Ditto on the belt and braces approach.
I've had a lot of good experiences with Sunbelt's Vipre product.
extremely easy to deploy and manage in the enterprise.
On 27 October 2010 11:32, Jamie Riden <jamie.riden () gmail com>
On 26 October 2010 19:26, bk <chort0 () gmail com> wrote:
(resending from correct account)
On Oct 26, 2010, at 6:55 AM, Mikhail A. Utin wrote:
We are looking an enterprise level AV-software <snip>. Any
Signature-based AV is a dead technology. Updates don't get
until hours after you're already infected, so all it really ends
up doing is
being a resource-suck on your CPUs and hard-disk access.
My recommendation: Buy whatever has the highest composite
score for ease
of management, limited resource consumption, and affordability.
Anyone who says "get Vendor X" or "get Brand Y" without
telling you what
selection criteria they used is a tool. How do you know if what
important to you was also important to them in making the
If you've got a decent perimeter, it should keep the threats out
some time, but I tend to agree. AV these days is starting to be
about detection than prevention - it will at least highlight
have a problem so you can deal with it. Think of it as part of
intrusion detection if it helps.
Oh, and somewhere I used to work ran two separate AV products on
mail gateway, and then a third on desktops on servers. I suspect
was more about licensing models (couldn't do per-seat for email
had >100k email addresses) than paranoia, but it did help out
considerably to have independent engines.
Jamie Riden / jamie () honeynet org / jamie.riden () gmail com
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you
the machine wrong figures, will the right answers come out?' I am
rightly to apprehend the kind of confusion of ideas that could