent to myself and our VP of IT. I put > some comments in () below. > > Quote: > > Here is a summary of the problems that we are facing with Vipre from the > information that I gathered from my team: > > > > > > a. Vipre becomes inactive on machines for no evident reason. When > VIpre support was contacted the response was that this will be fixed in the > next version upgrade (hoping it will, nervous about jumping to the new > version though, but are testing it) > > b. Vipre starts crashing user machines. This behavior is seen in > machines that also run the security software by Dell which works on disk > encryption and biometric authentication. According to viper the only > solution is to not use the Dell security software which is not a good option > because with the proposed windows 7 rollout we are planning to implement > disk encryption and also the biometric authentication is a good feature to > use in windows 7. (This I thought was fixed, but I listened in on the > support call he had with Sunbelt, and the Tech did say it might still have > issues with the newer version, but he (meaning us) will just have to try it > an see) > > c. Vipre gets uninstalled from clients: This happened in a few > instances and when contacted by viper this happens if the definitions > downloaded by the client are not installed appropriately and there is no > solution for this problem according to viper. They claim that this issue is > resolved in their latest version but we will not know that for sure until we > start having these problems again but there is no way to detect these > problems until a client reports this themselves which is very unlikely. (very > disturbing, and has left us with over 30 laptops that have had this issue so > far, including the CIO’s machine, defiantly need some sort of patch upgrade > failback and retry, it should NEVER uninstall its self and leave a machine > totally venerable, I’m pretty sure they will fix this one in the new > version, its too insane not too) > > d. Vipre starts a scan as soon as the machines boots and utilizes all > the available system resources making it impossible for the user to log in. > The only solution to this problem according to viper is to disable the agent > on the machine in safe mode and reboot the machine, let the user log in and > then enable the agent again. This is happening pretty frequently and is > causing a lot of productivity downtime. (need to have a min do not scan > till xyz minutes after a boot-up to fix this) > > e. False alarms: we are getting at least 20 to 25 false alarms > everyday when viper opens tickets for browser cookies which are mostly > harmless and are removed as soon as the user closes his browser session > (we have cookies allowed as fyi, but this doesn’t really worry me, the > removal of good programs does), sometimes viper is detecting genuine > software to be malicious and is quarantining or deleting them making the > user reinstall programs. We can add all these false alarms as exceptions in > viper policy and make it work but this will add a huge overhead based on the > amount of false alarms we are getting. For example Vipre quarantined its own > executables and some HP management software executables as threats. > > f. No malware engine. Vipre doesn’t seem to have a malware engine > or the engine is pretty useless because thus far we have not seen viper > detect any malware infections at all. Recently we came across a malware that > was causing user machines to reboot as soon as they login and viper was not > able to detect it via safe mode or command line utility. We had to install > third party solutions in most of the cases where users reported infections > to get them cleaned as viper is neither preventing nor cleaning the > infections. > > g. Known threats. We are having at least a few instances everyday > where user machines are infected with known exploits and threats and viper, > with active protection running, does not prevent or detect the > viruses/Trojans/worms etc and we are ending up installing other applications > (Symantec endpoint, zonealarm, malware bytes etc) to get rid of these > infections. > > h. Deployments: Vipre has been horrible as far as remote deployments > are concerned rolling out viper in our enterprise was a nightmare. Took us 3 > months as most of the times remote deployment either failed or cause system > issues, I believe lot of us within the team had issues with the deployments > too including the CTO. Even now the deployments are a matter of luck, if we > are lucky it works if we are not it doesn’t and if it hates the tech it will > say it deployed but wont turn on. (Remove Symantec tool from Sunbelt was > also being used in the install, and may have had a hand in some of these > complaints) > > > > Prior to viper we were using Symantec v9 or v10 on all our clients(not even > endpoint protection) and the only time we had higher volume of problems was > conficker, now with viper my team is spending 60% of its time everyday > resolving pc issues related to viruses/Trojans/malware etc or even worse > resolving issues caused by viper. I understand there are claims that the > next version of viper is going to resolve most of the above mentioned issues > but thus far they are just claims and given the quality of tech support we > are receiving from sunbelt I wouldn’t vouch for it. > > > > Given this scenario I would, on behalf of my entire team, recommend rolling > back to Symantec and work on improving our patch management which would have > saved us from issues like conficker than spend half of my team’s time > everyday resolving the above mentioned problems. Also, the stress levels of > the users are very clearly being displayed and my team is facing their > wrath. This is killing my teams productivity and morale and I would > recommend we act on it immediately. I am definitely open to other > recommendations but please, if you think viper’s next version is the > solution, shoot me. > > > > End quote. > > > > > > So not all that good. But I will push to get the new version up into a > good size (100+ users) test audience before having to go back to Symantec. > Uggh, Symantec…. Uggh….. > > > > -Greg > > > > > > > > *From:* Steve Kelsay [mailto:[email protected]] > *Sent:* Wednesday, February 24, 2010 1:43 PM > *To:* NT System Admin Issues > *Subject:* RE: VIPRE versus Trend > > > > I wish I could be more optimistic, but We are using the Vipre Enterprise. > It does an excellent job of protecting us, when I can keep it running. It > seems like it just is not ready for primetime. Sunbelt had their top tech go > through our entire network setup during a recent Konficker attack, and it is > still not really stable. > > > > I can look at the console and believe it is running wonderfully, until > scans start without any identifiable cause, effectively shutting down > servers with 100% Cpu usage, but that scan never shows up on the remote > console, although the machines are sending last contact info, and last scan > info, the off time scans never show up. I lobbied hard to get Vipre, and > really want it to succeed, but it is not looking good at this time. A deep > scan starts on many machines as soon as anyone logs onto the machine, and > that will also peg the CPU meter. No reason we can tell for this to happen. > > > > *From:* Raper, Jonathan - Eagle [mailto:[email protected]] > *Sent:* Wednesday, February 24, 2010 4:26 PM > *To:* NT System Admin Issues > *Subject:* VIPRE versus Trend > > > > All, > > > > We’re looking to move away from McAfee. Right now we’re considering Trend > Micro OfficeScan Enterprise and the VIPRE Enterprise products. > > > > Anyone here (aside from Sunbelt employees) have any experience with both of > the current or relatively current iterations of the products? > > > > Can you provide any reasons to choose one over the other, aside from price? > > > > Thanks in advance, > > Jonathan L. Raper, A+, MCSA, MCSE > Technology Coordinator > Eagle Physicians & Associates, PA* > *[email protected]* > *www.eaglemds.com > > > > > ------------------------------ > > Any medical information contained in this electronic message is > CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to > view, copy, disclose, or disseminate CONFIDENTIAL information. This > electronic message may contain information that is confidential and/or > legally privileged. It is intended only for the use of the individual(s) > and/or entity named as recipients in the message. If you are not an intended > recipient of this message, please notify the sender immediately and delete > this material from your computer. Do not deliver, distribute or copy this > message, and do not disclose its contents or take any action in reliance on > the information that it contains. > > > > > > > > > > > > > > > Confidentiality Notice: This e-mail message, including attachments, is for > the sole use of the intended recipient(s) and may contain confidential and > privileged information. Any unauthorized review, use, disclosure, or > distribution is prohibited. If you are not the intended recipient, please > contact the sender by reply e-mail and destroy all copies of the original > message. > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
