This post is a little different than my normal posts… it’s about software that really has no bearing on virtualization at all…Today I installed Symantec Endpoint Protection Small Business Edition for one of our clients. So I thought I would post a quick review of my experiences.
Overall the product looks very strong, it includes antivirus, email scanning, firewall, and all the other bells and whistles that you would expect from an all in one type of security solution. My experience did not start out very positive though. My task was simple: Install SEP on a windows 2008 SBS server and deploy to 10 client PC’s. This would seem like a simple task and I figured I was going to have a pretty easy day, clearly, I was wrong.
Let me start by saying that it’s the simple things that get you. I say this because I spent the better part of the day trying to install the server portion. What the document doesn’t tell you is that you cannot use special characters such as “:” in the admin password. I tried to install the product several times using a password with a “:” in it and it caused the embedded database to not be able to connect.
After trying several times I called Symantec support and we ran the install for like the 6th time, but instead of using the customers’ preferred password I used a different one and it installed just fine. Once the installation completed the procedure to deploy the clients has three options:
- Send an email with a link to the installation file
- Push the install in unattended mode
- Manual install
I opted for the Push style install, and it brought up a dialog box that listed out all PC’s in the domain. I simply clicked on the PC’s I wanted to deploy to and provided the domain admin account information and that was it. After about 10 minutes all 10 PC’s were running SEP. There was no need to create a package or create any policies, this was all done automatically.
Overall I like the product. It is very easy to install (after you get a good admin password). I also found the interface very easy to navigate. I would recommend this product to anyone looking for a simple to deploy endpoint security solution.
We just migrated away from SEP (enterprise) and Webroot company-wide and switched to Vipre. We got hit with a malicious false A/V that masqueraded as SEP. It appeared to br updating and functioning properly but was actually communicating with the malware servers!
Lessons learned – don’t go full trust into anything … use a multi-layered approach and another periodically spot check with other products. Also big names like Symantec and McAfee are targeted because of the prevalence (same argument with PC vs Linux/Mac).
Best of luck and nice write-up.
Very interesting. Has Symantec acknowledged this problem ?
I am moving my SMB away from Symantec to Kapersky. I have been testing it for a while and management console is better, it doesn’t slow down the client system, and best of all it actually finds and removes viruses. Also it was a third the price.
Every year or two, it seems the list of best of breed AV vendors changes. “Best” detection, “”fastest” scan engine, “lightest” resource, etc. Avast use to be so-so, but now has better detection rates than others including Kapersky from experience, and it’s light on resources. I really like the sandbox of exe, network traffic it detects, etc.