lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed, 27 Oct 2010 11:36:24 +0100
From: James Rankin <kz20fl@...glemail.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: looking for enterprise AV solution

Ditto on the belt and braces approach.

I've had a lot of good experiences with Sunbelt's Vipre product. It is
extremely easy to deploy and manage in the enterprise.

On 27 October 2010 11:32, Jamie Riden <jamie.riden@...il.com> wrote:

> On 26 October 2010 19:26, bk <chort0@...il.com> wrote:
> > (resending from correct account)
> > On Oct 26, 2010, at 6:55 AM, Mikhail A. Utin wrote:
> >
> >> Folks,
> >> We are looking an enterprise level AV-software <snip>. Any advising?
> >
> > Signature-based AV is a dead technology.  Updates don't get released
> until hours after you're already infected, so all it really ends up doing is
> being a resource-suck on your CPUs and hard-disk access.
> >
> > My recommendation:  Buy whatever has the highest composite score for ease
> of management, limited resource consumption, and affordability.
> >
> > Anyone who says "get Vendor X" or "get Brand Y" without telling you what
> selection criteria they used is a tool.  How do you know if what is
> important to you was also important to them in making the selection?
>
> If you've got a decent perimeter, it should keep the threats out for
> some time, but I tend to agree. AV these days is starting to be more
> about detection than prevention - it will at least highlight that you
> have a problem so you can deal with it. Think of it as part of your
> intrusion detection if it helps.
>
> Oh, and somewhere I used to work ran two separate AV products on the
> mail gateway, and then a third on desktops on servers. I suspect this
> was more about licensing models (couldn't do per-seat for email as we
> had >100k email addresses) than paranoia, but it did help out
> considerably to have independent engines.
>
> cheers,
>  Jamie
> --
> Jamie Riden / jamie@...eynet.org / jamie.riden@...il.com
> http://uk.linkedin.com/in/jamieriden
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question."

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