January 01, 2004
$32.20/user for 100 users
- Ease of Use:
- Value for Money:
- Overall Rating:
Backed by Symantec's integrated security suite. Highly configurable
Default reporting poorly conceived. Scan is thorough, but adds high latency
A powerful but lumbering behemoth - you can't beat Symantec's integration and depth of product, but this one needs tuning before deployment.
This test was a surprise, with performance and default settings letting Symantec down, although the presentation couldn't be better.
Install was clean, with the system creating a user and group for itself, which is a much better approach than running as the administrator and installing an IIS site for remote management. No reboot is needed. A hefty manual comes with the product, along with an Exchange implementation guide, which goes into great depth.
Like an early IDS, Symantec's AV goes overboard firing off alerts, with little thought to the consequence. Each virus is alerted in no less than six places: in the body of the message, with email to the sender and the recipient, and in the Windows application log, to Symantec's remote management service (if it's there) and with a popup message on screen!
Multiply that by 10,000 and the server is in a world of pain. The application log filled up and the messages to the original sender bounced (as they do, worms nearly always spoof source addresses) generating ANOTHER message, this time to the admin.
Version 4 is now available, and Symantec says this version does not send mail to the sender in this way, which would be a big help. We turned the popups off after a hundred or so, enough to prove that this would really hurt. For one virus, it's as thorough an alerting framework as you could dream of. In an outbreak, it's an avalanche.
Symantec's test was also the slowest by orders of magnitude, but also the most thorough. The test took some 100 minutes to queue mail and then an enormous ten hours to process the backlog, but not a single message was unscanned by the time it arrived in the user's mailbox. The mail latency might be a problem, but will benefit performance over a distributed network, so whether this is a boon or a drawback will depend on your environment.
The user and web interfaces are good, and there is a wealth of options to make the product less clumsy and more efficient. So while the default settings let it down in this test, an optimized installation would surely fare much better.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry