Microsoft Forefront your thoughts?

W

Wong

Well-Known Member
Joined
Feb 4, 2009
Messages
278
Reaction score
0
Have you or are you using it? worthwhile getting? any other suggestions for a good AV solution?


Is/are there any AV's products that you can overwrite-reinstall a client defintion without rebooting the pc? that is being deployed remotely :D?
 
Steer clear of Forefront.

I think one of the best managed solutions for larger networks is Sophos. Kaspersky also looks pretty good.
 
Well i use Kaspersky Pure at home on my LAN, and it can control all the PCs from a central PC [including updating, and you can see if any threats are detected on said PCs] .

So far works nicely for me, the firewall is the greatest part of Kaspersky i'd say, linky : http://www.kaspersky.com/pure

Anyway, just a tip: If you do consider buying Kaspersky , don't buy it from their website, buy it from Take2 [the physical disc] . For some reason it's half the price buying the DVD from a retailer than buying it digitally .

Just to illustrate the strange pricing:

On the site linked above : 1 year , 3 licenses = $99 . On Take2 : http://www.take2.co.za/electronics-kaspersky-pure-3-user-dvd-8303740.html = R434 . I can only go "wtf" . The same thing happens if you look at Norton.


EDIT: As for Sophos, we use it at work and i can tell you it's freaking resource hog on my PC and it's not exactly user friendly. I'm sure it's great for an administrator, but for employees with laptops that travel around with their laptops and do more than just reading email on their PCs , you kinda want to have something that the employee can use too [so it doesn't feel like a some corporate enforced thing that but something that actually serves both corporate and employee]
 
Last edited:
Sorry I should have added- small to medium size network

@rainynight65 - why suggest staying clear any reasons?

Kaspersky is anybody using it in a fairly large network ? have you picked up any problems with it?
 
rainynight65 said:
Steer clear of Forefront.

I think one of the best managed solutions for larger networks is Sophos. Kaspersky also looks pretty good.
Click to expand...

Why would you say that?

The top 3 enterprise class AV are Symantec, Sophos, Mcafee. I think Mcafee is the better out of the 3. (All my opinion, also similar in the Gartner Magic Quadrant)

What I have seen from Forefront that some of the others cannot do or cannot do that well:

Can scan using 5 different engines from the big AV companies
Integrates with SCCM, SCOM, Forefront Threat management gateway(ISA with a new name) and I think it has some integration with BitLocker as well.
You also have a single console for all your products. (Exchange/Sharepoint etc.)

I have seen the above in a Demo at an M$ office. Played around with forefront clients security in our lab and it seemed ok, but I think its integration is what sets it a part. (We currently use Symantec)
 
I have been running Sophos for well over a year now and I have never seen it being a resource hog, neither on managed PCs nor on standalone PCs. in fact the footprint is as small as anyhting.

Av0k, I have never worked with the managed solutions from McAfee or Symantec, only with the standalone versions, my last experience with both was a few years back and it wasn't exactly the best one. McAfee was a bad resource hog last time I used it and would sometimes for no reason use up all the CPU power. Symantec, if the comparative tests I read every now and then are anything to go by, is just not up to scratch when it comes to detection and protection. Again, anyone's mileage may vary and I'll gladly stand corrected.

Wong, the main reason for advising you to steer clear of Forefront is, that - unless they have fundamentally changed it - it is a completely sub-par enterprise solution. Managed installation is a lottery, it sometimes works, sometimes doesn't. The same goes for updates. The management solution did not allow for any proactivity, e.g. Sophos sends out mails immediately when it detects a problem on a managed PC - Forefront doesn't (didn't) do that. There is also no way to distribute Forefront over several locations that are connected via VPN and still have it centrally managed. With Sophos every major site of mine has its own update manager, but still I manage everything on one console. Forefront just doesn't have that facility. Sophos has the additional bonus of allowing for application control, blocking of USB devices and a wide range of other policies, though I am sure the other Enterprise solutions have similar facilities. We stopped using Forefront 1 1/2 years ago precisely because it was way too barebones and caused us more problems than it solved.
 
rainynight65 said:
I have been running Sophos for well over a year now and I have never seen it being a resource hog, neither on managed PCs nor on standalone PCs. in fact the footprint is as small as anyhting.

Av0k, I have never worked with the managed solutions from McAfee or Symantec, only with the standalone versions, my last experience with both was a few years back and it wasn't exactly the best one. McAfee was a bad resource hog last time I used it and would sometimes for no reason use up all the CPU power. Symantec, if the comparative tests I read every now and then are anything to go by, is just not up to scratch when it comes to detection and protection. Again, anyone's mileage may vary and I'll gladly stand corrected.

Wong, the main reason for advising you to steer clear of Forefront is, that - unless they have fundamentally changed it - it is a completely sub-par enterprise solution. Managed installation is a lottery, it sometimes works, sometimes doesn't. The same goes for updates. The management solution did not allow for any proactivity, e.g. Sophos sends out mails immediately when it detects a problem on a managed PC - Forefront doesn't (didn't) do that. There is also no way to distribute Forefront over several locations that are connected via VPN and still have it centrally managed. With Sophos every major site of mine has its own update manager, but still I manage everything on one console. Forefront just doesn't have that facility. Sophos has the additional bonus of allowing for application control, blocking of USB devices and a wide range of other policies, though I am sure the other Enterprise solutions have similar facilities. We stopped using Forefront 1 1/2 years ago precisely because it was way too barebones and caused us more problems than it solved.
Click to expand...

Both the enterprise products offered by Symantec and McAfee are different to the standalone versions sold. I agree with you wrt Norton/Symantec's standalone offerings, they do suck.

We had McAfee installed and have now changed over to Symantec. We inherited a few sites/companies and some of them had Sophos/Trend etc. which was changed to Symantec because we had so much trouble with the policies, updating, managed installations etc.
 
We are currently using Symantec- problem is when I had to set it up from scratch I had to reinstall the AV on each client - when doing that remotely it (our network is okish) it takes to much time as I have to reboot the pc - with sophos can you overwrite the existing client defintion without having to reboot?or is that asking to much from any AV ? :D

The silent deploy with the symantec sometimes gives problems-the av definition(package) that doesnt require an immediate reboot
 
The poor man's solution : AVG File server edition on all the servers & Microsoft Security Essentials on all the workstations. :)
 
kingrob said:
The poor man's solution : AVG File server edition on all the servers & Microsoft Security Essentials on all the workstations. :)
Click to expand...

I Have heard a lot of good things about MS Security Essentials. (The free product.)
 
MS Forefront Sux. And it does require a reboot with a remote installations. I guess it depends if you are running i5's and i7's everywhere it wont matter. But Kasperski or NOD is what I would use. NOD is great for remote roll outs you setup one config and send it out over the network. Depending on youe WAN links I would still suggest doing it in stages.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X