Wednesday, July 25, 2012

Is There an Antivirus That Doesn't Suck?

Ok, let me qualify my question...  an enterprise antivirus that's easy to administer from a central point, doesn't require ridiculous amounts of rebooting or research, accurately detects machines across the enterprise, can push the install reliably, and doesn't take up every last resource being the end-all of multitasking be-all antivirus/antimalware apps?

My experience would suggest there is not.

When I arrived in the Twilight Zone, no one had any idea about antivirus.  There were a few rogue installs, probably not legitimate.  I got to work making sure every desktop had antivirus.  Back then, you had to update it yourself weekly (this was McAfee).  As usual, the human element screwed everything up and in spite of weekly reminders, people didn't update their clients.

Then we switched to Norton.  Symantec is the biggest nightmare I have ever experienced.  Whether it's antivirus, backup, or whatever else, Symantec will screw it up.  When the client became so bloated it would no longer perform efficiently, we switched.  Or rather, we tried.  Uninstalling NAV/SAV was so convoluted a process that sometimes we could have saved time re-imaging the machine.  Symantec had instructions to accomplish this task, and when I say instructions, I mean twelve different sets of instructions on twelve different web pages, none the same set.  I'll hazard a guess that even Symantec can't uninstall their own products.

We messed around with other products until we found Kaspersky.  The price was right, the client wasn't bloated, and the admin console was full-featured.  Ironically, when you called tech support for Symantec, you got India.  When you called Kaspersky, the Russian company, you got a Boston accent.  At its worst, a Boston accent still trumps an India accent (to our American ears, anyway).

Kaspersky has this great concept by which you can deploy an entire installation to a pc remotely.  Furthermore, it could remove other antiviruses.  Reality, on the other hand, was something entirely different.  It could not remove lint from a desktop.  And the install package blue screened almost every pc to which we deployed it.

Aside from that, it was ok.

Regardless of Bostonian accents, we were unable to get the install package working correctly.  We discovered that you had to deploy the Network Agent first (reboot), then the client (reboot).   After doubling our work, it only blue screened a few pc's, which was livable.

After somehow managing to get Kaspersky deployed across the enterprise, the admin console became unresponsive.  We had to develop tricks to keep it moving, eventually requiring a rebuild (HINT: use external SQL instance).

Mind you, this entire post deals exclusively with administration... I don't have a thing to say about the desktop clients.

Another reason I like Kaspersky is for the mispronunciations.  We've heard `Kaprinsky' and `Kasper Sky'.

Unfortunately the recent price increase started to put Kaspersky out of our reach.   I have been using Trend on our servers in order to have something additional but that also went through the roof.  After shopping around some more, we shook our heads sadly and decided we had no choice but to continue with Kaspersky.

After paying up, I started our wide-installation/update process.  And discovered that the `new' Kaspersky console sucked just as badly as the old one.  It only looked a little different.  The pc discovery function wasn't entirely useful, in that it kept pulling up old entries and failing for various reasons on install.  I also had to locate the new versions of installs, which don't seem to match the consumer varieties.

I've had it.  This is barely one step above going to every desk in the company and installing/upgrading manually.

If you've had positive experiences in the enterprise (and you haven't), please let me know.

As far as viruses, I haven't had one; either on the Windows machine or the linux machines.  I am completely protected on Windows but I surf very safely.

No comments:

Post a Comment