tech_guy (21st January 2009)
Of course you will get people's different answers as there are many many different products so no one will agree, it's not about everyone NOT agreeing, it's about people 'experiences with AV products and what they would purchase..... isn't it ?' I don't really care to tell you the truth as I have drank far too much this evening....
As for the article, shocking.
tech_guy (21st January 2009)
Ahem, to change the subject slightly - for home use I use Kaspersky on my Windows XP and Vista machines and I have had no issues with it. Today I just picked up a 3 user version of [ame="http://www.amazon.co.uk/Kaspersky-Internet-Security-3-Desktop-Subscription/dp/B001ANDJLS/ref=sr_1_1?ie=UTF8&s=software&qid=1232576556&sr=8-1"]Kaspersky 2009 from Amazon[/ame] for £17.36.
Last edited by tech_guy; 21st January 2009 at 10:42 PM.
Very human of them... It was only when someone in the education sales team realised what they were doing to their marketing campaign that the idiot legal team was sat on. It wasn't altruistic, of that I'm fairly sure... However this might seem like a Sophos bashing exercise so I'll expand on my reasons for eskewing Sophos.That article shows Sophos apologising for their mistake. To err is human to forgive is divine?
- It is indeed more resource hungry than you might like.. Not to the extent it was but still, not lean and mean by any stretch.
- In the wireless environment I set up recently it was responsible for 1 in every 4 or 5 laptops locking up whenever an update was pushed out. In itself the key issue was the WLAN was losing packets but Sophos failed utterly to cope and in a classroom of 20 laptops with 4 freezing it killed lessons dead. Usually half of the freezers came back after about 4 or 5 minutes but the others needed a hard reboot.
- This same "freezing" issue is essentially repeated whenever Sophos goes for a major version update and unfortunately Sophos gives no warning or indication to the user as to what's happening, it again, just locks the user out. In ever instance of "freeze" the user then goes into "WTF mode" (ie: click, click, CLIIKKKKKKKKKKKKKKK WTF is wrong with this machine!) and then it locks up good and proper. User fault?... erm.. 10% if that IMHO.
- Central control of actual cleanup operations is just plain wrong. Sophos can be set to be pro-active and clean things up as it goes but this takes some doing. Instead what you usually get is a polite "warning" that a virus has tried to get in or has succeeded and Sophos has done naff all about it. By design maybe but not exactly intuitive and the process for removing any virus issues is so elongated (involving multiple scans, which again lock up the machine, etc..) as to make a re-image the only really time effective option.
If I was given the choice of Sophos or nothing I'd take Sophos but when you offer me Avast (which I'm familiar with), a central command system that makes sense, albeit with a learning curve and then tell me it'll cost about £200 a year more for 80 machines and 3 servers (@ 3 year subscription, educational rate) then I'm going to tell Sophos to jump in the lake because the cost in tech time on site and teacher frustration is just not worth the £100 a year price tag.
There now... biased? Not really... I think of it as experienced in ways I'd rather not be. Nuff said, time for my meds and bed :P
Last edited by contink; 21st January 2009 at 10:32 PM.
Well all I can say is thankfully I have had none of these issues that are mentioned with Sophos and although I persoanlly wouldn't choose it, I have no complaints from using it.
I would not recommend Symantec SAV 10.17. We have had a ton of issues with:
1. Clients stop communicating/update dat files with the Server.
2. Client corruption
3. Clients not upgrading properly from Ver 9
4. Server mis-reporting AV updates and version.
That along with issues with NoNav not always working the way it should.
OverWorked (31st January 2009)
I've used Sophos on our school network for several years now and have mixed opinions about it.
In the central management console, loads of machines are reporting Sophos AV errors, but it's difficult to do anything about it without going to the machine and manually reinstalling Sophos.
Last year we had a serious virus infection running on a staff laptop and a server. Sophos detected it, but did nothing about it, causing me to stay behind for hour one evening to perform an off line Sophos AV scan to clean the server.
When disinfecting home systems, several time I've seen the free AVG find viruses Sophos has missed. (This was a few years ago, though).
I found this thread because I'm looking for a decent AV for a charity I support. Theres no consensus on a good enterprise AV solution.
I'm using Eset Smart Security at home, it's OK, but can't get it to play properly with home networking (have to restart it to allow ICS, and it's blocking iTunes sharing on a friend's network, despite being told not to).
I've given up on F-Secure and Zone Alarm at home for poor performance (typically taking 5 mins. for the PC to be usable after booting).
