Am really interested in what you would recommend. So please what should we do?
I have for years used Norton and still have a valid subscription. But as I said in my post, I have two PCs I help keep up to date, both have Norton installed on them and both also have available Windows Defender. On the one machine the owner runs Norton with Defender disabled. On the other Defender runs with Norton disabled.
Once a month I update software on these machines and I run a full scan. I then swop over Defender and Norton and run another full scan. The results are the same on both machines Defender and Norton pick up exactly the same problems if there are any.
I am keen to know what to do in 4 month time about renewing the Norton subscription. At the moment, There is no evidence to suggest that it is nec at all, and that Defender is "okay".
SophosXG is a gateway server I currently use, and you can stay in their product range for the rest of the end point devices . They have a comprehensive suite, but definitly XG as your gateway, and I would go Bitdefender (paid edition) For PC`s, the phone AV is still kinda a much of a much. If you want uniformity, Sophos range is good, or bitdefender. I like sophos for its firewall. Its what I use, it lets me to do packet inspection on the fly. Kerio, a big industry infosec player use Sophos filter rules for their firewall and I have a ton of respect for Kerio (these are all stand alone firewalls, ie appliance, not software installs for your PC). However, Im thinking of trying bitdefender box with bit defender, as bitdefender is just an awesome antivirus.
Its one of three or 4 that would have detected the attack type I show in the video as it warns the target if they are being arp poisoned.
Im not all that sold on Sophos AV, its not as good as bitdefender AV, but it really really fits in nicely as a uniformed system. So when you need to manage lots of networks with many remote sites, it rocks.
The best performing AV is TrendMicro. It is more secure than Bitdefender or Sophos, but for me, crosses the security vs functionality trade off and its a little too strict. Great for locking down employees though.
Notable exclusions:
Kaspersky. Good antivirus, but unless you believe Putin has your best interests at heart... there may be trust issues.
ESET: I dunno, it used to be awesome, but lately I have noticed it can sometimes score really high, and sometimes score pretty average. Its up and down... The paid version can also detect arp poisoning. I dunno, I just lost my buzz for it. I am currently underwhelmed. Nothing really critical on it, but nothing I can honestly say "its awesome" about.
AVG: Most payload generators come with AVG avoidance methods as its so common.
Panda: Its chinese, by default I avoid.
Avira: Solid, free version cant detect arp poison, never tried the paid version