August 25

Your chance to help! Which AV Vendor do you use, and why?

From a fellow catalyst, Eric:

“I make the technology decisions at a small CPA firm, and our Symantec subscriptions are up in a week. I have been researching antivirus software for too long and just keep going in circles. I cannot distinguish between different antivirus software vendors because of either their marketing hype, inconsistent reviews, FUD, etc. I have reviewed them all myself, and have used a handful of them in the past years. Is there really a quantifiable difference or is it just opinions?

I feel there is too much subjective information out there to base a good decision out of. Since I do not have a
robust antivirus testing lab myself, it makes this decision very tough. With firewalls, I can test them with an arsenal of tools freely available but antivirus if different. I have been researching network and internet security extensively this summer and played with Linux some. In doing so, the knowledge I have gained makes me suspicious of antivirus companies. For
example, Symantec Internet Security Suite requires you to run as admin. I have tried various workarounds, talked to support, but not successful. You must run as admin. They want you to not practice computer security basics
that would decrease the attack vector in the first place, and rely on their security software blindly and pay them a fee.

What are your thoughts on this, and if you could your antivirus suggestions.

I see a lot of products realying heavily on signiture based defense, which has its strengths and weaknesses.  The more I research into host based intrustion detection, I like the idea of behavior and Knowledge based intrusion detection more and more.  While signiture based detection is always going to be a need, over reliance on that I think is a weakness.  The
problem I have come across is that any products that get into the host based type intrustion detection are weaker in the signiture based area.  For example, Zone Labs security suite has a good OS firewall (behavior based), but a watered down antivirus scanner.

At the moment I am leaning more towards either Zone Alarm Security Suite, or Kerio and NOD32.”

I’m certain some of you are dealing with a comparable issue – and if you’d like, we can even do a podcast episode dedicated to questions to ask you AV vendor to make sure you are making the right choice.

That said – share your ideas, comments and questions either in the comments below (user name registration required) or send me an email to michael.catalyst@securitycatalyst.com with your ideas and insights!

Thanks for helping a fellow catalyst out.


Tags


You may also like

Are you using frameworks properly?

Leadership and communication are actually layers, not levels

  1. Eric,
    Good question. With all of the choices for AV (and other security components), which one do you choose?
    My company (a Fortune 200 Manufacturer) uses Trend Micro OfficeScan with good results. We have it running on all Windows boxes throughout the country with good success. We use both the AV and firewall features.
    You can’t really go wrong using any of the top vendors. They all have their pros & cons; sometimes you just need to go with your gut (or whoever gives you the best price).
    Of course, check-out the trade rags for their opinions. I also use a resource call The Info Pro (http://www.theinfopro.net/). They provide independent ratings of vendors based on surveys and interviews. They have Symantec #1, McAfee #2, & Trend Micro #3.
    Hope this helps.
    RonW

Comments are closed.
{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Subscribe to our newsletter now!