Re: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

2017-09-14 Thread Sean Chapman 
I have no issues with Kaspersky and would have no problem keeping it in my 
environment.

That said, I currently use Webroot in ours, which is about 1k users with some 
laptops around the country and world like yours and its ok.  I dont like the 
management of it and its a little buggy at times but I cant argue with MDR.

What im going to be implementing is Carbon Black defense.  Combining AV with 
EDR is really cool and the streaming tech they have to catch non-malware 
breaches is pretty cool.



From: listsad...@lists.myitforum.com  on behalf 
of Michael Leone 
Sent: Thursday, September 14, 2017 11:31 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

We use Kaspersky for our AV needs, and to be honest, it's worked out
well for us. It's certainly caught things that McAfee, our previous AV
solution, didn't. However, they have this slight problem with being a
covert arm of the Russian government, apparently ..

So we need to drop them, as the federal agencies are doing.

There are lots of reviews, such as av-test.org, that we are looking
at. But tell me, who do you have? And - more importantly - if you had
your say in the matter, would you keep them?

We're an sort of enterprise level organization, maybe 1K users, bunch
of laptops issued to remote users. So far, all Win 7 for workstations,
but obviously that will change in the future. Servers are all Win
2008/2012 R2 (so far). So we need something with a centralized
console, to push out rules, updates, etc.

We use Proofpoint as an email gateway, so it does mail scanning. We
have Checkpoint firewalls for managing that sort of traffic.

Thoughts?  I know I've heard good things about ESET and Sophos, among
others. Just soliciting some real world opinions, along with our own
research.










The information contained in this communication and all accompanying documents 
from Coilcraft may be confidential and/or legally privileged, and is intended 
only for the use of the recipient(s) named above. If you are not the intended 
recipient you are hereby notified that any review, disclosure, copying, 
distribution or the taking of any action in reliance on the contents of this 
transmitted information is strictly prohibited. If you have received this 
communication in error, please return it to the sender immediately and destroy 
the original message or accompanying materials and any copy thereof. If you 
have any questions concerning this message, please contact the sender.

RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

2017-09-14 Thread Webster 
That's because no one has figured how to say "I love you" in Russian. 


Webster

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael B. Smith
Sent: Thursday, September 14, 2017 1:35 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

But he doesn't say anything is wrong.

It's just another step in the increasing tension between Russia and the USA as 
far as I can see.

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kennedy, Jim
Sent: Thursday, September 14, 2017 2:26 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

Looks like the WH's cybersecurity dude announced it.

http://www.businessinsider.com/kaspersky-is-being-banned-across-the-us-government-by-trump-2017-9


-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael B. Smith
Sent: Thursday, September 14, 2017 2:18 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

As I've recommended Kaspersky for about a decade now, I'm interested in knowing 
your source. :-)

I know that the USA is less and less happy with Russia... But I've not found 
anything that even seems official...

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael Leone
Sent: Thursday, September 14, 2017 12:32 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

We use Kaspersky for our AV needs, and to be honest, it's worked out well for 
us. It's certainly caught things that McAfee, our previous AV solution, didn't. 
However, they have this slight problem with being a covert arm of the Russian 
government, apparently ..

So we need to drop them, as the federal agencies are doing.

There are lots of reviews, such as av-test.org, that we are looking at. But 
tell me, who do you have? And - more importantly - if you had your say in the 
matter, would you keep them?

We're an sort of enterprise level organization, maybe 1K users, bunch of 
laptops issued to remote users. So far, all Win 7 for workstations, but 
obviously that will change in the future. Servers are all Win
2008/2012 R2 (so far). So we need something with a centralized console, to push 
out rules, updates, etc.

We use Proofpoint as an email gateway, so it does mail scanning. We have 
Checkpoint firewalls for managing that sort of traffic.

Thoughts?  I know I've heard good things about ESET and Sophos, among others. 
Just soliciting some real world opinions, along with our own research.

RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

2017-09-14 Thread Kennedy, Jim 
Ohoh.

Yea, I totally agree with that. The concern seems to be 'a relationship between 
Kaspersky and the Russia Gov.'.

The same of which could be said of many US Tech firms.

