Okay turning away from Vipre, but I hear you on the SCCM thing. The price is right, but it's not good enough, as I and my colleage have spend many, many manhours just trying to manage SCCM. I've been testing the KACE KBox (now owned by Dell) and have been *very* impressed. The agent install is so easy compared to the SCCM agent that there is no comparison. There is a huge community and list for SCCM, but I find it hard to keep up and we don't have dedicated staff for workstation management. It makes me miss Zenworks. And is it me but the SCCM "wait and it will happen" is crazy. Regarding your comment of the Quest tools, I also purchased the Quest NDS migrator and was very disappointed in the product. Instead I just wrote my own scripts to remove the Novell client, Zen, iprint, etc and we now only use the workstation migrator, which rarely works. But my Vipre installs rarely failed, except when Symanect refused to uninstall and they both ended up being on the same machine. Not pretty but I guess that was my fault as my scripts didn't check for that. Oops.
Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 >>> "Ray" <[email protected]>02/25/10 5:29 PM >>> v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} <o:p></o:p> <o:p> </o:p> We’ve also spent months trying to get SCCM deployed. It’s been an arduous task even with MS help. All kinds of issues with BITS, COM, WMI, permissions, etc. To be fair, we had a whole lot of trouble with the Quest tools when we were converting from Novell. Too many models, too many images, etc etc. <o:p></o:p> <o:p> </o:p> What we wish we had when we started with SCCM was a checklist of what’s needed, or even some kind of “pre-requisite”. Of course, SCCM Console does have a pre-requisite scan, and on a new PC, it still failed to install after passing the pre-req. <o:p></o:p> <o:p> </o:p> Hopefully Vipre will have something that ensure successful installations. <o:p></o:p> <o:p> </o:p> Alex Eckelberry [mailto:[email protected]] Sent: Thursday, February 25, 2010 3:06 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend<o:p></o:p> <o:p> </o:p> Going through this list, there are a number of things I can think of that would be causing these issues. Most, if not all, are configuration issues. Cookies, for example, should be set to Report Only. <o:p></o:p> <o:p> </o:p> The Dell biometric issue is over a year old. <o:p></o:p> <o:p> </o:p> The Confiker issue you're dealing with is due to Confiker being in your environment (from whatever, an unpatched system or a user bringing an infected USB stick) and agents being upgraded and real-time protection being turned off during the upgrade. While this can be managed by the admin, we have dealt with this in version 4 being released next week. <o:p></o:p> <o:p> </o:p> I would just recommend a call with management here at Sunbelt to go over in detail your environment. <o:p></o:p> <o:p> </o:p> Alex<o:p></o:p> <o:p> </o:p> Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: w: www.sunbeltblog.com<o:p></o:p> <o:p></o:p> <o:p></o:p> <o:p> </o:p> <o:p> </o:p> Greg Olson [mailto:[email protected]] Sent: Thursday, February 25, 2010 4:34 AM To: NT System Admin Issues Subject: RE: VIPRE versus Trend<o:p></o:p> <o:p> </o:p> I have to +1 with this assessment. We’re having all the issues reported below and more. My director of customer support has had it now, and is lobbying hard to get rid of it. I really wanted to see it work well, and lobbied hard to get in into play. And perhaps the new version will fix some if it. I really do believe Sunbelt will get it up to snuff eventually, but its hard to justify our support staff spending 60% of their time on Vipre issues. <o:p></o:p> <o:p> </o:p> Here’s a copy of some of an email he sent to myself and our VP of IT. I put some comments in () below.<o:p></o:p> Quote:<o:p></o:p> Here is a summary of the problems that we are facing with Vipre from the information that I gathered from my team:<o:p></o:p> <o:p> </o:p> <o:p> </o:p> (hoping it will, nervous about jumping to the new version though, but are testing it)<o:p></o:p> (This I thought was fixed, but I listened in on the support call he had with Sunbelt, and the Tech did say it might still have issues with the newer version, but he (meaning us) will just have to try it an see)<o:p></o:p> (very disturbing, and has left us with over 30 laptops that have had this issue so far, including the CIO’s machine, defiantly need some sort of patch upgrade failback and retry, it should NEVER uninstall its self and leave a machine totally venerable, I’m pretty sure they will fix this one in the new version, its too insane not too)<o:p></o:p> (need to have a min do not scan till xyz minutes after a boot-up to fix this)<o:p></o:p> session (we have cookies allowed as fyi, but this doesn’t really worry me, the removal of good programs does), sometimes viper is detecting genuine software to be malicious and is quarantining or deleting them making the user reinstall programs. We can add all these false alarms as exceptions in viper policy and make it work but this will add a huge overhead based on the amount of false alarms we are getting. For example Vipre quarantined its own executables and some HP management software executables as threats.