[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-disclosure] Antivirus
- To: "'Steve Kirk'" <kirk@xxxxxxxxxxxx>
- Subject: RE: [Full-disclosure] Antivirus
- From: "Jason Bethune" <jbethune@xxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 10 Aug 2005 16:12:26 -0300
Hey Steve,
I have read the support article on doscan.exe causing high cpu problems. I
curious to know if that would cause a problem in my environment where we
have no dos based applications. Is the doscan.exe installed by default? We
run basically 4 servers SBS 2003, Windows Server 2000, Windows Server Web
and Windows Server 2000 for GIS Applications. All of my clients are XP Pro
with full updates using SUS. Thanks for the heads up on the SAV CE 10.0 roll
out you did...im still trying to figure out the best route for our small
government office to take on this.
Jason Bethune
IT Specialist
Town of Kentville
354 Main Street
Kentville, NS
B4N 1K6
www.town.kentville.ns.ca
-----Original Message-----
From: Steve Kirk [mailto:kirk@xxxxxxxxxxxx]
Sent: Wednesday, August 10, 2005 3:07 PM
To: Jason Bethune
Subject: Re: [Full-disclosure] Antivirus
Hi Jason,
This last spring I was put in the position of deploying SAV CEv10.0 for
my company - about 150 clients/servers. Almost immediately it started
causing problems. I work for a video game developer for Playstation2
games, and (sadly) a lot of the tools for PS2 are DOS-based (they're not
Win32 apps).
First off there's an "issue" with 10.0 where doscan.exe causes high CPU
usage - dragging the machine to a halt. SAV does a "quick scan" (and I
use the term loosely) on boot. We've put in a regkey fix to remove the
boot scan.
They added "tamper protection" with a lot of our tools seem to trigger.
We've had to disable that.
And generally has been responsbile for a LOT of performance problems.
We're using high-end x86 dual-Xeon workstations, too - so it's not like
we're under-powered.
Needless to say I'm currently doing a hefty performance analysis of
other anti-virus solutions so I can find something "nicer" towards our
environment.
HTH,
Steve
Jason Bethune wrote:
>I only use Terminal Services in admin mode for my servers from home. I know
>my current NAV doesn't like TS at all. I am a bit sick of Norton (Symantec)
>and how much resources it take sup on the computers which the client is
>installed.
>
>Jason Bethune
>
>IT Specialist
>Town of Kentville
>354 Main Street
>Kentville, NS
>B4N 1K6
>
>www.town.kentville.ns.ca
>
>-----Original Message-----
>From: Steve Friedl [mailto:steve@xxxxxxxxxxx]
>Sent: Wednesday, August 10, 2005 1:23 PM
>To: Jason Bethune
>Subject: Re: [Full-disclosure] Antivirus
>
>On Wed, Aug 10, 2005 at 01:20:31PM -0300, Jason Bethune wrote:
>
>
>>I know this is not really the place to ask this question but I need some
>>professional advice and well you guys know a lot. I need to get rid of our
>>current Antivirus solution in the small 20+ user network we have running
>>
>>
>on
>
>
>>SBS 2003. Currently running NAV 7.6 Corporate Edition. Any opinions on the
>>new version of Norton 10.0? Should I look at Trend Micro? Both seem to
>>priced about the same for Canadian customers. I hope this is not too way
>>
>>
>off
>
>
>>topic but I don't post here very often. If you can give me some advice
>>
>>
>that
>
>
>>would be greatly appreciated.
>>
>>
>
>One tidbit: if you use RAdmin (remote administration software), Symantec
>10. corporate sees it as a threat, and there's not any really good way
>to centrally deal with this. It's been a terrible mess.
>
>Steve
>
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/