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael B. Smith
Sent: Thursday, September 14, 2017 2:35 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

But he doesn't say anything is wrong.

It's just another step in the increasing tension between Russia and the USA as 
far as I can see.

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kennedy, Jim
Sent: Thursday, September 14, 2017 2:26 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

Looks like the WH's cybersecurity dude announced it.

http://www.businessinsider.com/kaspersky-is-being-banned-across-the-us-government-by-trump-2017-9


-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael B. Smith
Sent: Thursday, September 14, 2017 2:18 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

As I've recommended Kaspersky for about a decade now, I'm interested in knowing 
your source. :-)

I know that the USA is less and less happy with Russia... But I've not found 
anything that even seems official...

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael Leone
Sent: Thursday, September 14, 2017 12:32 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

We use Kaspersky for our AV needs, and to be honest, it's worked out well for 
us. It's certainly caught things that McAfee, our previous AV solution, didn't. 
However, they have this slight problem with being a covert arm of the Russian 
government, apparently ..

So we need to drop them, as the federal agencies are doing.

There are lots of reviews, such as av-test.org, that we are looking at. But 
tell me, who do you have? And - more importantly - if you had your say in the 
matter, would you keep them?

We're an sort of enterprise level organization, maybe 1K users, bunch of 
laptops issued to remote users. So far, all Win 7 for workstations, but 
obviously that will change in the future. Servers are all Win
2008/2012 R2 (so far). So we need something with a centralized console, to push 
out rules, updates, etc.

We use Proofpoint as an email gateway, so it does mail scanning. We have 
Checkpoint firewalls for managing that sort of traffic.

Thoughts?  I know I've heard good things about ESET and Sophos, among others. 
Just soliciting some real world opinions, along with our own research.

RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

2017-09-14 Thread Michael B. Smith 
So we are taking a page from the Russian playbook. As Eugene Kaspersky tweeted 
in response to the DHS directive. “I guess this explains it all “Guilty ‘til 
proven innocent, jailed ‘til you clear your name” Welcome to 21st century.”
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of D R
Sent: Thursday, September 14, 2017 2:30 PM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

http://www.foxnews.com/tech/2017/09/14/dhs-vs-kaspersky-lab-why-us-government-is-ditching-russian-software-giant.html

On Thu, Sep 14, 2017 at 1:18 PM, Michael B. Smith 
> wrote:
As I've recommended Kaspersky for about a decade now, I'm interested in knowing 
your source. :-)

I know that the USA is less and less happy with Russia... But I've not found 
anything that even seems official...

-Original Message-
From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] 
On Behalf Of Michael Leone
Sent: Thursday, September 14, 2017 12:32 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

We use Kaspersky for our AV needs, and to be honest, it's worked out well for 
us. It's certainly caught things that McAfee, our previous AV solution, didn't. 
However, they have this slight problem with being a covert arm of the Russian 
government, apparently ..

So we need to drop them, as the federal agencies are doing.

There are lots of reviews, such as av-test.org, that we are 
looking at. But tell me, who do you have? And - more importantly - if you had 
your say in the matter, would you keep them?

We're an sort of enterprise level organization, maybe 1K users, bunch of 
laptops issued to remote users. So far, all Win 7 for workstations, but 
obviously that will change in the future. Servers are all Win
2008/2012 R2 (so far). So we need something with a centralized console, to push 
out rules, updates, etc.

We use Proofpoint as an email gateway, so it does mail scanning. We have 
Checkpoint firewalls for managing that sort of traffic.

Thoughts?  I know I've heard good things about ESET and Sophos, among others. 
Just soliciting some real world opinions, along with our own research.




--
Daniel Rodriguez
drod...@gmail.com

RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

2017-09-14 Thread Michael B. Smith 
But he doesn't say anything is wrong.

It's just another step in the increasing tension between Russia and the USA as 
far as I can see.

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kennedy, Jim
Sent: Thursday, September 14, 2017 2:26 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

Looks like the WH's cybersecurity dude announced it.

http://www.businessinsider.com/kaspersky-is-being-banned-across-the-us-government-by-trump-2017-9


-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael B. Smith
Sent: Thursday, September 14, 2017 2:18 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

As I've recommended Kaspersky for about a decade now, I'm interested in knowing 
your source. :-)

I know that the USA is less and less happy with Russia... But I've not found 
anything that even seems official...

