| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Oct 2010 13:09:39 -0400 From: "Elazar Broad" <elazar@...hmail.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: looking for enterprise AV solution -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +1 for Vipre, its cheap(about $10 or less per seat, per year), generally resource conscious and pretty granular centralized policy management and last but not least, its detection and fp to fn ratio is pretty solid. Aside from a recent issues with its Outlook plugin(which have been fixed) and some engine update deployment issues on a handful of machines(there is a workaround), my overall experience has been quite good. On Wed, 27 Oct 2010 06:36:24 -0400 James Rankin <kz20fl@...glemail.com> wrote: >Ditto on the belt and braces approach. > >I've had a lot of good experiences with Sunbelt's Vipre product. >It is >extremely easy to deploy and manage in the enterprise. > >On 27 October 2010 11:32, Jamie Riden <jamie.riden@...il.com> >wrote: > >> On 26 October 2010 19:26, bk <chort0@...il.com> wrote: >> > (resending from correct account) >> > On Oct 26, 2010, at 6:55 AM, Mikhail A. Utin wrote: >> > >> >> Folks, >> >> We are looking an enterprise level AV-software <snip>. Any >advising? >> > >> > Signature-based AV is a dead technology. Updates don't get >released >> until hours after you're already infected, so all it really ends >up doing is >> being a resource-suck on your CPUs and hard-disk access. >> > >> > My recommendation: Buy whatever has the highest composite >score for ease >> of management, limited resource consumption, and affordability. >> > >> > Anyone who says "get Vendor X" or "get Brand Y" without >telling you what >> selection criteria they used is a tool. How do you know if what >is >> important to you was also important to them in making the >selection? >> >> If you've got a decent perimeter, it should keep the threats out >for >> some time, but I tend to agree. AV these days is starting to be >more >> about detection than prevention - it will at least highlight >that you >> have a problem so you can deal with it. Think of it as part of >your >> intrusion detection if it helps. >> >> Oh, and somewhere I used to work ran two separate AV products on >the >> mail gateway, and then a third on desktops on servers. I suspect >this >> was more about licensing models (couldn't do per-seat for email >as we >> had >100k email addresses) than paranoia, but it did help out >> considerably to have independent engines. >> >> cheers, >> Jamie >> -- >> Jamie Riden / jamie@...eynet.org / jamie.riden@...il.com >> http://uk.linkedin.com/in/jamieriden >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > >-- >"On two occasions...I have been asked, 'Pray, Mr Babbage, if you >put into >the machine wrong figures, will the right answers come out?' I am >not able >rightly to apprehend the kind of confusion of ideas that could >provoke such >a question." -----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQECAAYFAkzIXNQACgkQi04xwClgpZh7/AP9FmLXwe93hL0OnOMMhiJ8K5oU7Ato VjUiFNaj/Ycs4COh8LUrKJ0rTCseX5ye0AThaXJpiXgLs0kxxkrFbQQBF0zhCsTyWivL E+vGcId/B8D2C46NfEvPgNsLtd96sRYY6e0qoV42+vEX08aiV/3rlRM9xKnXsk9i91Kt JURFGks= =/He8 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists