Tag: Antivirus
Goodbye Symantec Endpoint Protection 11
by admin on Mar.10, 2008, under Software, Systems
I have uninstalled Symantec Endpoint Protection from my laptop. The trial was coming to an end and with the findings of the new management console problems I didn’t see a reason to continue.
See previous posts here:
Instead I have moved on to BitDefender Total Security 2008. I have just installed it and it seems to be running ok. Total system scan was faster than I am used to with Symantec and McAfee. Setup was easy for the most part, prompted me for every program to allow it through the firewall instead of knowing most of the common programs that should be allowed like Symantec. We will see how things go, if anyone has any comments on this product please post here.
Symantec Endpoint Protection 11
by admin on Jan.25, 2008, under Software, Systems
I installed a trial of Symantec’s Endpoint Protection which is the new version of Symantec’s Enterprise Antivirus. I have used Symantec in business all the way back to version 7 and have always liked it. Version 10 switched its servers to client communication from UDP to TCP which improved network stability. They also changed new virus definitions to be deltas instead of full definitions.
Well Symantec has taken it to the next level now with Endpoint Protection. Now the firewall package is built into all of their clients instead of just their SCS clients. They have also added a HIPS or Host Intrusion Protection Software into this client. This is the next step that a lot of companies have been trying to pull off but haven’t done well yet. IPS watches for known and unknown attacks by watching for activity that could be trying to do malicious things.
Firewalls are great because it blocks connections that aren’t specifically allowed but that still allows all traffic on open ports, the IPS piece will analyze the traffic and watch for malicious activity. So far I have been very impressed how well it is designed, I have not had to make any changes to allow things to work on my machine. I am on a domain and typically you have to allow a ton of stuff just for your machine to function and I did not. Only change I made was to turn off the alerts when the firewall blocked something.
One more note that a lot of standards including PCI require you to run HIDS/HIPS on your machines.
