RE: Antivirus

["Jason Bethune" <jbethune () town kentville ns ca>]

Hey Steve,

I have read the support article on doscan.exe causing high cpu problems. I
curious to know if that would cause a problem in my environment where we
have no dos based applications. Is the doscan.exe installed by default? We
run basically 4 servers SBS 2003, Windows Server 2000, Windows Server Web
and Windows Server 2000 for GIS Applications. All of my clients are XP Pro
with full updates using SUS. Thanks for the heads up on the SAV CE 10.0 roll
out you did...im still trying to figure out the best route for our small
government office to take on this.

Jason Bethune

IT Specialist
Town of Kentville
354 Main Street
Kentville, NS 
B4N 1K6

www.town.kentville.ns.ca


-----Original Message-----
From: Steve Kirk [mailto:kirk () concernd com] 
Sent: Wednesday, August 10, 2005 3:07 PM
To: Jason Bethune
Subject: Re: [Full-disclosure] Antivirus

Hi Jason,

This last spring I was put in the position of deploying SAV CEv10.0 for 
my company - about 150 clients/servers.  Almost immediately it started 
causing problems.  I work for a video game developer for Playstation2 
games, and (sadly) a lot of the tools for PS2 are DOS-based (they're not 
Win32 apps).

First off there's an "issue" with 10.0 where doscan.exe causes high CPU 
usage - dragging the machine to a halt.  SAV does a "quick scan" (and I 
use the term loosely) on boot.  We've put in a regkey fix to remove the 
boot scan. 

They added "tamper protection" with a lot of our tools seem to trigger.  
We've had to disable that.

And generally has been responsbile for a LOT of performance problems.  
We're using high-end x86 dual-Xeon workstations, too - so it's not like 
we're under-powered.

Needless to say I'm currently doing a hefty performance analysis of 
other anti-virus solutions so I can find something "nicer" towards our 
environment.

HTH,
Steve



Jason Bethune wrote:

> I only use Terminal Services in admin mode for my servers from home. I know
> my current NAV doesn't like TS at all. I am a bit sick of Norton (Symantec)
> and how much resources it take sup on the computers which the client is
> installed.
>
> Jason Bethune
>
> IT Specialist
> Town of Kentville
> 354 Main Street
> Kentville, NS 
> B4N 1K6
>
> www.town.kentville.ns.ca
>
> -----Original Message-----
> From: Steve Friedl [mailto:steve () unixwiz net] 
> Sent: Wednesday, August 10, 2005 1:23 PM
> To: Jason Bethune
> Subject: Re: [Full-disclosure] Antivirus
>
> On Wed, Aug 10, 2005 at 01:20:31PM -0300, Jason Bethune wrote:
>  
>
> > I know this is not really the place to ask this question but I need some
> > professional advice and well you guys know a lot. I need to get rid of our
> > current Antivirus solution in the small 20+ user network we have running
> >    
> on
>  
>
> > SBS 2003. Currently running NAV 7.6 Corporate Edition. Any opinions on the
> > new version of Norton 10.0? Should I look at Trend Micro? Both seem to
> > priced about the same for Canadian customers. I hope this is not too way
> >    
> off
>  
>
> > topic but I don't post here very often. If you can give me some advice
> >    
> that
>  
>
> > would be greatly appreciated.
> >    
>
> One tidbit: if you use RAdmin (remote administration software), Symantec
> 10. corporate sees it as a threat, and there's not any really good way
> to centrally deal with this. It's been a terrible mess.
>
> Steve
>
>  

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/