My showstopper is the ability of Vipre to turn off real time detection without warning on a monotonously regular basis. NOTE to Sunbelt: I think the obsolete protection I had running yesterday is more secure than the updated protection that is not running because you turned it off until I reboot.
From: Tom Miller [mailto:[email protected]] Sent: Thursday, August 12, 2010 9:19 AM To: NT System Admin Issues Subject: Re: Sophos vs. Vipre Enterprise (now that we have tested both) Jeff, Thanks for the comments. I'll add few that some might find helpful: - Vipre deployments here went fairly easily. I used my own script that is similar to the original Vipre scripts. I had to remove SAV and that was more of an issue than getting Vipre to install. Removing SAV from PCs here was like pulling a steak away from a hungry lion.......... - I see false positives too much, and usually on my Windows 2008 servers, usually on the weekend. I agree that support is weak on the weekends. I submit a request and usually between the long periods of silence I get an occasional e-mail from support. By several days later I'm disgusted with the non-resolution and I realize that the issue is a false positive and end up closing the tickets. - I've never had support remote in, although on a few occasions it would have saved time. I got the same impression that support didn't want to do that. However sometimes support is really fast and the techs are very knowledgeable. (None of this Microsoft "is the computer powered on?" crap.) - Agreed on the agent updates and reboots. For us it is an annoyance, not a show-stopper. - Agreed on the exclusions. I have a long list of exclusions. But that is based on an MS KB I found awhile back and would probably put those exclusions in any A/V software I used. - I really like how "lite" Vipre is on active scanning and the daily scans. The full scans do tend to bring some PCs here to a crawl, including mine. Support told me to schedule those "off-hours". Helloooo? We tell staff to turn off their PCs when not in use to save electricity. Not. An. Option. - In terms of pricing, Sunbelt has been very good to us and I appreciate it very much. We are a non-profit/state agency so funds are always stretched. Other vendors couldn't even come close. Or even try. For us price is a very important factor. - Updates for remote locations has always been an issue. I have 20 or so broadband sites that connect to me via a SOHO device VPN. You'd think those PCs would update just fine. Nope. Many go to 0 defs, never get updated, or when the agent uninstalls as part of an agent upgrade, the new agent never installs or something happens that requires my team's intervention. This is a real pain. And going from version 3 to 4 for these locations was such an issue that we are still dealing with it. - I hope Vipre premium will get more advanced. For now my laptop staff who work via air card or remote wired/wireless connection don't use Vipre. I use Forticlient premium managed by a Fortimanager. Lots of security options on the Forticlient! And I love how my internal content filtering policies are finally extended to those laptops (we have Fortinet firewalls so the policies are universal). Perhaps I'll move to Vipre premium at some point. - The Console is great and so easy to use. Super design, Sunbelt. Version 4 is better than 3, too. - I wish there were a better way to manage remote WAN site servers/workstations. Other products just pick a PC and make that the update point. With Vipre it's a hassle and a bit confusing. I hope this doesn't sound too negative. I'm sticking with Vipre for now. The product is still new compared to other vendors and I see it improving with each revision. Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 >>> "Jeff S. Gottlieb" <[email protected]> 8/11/2010 4:56 PM >>> We are in an SMB environment of roughly 60 servers and 1000 hosts, including Server 2003, 2008, SBS2003, SBS2008, XP Pro SP3, Windows 7, and Vista workstations. Sophos Endpoint Security along with PureMessaging, and Vipre Enterprise Premium along with Vipre Email Security are being put to the test head-to-head. We are staunch fans of Sunbelt Software. Our experiences with Vipre Email Security (much improved over Ninja) has been great over the years. For over 10-years we have placed our trust in Trend Micro, something that has deteriorated slowly over the past 24-months. In any event, we are hoping that our published comparisons will meet objectivity, and help to give reassurance to future Vipre users regardless of the decisions we ultimately made. The Sunbelt 'NT System Admin Issues' forum has been a great help, dating back to April, more specifically… 4/01/2010 Subject: Enterprise Anti-Virus, [email protected] 4/21/2010 Subject: Sophos vs. Vipre Enterprise, [email protected] 5/06/2010 Subject: NOD32 Antivirus, [email protected] 5/09/2010 Subject: Life just keeps getting better...., [email protected] 7/29/2010 Subject: Vipre effectiveness & false positives, [email protected] 1) Installation / Deployment Server installs both went smooth. In deployment Sophos had few if any issues. Viper deployment to server required countless exclusions (painfully so)… in fact when our server crashed, we were told that a few exclusions were missing (Agh!). Viper deployment to host on two systems came with MANY surprises. The Vipre agent loaded a “NDIS IM” element in the TCPIP stack, causing CISCO (IPSec) clients to connect… oddly not allowing us to remote TS, Dameware, and other remote applications. SonicWall VPN clients remained unaffected. Vipre even caused slowness, freezing during printing, multi-tasking, and issues with Adobe Acrobat. Some of these issues we just gave up on attempting to resolve and disabled the firewall entirely. When a MSP firm cannot remote access…this is serious!! We couldn’t get support soon enough… and unfortunately cases remain open 4-5 days after the fact. Vipre left our accounting department, using a PSA software (ConnectWise), locked out for an entire day. 2) Post Installation Sophos agent with firewall was documented as utilizing up to 150+ MB of RAM (enormous)… we were told, “…the price you pay for good protection”. We were not comforted, despite this fact the users never complained about slower speeds. Vipre utilized a fraction of this, maybe 7 MB… albeit given the deployment issues (above) we remain unimpressed by any benefit there might be. Sophos comes along with definitions updated hourly, Vipre (so we are told) is heading in this direction too. Vipre currently is defaulted to update every 3-hours, and that default can be changed (…the value??). 3) 24-hour Enterprise support Vipre Enterprise technicians we found were skilled, sadly they are scantily available on weekend (evenings). Sophos Endpoint Security we found were equally skilled and *always* available. Despite not having a “Premium” support agreement, we found Sophos enthusiastic when it came to remote access (LogMeIn). If (in the rare occasion) Vipre was asked to remote, remote was either unavailable or they were flat out reluctant. Vipre on several occasions seemed overwhelmed… Sophos *never* gave us that feeling. 4) Additional Items Sophos PureMessaging (SPAM filter) catches SPAM well (notice we didn’t say unsolicited advertisements). If you differentiate (most do) between the two you will NOT enjoy PureMessaging. Additionally with PureMessaging each account receives email called “spam digest”, there are options to either Delete or Deliver. In either event chosen, this is a singular event… it does NOT automatically allow or block these addresses on a going forward basis. It’s impossible meeting the demands of users wanting NOT to receive Golf Digest solicitations, eBay, Amazon, LL Bean, Victoria Secrets (no joke!), all that legitimate stuff that gets overwhelming. Ah… then there’s Vipre Email Security!!! If *anything* unwanted makes it to the Inbox (a rare occasion), the individual users can manage without support. More systems like this create nearly passive income for us. Vipre has agent (not definition) updates. These agent updates require reboots… can you imagine 200 users rebooting their workstations for updates?? We cannot, and furthermore in the 6 long weeks we have been in proof-of-concept, Sophos has never needed an agent reboot… not even following deployment (Nice!) We invite your comments and encourage you to make the same comparisons and let us know your results. If we are wrong on any account… or seem less than objective, please let us know. We are expecting this thread will live for quite awhile… and Alex will have a lot to say. Turning down Vipre Enterprise (Sunbelt Software) hurts, especially understanding the culture of the company… the best of the best, “the American way”, etc. I personally wanted to see Vipre getting our stamp of approval…sadly I didn’t get my way this time. –Jeff Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
