I use Avast, highly recomended Thumbs up
I use Avast, highly recomended Thumbs up
I'd be interested to see how this goes with the corp version in the long term so if anyone goes with Avast I'd love to hear more.
Rather than start a new thread on this I've started a review of the Avast Enterprise system which primarily consists of the "Distributed Network Management Console"... essentially the equivalent to Sophos EM.
You need the manual before you get started because without you're floundering around in the dark. There's very little that's intuitive about this system even if you've been using the advanced console on Avast (although that helps somewhat).
Installation can be a bit hit and miss as well with a few nuggets missing from the documentation that would have been useful (see below).
The first thing I found when installing the ADNMC was that the installation process includes the ability to create your own "mirror". This has a batch file which grabs all the files from the main server cluster and when completely downloaded it creates the necessary installers.
During my first installation this obviously didn't completely properly (with hindsight) as it took less than 4 minutes and I couldn't create any "installation packages" with an red error pointing out that the mirror might not have initiated properly.
After a bit of reading on the forum it becomes clear (well, sort of) that the best way to resolve this is to uninstall and reinstall..
I tried this and the mirror process took nearly 45 minutes (probably due to internet connection) but this time it obviously created the packages properly.
As I get more into this I'm finding that there are a LOT of configurable options in here and whilst it does mean that you've got to spend more time looking at a manual than getting on with it, it feels more like you're in control.
That said, this stuff is not going to be for a faint hearted part time tech TA who hasn't got a good head on their shoulders.
Of particular note is the multiple ways in which you can deploy your avast client... The methods range from a compiled MSI which you create in the ADMNC and then just deploy as per normal in GPO, or you can deploy using the ADMNC itself and the appropriate "task"
One thing that really impressed me was that I set a deployment to a group of 3 WLAN connected laptops and right in the middle of the process one laptop dropped the WLAN connection. Without needing to be told the ADMNC just got back on it when the laptop reconnected and finished the job. Very useful considering what I'm doing with 80+ laptops!
Probably the biggest niggle is the lack of intuitivity in some areas of the system and the one that caught me out for 20 minutes was getting the packages to install using the ADNMC as the deployer (not GPO). I kept getting access denied messages and it wasn't until I really read the text in the "Login Accounts" section (for the account with install perms). Classic case of RTFM but you'd naturally assume that putting the account Domain in would apply to the account too... Nope.. so ass-u-me still applies.
Probably the key thing you come away with in this thing is that everything is "task" orientated by which I mean you setup a task to deploy, update, etc... and can review what it'll do, and then test it on one machine or just go crazy and send it out to a group or more. Takes a little getting used to but when you've successfully created a task that works you realise that it makes life a lot easier from a lot of angles.
This is only day two of the process and I'm putting this together on a single server and a trolley of WLAN laptops so I'll be interested to see if this does indeed resolve problems with lockups which Sophos seemed to be causing.
Time will tell...
Interesting stuff mate, be good to hear how it mellows and settles in as it were as I've had it with Sophos now!
Just curious why you've had it with Sophos? What version waas you using?
Using the latest release and just find it, still despite my long conversation with Sophos senior technical and development people over 18 months ago, an over-sized memory hog of a program.
Why any antivirus program needs about 5 parts running taking on average around 50-80mb of system ram to be sitting doing basically nothing is strange me. I have Avast on my PC here and yes its got 5 processes as well, but total size for all processes is 40mb and thats the lot and Ive got about 30 tabs open in IE & FF combined, 5 MSN windows, numerous file downloads going on, email going in and out all the time so it is being active and working at that! When I logon it doesn't start updating and halting the PC from working, it updates itself but never stops the PC working, unlike Sophos where I can logon and then the PC appears to hang, with the Savadmin.exe process taking 99% CPU time, kill that process off and oh as if by magic the PC then starts to actually come to life! When time is of the essence in a school which it is, having to tell users to wait it will come to life, and for it to do so 5 minutes into the lesson is not acceptable.