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael Leone
Sent: Thursday, September 14, 2017 12:32 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

We use Kaspersky for our AV needs, and to be honest, it's worked out well for 
us. It's certainly caught things that McAfee, our previous AV solution, didn't. 
However, they have this slight problem with being a covert arm of the Russian 
government, apparently ..

So we need to drop them, as the federal agencies are doing.

There are lots of reviews, such as av-test.org, that we are looking at. But 
tell me, who do you have? And - more importantly - if you had your say in the 
matter, would you keep them?

We're an sort of enterprise level organization, maybe 1K users, bunch of 
laptops issued to remote users. So far, all Win 7 for workstations, but 
obviously that will change in the future. Servers are all Win
2008/2012 R2 (so far). So we need something with a centralized console, to push 
out rules, updates, etc.

We use Proofpoint as an email gateway, so it does mail scanning. We have 
Checkpoint firewalls for managing that sort of traffic.

Thoughts?  I know I've heard good things about ESET and Sophos, among others. 
Just soliciting some real world opinions, along with our own research.

Re: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

2017-09-14 Thread Kurt Buff 
I believe that's a political decision, not backed by any technical detail.

Kurt

On Thu, Sep 14, 2017 at 11:26 AM, Kennedy, Jim
 wrote:
> Looks like the WH's cybersecurity dude announced it.
>
> http://www.businessinsider.com/kaspersky-is-being-banned-across-the-us-government-by-trump-2017-9
>
>
> -Original Message-
> From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] 
> On Behalf Of Michael B. Smith
> Sent: Thursday, September 14, 2017 2:18 PM
> To: ntsysadm@lists.myitforum.com
> Subject: RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?
>
> As I've recommended Kaspersky for about a decade now, I'm interested in 
> knowing your source. :-)
>
> I know that the USA is less and less happy with Russia... But I've not found 
> anything that even seems official...
>
> -Original Message-
> From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] 
> On Behalf Of Michael Leone
> Sent: Thursday, September 14, 2017 12:32 PM
> To: ntsysadm@lists.myitforum.com
> Subject: [NTSysADM] Dropping Kaspersky Av, who to replace it with?
>
> We use Kaspersky for our AV needs, and to be honest, it's worked out well for 
> us. It's certainly caught things that McAfee, our previous AV solution, 
> didn't. However, they have this slight problem with being a covert arm of the 
> Russian government, apparently ..
>
> So we need to drop them, as the federal agencies are doing.
>
> There are lots of reviews, such as av-test.org, that we are looking at. But 
> tell me, who do you have? And - more importantly - if you had your say in the 
> matter, would you keep them?
>
> We're an sort of enterprise level organization, maybe 1K users, bunch of 
> laptops issued to remote users. So far, all Win 7 for workstations, but 
> obviously that will change in the future. Servers are all Win
> 2008/2012 R2 (so far). So we need something with a centralized console, to 
> push out rules, updates, etc.
>
> We use Proofpoint as an email gateway, so it does mail scanning. We have 
> Checkpoint firewalls for managing that sort of traffic.
>
> Thoughts?  I know I've heard good things about ESET and Sophos, among others. 
> Just soliciting some real world opinions, along with our own research.
>
>

RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

2017-09-14 Thread Kennedy, Jim 
Here we go, DHS announcement.

https://www.dhs.gov/news/2017/09/13/dhs-statement-issuance-binding-operational-directive-17-01


-Original Message-
From: Kennedy, Jim 
Sent: Thursday, September 14, 2017 2:26 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

Looks like the WH's cybersecurity dude announced it.

http://www.businessinsider.com/kaspersky-is-being-banned-across-the-us-government-by-trump-2017-9


-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael B. Smith
Sent: Thursday, September 14, 2017 2:18 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

As I've recommended Kaspersky for about a decade now, I'm interested in knowing 
your source. :-)

I know that the USA is less and less happy with Russia... But I've not found 
anything that even seems official...