<o:p></o:p> No malware engine. Vipre doesn’t seem to have a malware engine or the engine is pretty useless because thus far we have not seen viper detect any malware infections at all. Recently we came across a malware that was causing user machines to reboot as soon as they login and viper was not able to detect it via safe mode or command line utility. We had to install third party solutions in most of the cases where users reported infections to get them cleaned as viper is neither preventing nor cleaning the infections.<o:p></o:p> Known threats. We are having at least a few instances everyday where user machines are infected with known exploits and threats and viper, with active protection running, does not prevent or detect the viruses/Trojans/worms etc and we are ending up installing other applications (Symantec endpoint, zonealarm, malware bytes etc) to get rid of these infections.<o:p></o:p> (Remove Symantec tool from Sunbelt was also being used in the install, and may have had a hand in some of these complaints)<o:p></o:p> <o:p> </o:p> Prior to viper we were using Symantec v9 or v10 on all our clients(not even endpoint protection) and the only time we had higher volume of problems was conficker, now with viper my team is spending 60% of its time everyday resolving pc issues related to viruses/Trojans/malware etc or even worse resolving issues caused by viper. I understand there are claims that the next version of viper is going to resolve most of the above mentioned issues but thus far they are just claims and given the quality of tech support we are receiving from sunbelt I wouldn’t vouch for it.<o:p></o:p> <o:p> </o:p> Given this scenario I would, on behalf of my entire team, recommend rolling back to Symantec and work on improving our patch management which would have saved us from issues like conficker than spend half of my team’s time everyday resolving the above mentioned problems. Also, the stress levels of the users are very clearly being displayed and my team is facing their wrath. This is killing my teams productivity and morale and I would recommend we act on it immediately. I am definitely open to other recommendations but please, if you think viper’s next version is the solution, shoot me.<o:p></o:p> <o:p> </o:p> End quote. <o:p></o:p> <o:p> </o:p> <o:p> </o:p> So not all that good. But I will push to get the new version up into a good size (100+ users) test audience before having to go back to Symantec. Uggh, Symantec…. Uggh…..<o:p></o:p> <o:p> </o:p> -Greg<o:p></o:p> <o:p> </o:p> <o:p> </o:p> <o:p> </o:p> Steve Kelsay [mailto:[email protected]] Sent: Wednesday, February 24, 2010 1:43 PM To: NT System Admin Issues Subject: RE: VIPRE versus Trend<o:p></o:p> <o:p> </o:p> I wish I could be more optimistic, but We are using the Vipre Enterprise. It does an excellent job of protecting us, when I can keep it running. It seems like it just is not ready for primetime. Sunbelt had their top tech go through our entire network setup during a recent Konficker attack, and it is still not really stable. <o:p></o:p> <o:p> </o:p> I can look at the console and believe it is running wonderfully, until scans start without any identifiable cause, effectively shutting down servers with 100% Cpu usage, but that scan never shows up on the remote console, although the machines are sending last contact info, and last scan info, the off time scans never show up. I lobbied hard to get Vipre, and really want it to succeed, but it is not looking good at this time. A deep scan starts on many machines as soon as anyone logs onto the machine, and that will also peg the CPU meter. No reason we can tell for this to happen.<o:p></o:p> <o:p> </o:p> Raper, Jonathan - Eagle [mailto:[email protected]] Sent: Wednesday, February 24, 2010 4:26 PM To: NT System Admin Issues Subject: VIPRE versus Trend<o:p></o:p> <o:p> </o:p> All,<o:p></o:p> <o:p> </o:p> We’re looking to move away from McAfee. Right now we’re considering Trend Micro OfficeScan Enterprise and the VIPRE Enterprise products.<o:p></o:p> <o:p> </o:p> Anyone here (aside from Sunbelt employees) have any experience with both of the current or relatively current iterations of the products?<o:p></o:p> <o:p> </o:p> Can you provide any reasons to choose one over the other, aside from price?<o:p></o:p> <o:p> </o:p> Thanks in advance,<o:p></o:p> Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians & Associates, PA <A title=http://www.eaglemds.com/ href="blocked::http://www.eaglemds.com/";>www.eaglemds.com <o:p></o:p> <o:p> </o:p> <o:p> </o:p> <HR align=center SIZE=2 width="100%"> Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains.<o:p></o:p> <o:p></o:p> <o:p></o:p> <o:p></o:p> <o:p></o:p> <o:p></o:p> <o:p></o:p> <o:p></o:p> <o:p></o:p> Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