As I told Sophos my issue is the footprint of it, the fact it seems slow to do a great many things and its just become bloated. I want a basic Anti-Virus program that can scan a PC for a Virus, I don't want application control, firewall, content filtering etc etc, I just want it to scan the PC for viruses, and if i plug my pen drive in and open a virus infected file I want it to delete it and tell me it did so, so I can monitor whats going on. I don't want it to get excited and go oh I've put in a 500GB USB HDD I'll scan it all or anything like that, I make those decisions. If I want fancy feautures like the Applicaiton Control etc I want the choice of installing them as an EXTRA add-on not stuffed in and "disabled" or "de-activated" as its still on the machine, I want to say yes Install X,Y & Z and it take three times as long to install thats fine, but I want that choice not Sophos to stuff it all on the PC and then "turn off" what I don't want.
If it still was supported I'd go back to the old Sophos of 5 years ago, apart from the annoying large update pop-up that pee'd a great many people off in schools, it actually worked, was quick, small footprint and did what it said on the tin. Fine reporting was lacking compared to todays reporting but I'd sacrifice all that for the speed of V4 back again.
To prove I'm not a complete Sophos hater, I will say I do like Puremessage for Exchange, it works well and is good so I'm not just a Sophos basher, I happily have and do still look and recommend and buy Sophos PureMessage, but I only use that on the Exchange box, everything else when I'm asked for recommendations gets pointed to other products as I've just seen the tears with Sophos and they are not worth it.
[I will add here that these are MY views and not necessarily the representation of my employer]
appreciate yr views. I'm quite shocked with yr experience with Sophos. I've deployed it at many organisations etc... I do agree with you that you should be given the option for various components etc...but personally it's good to have everything deployed and disabled (which you dont agree on) just that is save time for a further deployment. Just disable the policies etc and use when you need to. Nice to know your thoughts, will bear this in mind. Most enterprise AV products nowadays take up large amounts of mem & HD space. Most of these features of Sophos are really helpful, got to bear in mnd that maybe for the education sector (primary/secondary schools) these extra features may not needed, but Sophos and many other Ent products design these for large Corps etc..Having these features for some companies allows them to use if these need to etc....I'm sure there's loads of configs you can do to get it working how you want & setting up policies in Sophos are straight forwward.
Sophos claim they listen to schools, I would go as far as guessing they hold the monopoly on School antivirus, so they should be making a version for schools IMHO, without all the naff parts of it that make it a knightmare. As you will see if you read on here, it is always a very popular topic, and not normally for positivity.
Just to note a few things about Avast ADNM as this may be of interest
As above...Just disable the policies etc and use when you need to
Not Avast... it's got a large diskspace requirement on the "server" or secondary mirror systems but on workstations it doesn't use huge amounts of space. I'll check the exact amount when I'm next in school though.Most enterprise AV products nowadays take up large amounts of mem & HD space.
I'd tend to agree with John on this... Sophos is designed for corporate systems that have massive budgets and high end hardware spec's. Schools don't have this and invariably corners have been cut. I also think that Sophos have grown complacent in thinking they are the market leader when I suspect they're resting on their laurels.Most of these features of Sophos are really helpful, got to bear in mnd that maybe for the education sector (primary/secondary schools) these extra features may not needed, but Sophos and many other Ent products design these for large Corps etc..Having these features for some companies allows them to use if these need to etc....I'm sure there's loads of configs you can do to get it working how you want & setting up policies in Sophos are straight forwward.
That said I have to admit that the Sophos EM system is a lot more intuitive and for anyone thinking about the ADNM system you are going to need to do some reading and attack a steep less-intuitive learning curve to get yourself up and running.
Where Avast really excels though is in the ability to actually properly manage the end-client in terms of forcing scans (or allowing user interaction), getting results and not having to physically sit with the workstation to get items cleaned up. Sophos doesn't do this and for my money it's one of the biggest failings because even basic troubleshooting and repair requires your physical presence at a workstation which, given the time intensive nature of virus scanning is just plain nuts and counter productive.
Oh and the fact that Avast doesn't lock up the system like Sophos does (ok, so it may be to stop malware managing an end-run round the scanner) is a MAJOR benefit. IMHO, Sophos may have a potentially more secure approach but when it comes to loading but it could at bare minimum provide a warning message for the end user to give a clue that the system hasn't just died. Simple, effective but totally unavailable...
Anyway, to return to the whole comparison side of things... I'll be doing some comparative testing and checking between the two systems next week (time allowing) to see how they compare in terms of memory footprint, load up, etc...
I'll keep the thoughts coming
There are currently 1 users browsing this thread. (0 members and 1 guests)