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael Leone
Sent: Thursday, September 14, 2017 12:32 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

We use Kaspersky for our AV needs, and to be honest, it's worked out well for 
us. It's certainly caught things that McAfee, our previous AV solution, didn't. 
However, they have this slight problem with being a covert arm of the Russian 
government, apparently ..

So we need to drop them, as the federal agencies are doing.

There are lots of reviews, such as av-test.org, that we are looking at. But 
tell me, who do you have? And - more importantly - if you had your say in the 
matter, would you keep them?

We're an sort of enterprise level organization, maybe 1K users, bunch of 
laptops issued to remote users. So far, all Win 7 for workstations, but 
obviously that will change in the future. Servers are all Win
2008/2012 R2 (so far). So we need something with a centralized console, to push 
out rules, updates, etc.

We use Proofpoint as an email gateway, so it does mail scanning. We have 
Checkpoint firewalls for managing that sort of traffic.

Thoughts?  I know I've heard good things about ESET and Sophos, among others. 
Just soliciting some real world opinions, along with our own research.

RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

2017-09-14 Thread Kennedy, Jim 
Looks like the WH's cybersecurity dude announced it.

http://www.businessinsider.com/kaspersky-is-being-banned-across-the-us-government-by-trump-2017-9


-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael B. Smith
Sent: Thursday, September 14, 2017 2:18 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

As I've recommended Kaspersky for about a decade now, I'm interested in knowing 
your source. :-)

I know that the USA is less and less happy with Russia... But I've not found 
anything that even seems official...

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael Leone
Sent: Thursday, September 14, 2017 12:32 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

We use Kaspersky for our AV needs, and to be honest, it's worked out well for 
us. It's certainly caught things that McAfee, our previous AV solution, didn't. 
However, they have this slight problem with being a covert arm of the Russian 
government, apparently ..

So we need to drop them, as the federal agencies are doing.

There are lots of reviews, such as av-test.org, that we are looking at. But 
tell me, who do you have? And - more importantly - if you had your say in the 
matter, would you keep them?

We're an sort of enterprise level organization, maybe 1K users, bunch of 
laptops issued to remote users. So far, all Win 7 for workstations, but 
obviously that will change in the future. Servers are all Win
2008/2012 R2 (so far). So we need something with a centralized console, to push 
out rules, updates, etc.

We use Proofpoint as an email gateway, so it does mail scanning. We have 
Checkpoint firewalls for managing that sort of traffic.

Thoughts?  I know I've heard good things about ESET and Sophos, among others. 
Just soliciting some real world opinions, along with our own research.

RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

2017-09-14 Thread Jon Harris 
Years ago I stopped using Symantec and MacAfee because both were resource hogs, 
missed stuff, and put all kind of shims into the OS making it a rebuild every 
time I had to upgrade them.  Both were pains.  I was happier with ESET but cost 
got too high for management and they wanted to go back to either Symantec or 
MacAfee.  Glad my new job does not require I have to deal with this stuff 
anymore.

Jon

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Gantry Zettler
Sent: Thursday, September 14, 2017 1:34 PM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

Yep they all suck and they will all disappoint you.  I use Symantec Cloud 
because it's cheap and stays out of the way, catches the random thing but 
nothing to write home about.  


Sophos' Intercept anti-Ransomware tech seems interesting, have a client using 
it but haven't gone in depth.  


On Thu, Sep 14, 2017 at 11:43 AM, James Rankin  wrote:


Just playing devil's advocate here - are you required by regulation to 
actually use AV?

Because I think it's had its day. App management and other tech are 
arguably so much better, and have much less of a resource footprint.


-Original Message-
From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com  
] On Behalf Of Michael Leone
Sent: 14 September 2017 17:32
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

We use Kaspersky for our AV needs, and to be honest, it's worked out 
well for us. It's certainly caught things that McAfee, our previous AV 
solution, didn't. However, they have this slight problem with being a covert 
arm of the Russian government, apparently ..

So we need to drop them, as the federal agencies are doing.

There are lots of reviews, such as av-test.org, that we are looking at. 
But tell me, who do you have? And - more importantly - if you had your say in 
the matter, would you keep them?

We're an sort of enterprise level organization, maybe 1K users, bunch 
of laptops issued to remote users. So far, all Win 7 for workstations, but 
obviously that will change in the future. Servers are all Win
2008/2012 R2 (so far). So we need something with a centralized console, 
to push out rules, updates, etc.