There seems to be more comments in favour of NOD32, so I'll look into that. Does it have a central management console?
Just as another slightly OT question in here... A few people have talked about products being resource intensive on downloading updates or scanning as said why this causes a problem during exams / lessons. Perhaps someone could explain why it it is being done during the day and not when people aren't using the machines. I use kaspersky at homes and schedule it foe out of hours. This seems like common sense to me.
Resource intensive when doing on access scans is a different problem that a few products do suffer and should be explained differently.
Our LA used to use Sophos - I can't say I ever had huge problems with it except it let through the odd thing which wasn't great
Now we use NOD32 and have had no issues with it at all
another sophos user here..
mixed feelings at the moment. yep it's easy to setup Enterprise Manager and deploy sophos out to clients (syncs with AD so it basically does it itself)
Never had any probs with it removing any nasties etc seems to do its job
but... I get so many errors about clients being out of date or the av on the client being 'inactive' when I can dial into one of the PCs that are showing as errors and find there's nothing wrong. I can scan (and detect dummy virus files) and I can manually pull down updates.
I also have about 20 clients - different models of pc in different parts of school that won't auto update each morning. I have to select > right click > update. No idea what's going on. Emails sent to Sophos don't even warrant a reply. Sophos are useless with support in my experience.
It also does spank the CPU. Never had a 100% cpu since the old 'intercheck' sophos days but it regularly does hit 45%-50% cpu. Updates are scheduled for each morning and a client scan is performed at lunchtime.
One last rant about sophos... the error codes / knowledge base articles are a pile of cack. Some of the error codes I've had don't even have an entry on the sophos KB
It's now got to the stage where if I cant reinstall sophos back onto a client within 15 mins I just reimage the client and redploy. I can't be arsed to piss about with Sophos any more.
If I could look into using another AV I would but we're tied to it as its LA provided.
btw the stand alone version of Sophos is v good in my experience. I use it at home and I install it on 'home use' laptops fro staff - no issues with it all
conehead (31st January 2009)
I feel I know how Sophos works so I know how to work with it. I also know how I would like Sophos to work; how it could be better. However it currently is what it is (a strong player in computer security) and, I feel, it's getting better all the time - the HIPs protection really helps with Conficker.
I get the sense that because the LEA buys a lot of Sophos licences and hands them out to lots of schools quite a few comments here are from members who feel trapped and therefore resentful. And if Sophos offer a good price, a competitive price, it's seen as cheap and nasty.
To all I ask...
Are you making sure you're planning deployments and pro-actively calling their support to get advice? Do you have a test environment that mirrors (blemish for blemish) your production environment? Have you read all the .pdf files for all the products they run? Have you considered asking Sophos to visit your site for consultancy and best practice?
Sophos case study - Hamilton College
Sophos Professional Services - maximizing your return on investment
Have you seen the whitepapers available on Sophos' website https://secure.sophos.com/security/w...ers/index.html Have you all subscribed to their email notifications Sophos email notification
I'm sure I'm in for some hot replies. Please believe me it's not my intention to provoke people. Instead just lean back from the keyboard for one minute (go on, do it) and think about the last time you truly planned, tested, refined, tested, refined, sort approval from Sophos and then deployed in a phased rollout - monitoring as you go. If any abnormal effects are then seen you can pause and review.
Honestly - don't hate me! It's just nice to debate. Isn't it...?
OverWorked (1st February 2009)
A Bit like CA eTrust then with Spyware lol We have it and i hate it, biggest load of crap i ever bought! Just had a technology guy ring me saying his machine is riddled with Spyware and CA didnt even detect it. Hes not a normal user either, quite experienced and very security concious. the management side of CA is over complicated and the deployment tool is very basic, no tracking of which machines have it installed and which ones dont except for a list you maintain yourself
we can pause, review a 'blemish', scratch our heads, consult the sophos KB only to be prompted with 'error code not found', or some bollocks about a deployment timing out because of a slow network connection even though its being piped over a gig switch.
perhaps sophos is optimised for deployment on a large hadron collider
how can any software vendor code into their software error codes and then can't be arsed to have any reference to them on their KB?
I have to say sophos KB is as about as useful as capita supportnet ...
other than that sophos is wonderful
Last edited by DMcCoy; 31st January 2009 at 10:52 PM.
Navaho have just dropped Sophos because of their licensing conditions, any school who use Navaho now have Clam AV on the box.
There are currently 1 users browsing this thread. (0 members and 1 guests)