We use Proofpoint as an email gateway, so it does mail scanning. We 
have Checkpoint firewalls for managing that sort of traffic.

Thoughts?  I know I've heard good things about ESET and Sophos, among 
others. Just soliciting some real world opinions, along with our own research.

RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

2017-09-14 Thread Michael B. Smith 
As I've recommended Kaspersky for about a decade now, I'm interested in knowing 
your source. :-)

I know that the USA is less and less happy with Russia... But I've not found 
anything that even seems official...

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael Leone
Sent: Thursday, September 14, 2017 12:32 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

We use Kaspersky for our AV needs, and to be honest, it's worked out well for 
us. It's certainly caught things that McAfee, our previous AV solution, didn't. 
However, they have this slight problem with being a covert arm of the Russian 
government, apparently ..

So we need to drop them, as the federal agencies are doing.

There are lots of reviews, such as av-test.org, that we are looking at. But 
tell me, who do you have? And - more importantly - if you had your say in the 
matter, would you keep them?

We're an sort of enterprise level organization, maybe 1K users, bunch of 
laptops issued to remote users. So far, all Win 7 for workstations, but 
obviously that will change in the future. Servers are all Win
2008/2012 R2 (so far). So we need something with a centralized console, to push 
out rules, updates, etc.

We use Proofpoint as an email gateway, so it does mail scanning. We have 
Checkpoint firewalls for managing that sort of traffic.

Thoughts?  I know I've heard good things about ESET and Sophos, among others. 
Just soliciting some real world opinions, along with our own research.

Re: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

2017-09-14 Thread Gantry Zettler 
Yep they all suck and they will all disappoint you.  I use Symantec Cloud
because it's cheap and stays out of the way, catches the random thing but
nothing to write home about.

Sophos' Intercept anti-Ransomware tech seems interesting, have a client
using it but haven't gone in depth.

On Thu, Sep 14, 2017 at 11:43 AM, James Rankin  wrote:

> Just playing devil's advocate here - are you required by regulation to
> actually use AV?
>
> Because I think it's had its day. App management and other tech are
> arguably so much better, and have much less of a resource footprint.
>
> -Original Message-
> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.
> myitforum.com] On Behalf Of Michael Leone
> Sent: 14 September 2017 17:32
> To: ntsysadm@lists.myitforum.com
> Subject: [NTSysADM] Dropping Kaspersky Av, who to replace it with?
>
> We use Kaspersky for our AV needs, and to be honest, it's worked out well
> for us. It's certainly caught things that McAfee, our previous AV solution,
> didn't. However, they have this slight problem with being a covert arm of
> the Russian government, apparently ..
>
> So we need to drop them, as the federal agencies are doing.
>
> There are lots of reviews, such as av-test.org, that we are looking at.
> But tell me, who do you have? And - more importantly - if you had your say
> in the matter, would you keep them?
>
> We're an sort of enterprise level organization, maybe 1K users, bunch of
> laptops issued to remote users. So far, all Win 7 for workstations, but
> obviously that will change in the future. Servers are all Win
> 2008/2012 R2 (so far). So we need something with a centralized console, to
> push out rules, updates, etc.
>
> We use Proofpoint as an email gateway, so it does mail scanning. We have
> Checkpoint firewalls for managing that sort of traffic.
>
> Thoughts?  I know I've heard good things about ESET and Sophos, among
> others. Just soliciting some real world opinions, along with our own
> research.
>
>
>

RE: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

2017-09-14 Thread James Rankin 
Just playing devil's advocate here - are you required by regulation to actually 
use AV?

Because I think it's had its day. App management and other tech are arguably so 
much better, and have much less of a resource footprint.

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael Leone
Sent: 14 September 2017 17:32
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Dropping Kaspersky Av, who to replace it with?

We use Kaspersky for our AV needs, and to be honest, it's worked out well for 
us. It's certainly caught things that McAfee, our previous AV solution, didn't. 
However, they have this slight problem with being a covert arm of the Russian 
government, apparently ..

So we need to drop them, as the federal agencies are doing.

There are lots of reviews, such as av-test.org, that we are looking at. But 
tell me, who do you have? And - more importantly - if you had your say in the 
matter, would you keep them?

We're an sort of enterprise level organization, maybe 1K users, bunch of 
laptops issued to remote users. So far, all Win 7 for workstations, but 
obviously that will change in the future. Servers are all Win
2008/2012 R2 (so far). So we need something with a centralized console, to push 
out rules, updates, etc.

We use Proofpoint as an email gateway, so it does mail scanning. We have 
Checkpoint firewalls for managing that sort of traffic.

Thoughts?  I know I've heard good things about ESET and Sophos, among others. 
Just soliciting some real world opinions, along with our own research.

[NTSysADM] Dropping Kaspersky Av, who to replace it with?

2017-09-14 Thread Michael Leone 
We use Kaspersky for our AV needs, and to be honest, it's worked out
well for us. It's certainly caught things that McAfee, our previous AV
solution, didn't. However, they have this slight problem with being a
covert arm of the Russian government, apparently ..

So we need to drop them, as the federal agencies are doing.

There are lots of reviews, such as av-test.org, that we are looking
at. But tell me, who do you have? And - more importantly - if you had
your say in the matter, would you keep them?

We're an sort of enterprise level organization, maybe 1K users, bunch
of laptops issued to remote users. So far, all Win 7 for workstations,
but obviously that will change in the future. Servers are all Win
2008/2012 R2 (so far). So we need something with a centralized
console, to push out rules, updates, etc.

We use Proofpoint as an email gateway, so it does mail scanning. We
have Checkpoint firewalls for managing that sort of traffic.

Thoughts?  I know I've heard good things about ESET and Sophos, among
others. Just soliciting some real world opinions, along with our own
research.

Re: [NTSysADM] Is there a reason not to have file shares in a drives root folder

2017-09-14 Thread Graeme Carstairs 
Thanks guys makes sense

Cheers

Graeme

On Wed, 13 Sep 2017 at 00:23, Kurt Buff  wrote:

> +1
> - create a directory at the root, and share that, not the root.
> - Remove the NTFS permissions for Users from the root, and assign it to
> the directory, with Read-Only (this folder only)
>
> It solves a lot of problems.
>
> Kurt
>
>
>
> On Tue, Sep 12, 2017 at 3:10 AM, Melvin Backus 
> wrote:
>
>> Not putting them in the root avoids the need to modify the base NTFS
>> permissions on every new share you create.  While defaults used to allow
>> r/w access for everyone, now the default is r/o for everyone. By pushing
>> down a level you can change it once and all new shares can inherit the new
>> setting.  I create a Shares folder for that purpose. No clue why going
>> down 2 levels though. I get the path length part, but our users wind up
>> exceeding that so often I’ve just come to accept it.  Move a 200
>> character path down the tree 8 levels to another 200 character path and
>> what do you get?  A mess. J
>>
>>
>>
>>
>>
>>
>>
>> --
>> There are 10 kinds of people in the world...
>>  those who understand binary and those who don't.
>>
>>
>>
>> *From:* listsad...@lists.myitforum.com [mailto:
>> listsad...@lists.myitforum.com] *On Behalf Of *Graeme Carstairs
>> *Sent:* Tuesday, September 12, 2017 5:10 AM
>> *To:* ntsysadm@lists.myitforum.com
>> *Subject:* [NTSysADM] Is there a reason not to have file shares in a
>> drives root folder
>>
>>
>>
>> Recently came across some filservers that were setup as
>>
>>
>>
>> F:\1\2\fileshares
>>
>>
>>
>> When asked why they relied that they had an ms consultant who recommended
>> this as file share share should not be in the root folder and that 3rd
>> level folder was the reccomended place for them
>>
>>
>>
>> They can't remember his reasoning
>>
>>
>>
>> But the 1 and 2 was to keep the path small so not to run into path length
>> issues
>>
>>
>>
>> Does anyone know why this would be recommended ?
>>
>>
>>
>> Tia
>>
>> Graeme
>>
>> --
>>
>> Graeme Carstairs
>>
>>
>>
>> e-mail :- loonyto...@gmail.com
>>
>
> --
Graeme Carstairs

e-mail :- loonyto...@gmail.com