Hi. We have 1 main office site, and 3 remote sites, all with Nod32.

The remote sites get their email through the exchange server on the main site, via adsl connections. The remote sites are saying that email send/receive is very slow since we changed over from Sophos to Nod32.

Could Emon be causing delays in Outlook, due the the files being downloaded via adsl then scanned before opening? No complaints on the main site, as the exchange server is locally on the lan there.

Thanks,

{QUOTE-> Hi. We have 1 main office site, and 3 remote sites, all with Nod32.

The remote sites get their email through the exchange server on the main site, via adsl connections. The remote sites are saying that email send/receive is very slow since we changed over from Sophos to Nod32.

Could Emon be causing delays in Outlook, due the the files being downloaded via adsl then scanned before opening? No complaints on the main site, as the exchange server is locally on the lan there.

Thanks, <-QUOTE}


EMON scans all the information being received via port 110 . It doesn't scan files before being opened in that way . It can happen really rarely because we all know that NOD32 is really fast . You can check via going to each PC and manually disable just EMON and then see . Don't worry about it because you'll still be protected because of AMON (the main protection) Antivirus Monitor which scans all files on-create , on-access , on-execute . ;D

{QUOTE-> EMON scans all the information being received via port 110 . It doesn't scan files before being opened in that way . It can happen really rarely because we all know that NOD32 is really fast . You can check via going to each PC and manually disable just EMON and then see . Don't worry about it because you'll still be protected because of AMON (the main protection) Antivirus Monitor which scans all files on-create , on-access , on-execute . ;D <-QUOTE}


Ooops , I mean IMON is the one that scans all the information being received via port 110 + the other HTTP communications . I suggest you now go there and just try to temporary disable EMON or IMON and see and again don't worry about viruses since AMON is keeping a close eye ;)

{QUOTE-> EMON scans all the information being received via port 110 <-QUOTE}IMON scans all POP3 traffic, by default only on port 110.{QUOTE-> Could Emon be causing delays in Outlook, due the the files being downloaded via adsl then scanned before opening? <-QUOTE}Sometimes there is a perception that it is slower - IMON downloads the file first if it is pop3, scanning it before handing it to outlook. Sometimes this seems to take longer overall but if you put it to the clock the difference is hardly measurable. Then EMON checks it before Outlook is allowed to operate on it. Once again, it is normally a very small difference in time because of this. Usually it just seems longer. Have you tried to actually measure it - with IMON & EMON enabled, then resend the same test message with IMON & EMON disabled? It might be worth testing?

{QUOTE-> Ooops , I mean IMON ... <-QUOTE}:)

If he's on Exchange server..there is no port 100 being used, nor 25. Exchange<==>Outlook is entirely different from POP3<==>Outlook

Slyder...are you pulling/delivering to a local PST file on the remote workstations? Pulling Outlook from mailboxes over a WAN..especially on slower VPN tunnels...more of an invitation for some hiccups. Hopefully you're running E2K3 and Outlook 2K3...they deal with thin connections very well.

Hello,

Is there any anti-virus software in addition to NOD32 being run simultaneously on computers at the remote offices? What about other security or backup software which runs in real-time?

Regards,

Aryeh Goretsky

Hi slyder:

How was Sophos removed from the machines? Which version of Sophos?

{QUOTE-> Hi. We have 1 main office site, and 3 remote sites, all with Nod32.

The remote sites get their email through the exchange server on the main site, via adsl connections. The remote sites are saying that email send/receive is very slow since we changed over from Sophos to Nod32.

Could Emon be causing delays in Outlook, due the the files being downloaded via adsl then scanned before opening? No complaints on the main site, as the exchange server is locally on the lan there.

Thanks, <-QUOTE}

Thanks for all the replies guys.

This all started because the users have been complaining that since our upgrade (nod32), email has been really slow to send and receive. We have Amon, Emon, Imon and Dmon enabled on our remote sites.

They pull their exchange data over the wan - adsl connected via vpn, so unfortunately 256kb upload to remote sites at the moment. We are running Exchange 2003, and Outlook 2000 on WinXP clients.

Sophos 5 was previously installed on the whole network, this was removed manually using add/remove programs on each client, as Sophos did not provide removal via the Enterprise Manager!

Hope that gives a bit more info. Obviously we do not have an ideal setup, and the adsl link will slow down access for the remote sites, but the users (imagined or not) think that Outlook is slower now than before.

256 upload at each remote site..not bad. What's the upload at the central office? (what I'd called "mothership")

Hardware VPN? (router to router) Or does each client software VPN client in?

256 upload at the "mothership" as well i'm afraid!

This will hopefully be increased to 2mb soon.

Hardware vpn router to router, yes.
Thanks,

{QUOTE->
They pull their exchange data over the wan - adsl connected via vpn, so unfortunately 256kb upload to remote sites at the moment. We are running Exchange 2003, and Outlook 2000 on WinXP clients.

Sophos 5 was previously installed on the whole network, this was removed manually using add/remove programs on each client, as Sophos did not provide removal via the Enterprise Manager!
<-QUOTE}

Hi

Upgrade the remote clients to Outlook 2003 and use cached mode. Outlook 2003 is A LOT better than 2000. I run half a dozen users on the end of a 128kbit leased line.

For the benefit of others, Sophos can be uninstalled remotely, though not using EM. It can be done using a free third-party tool, PSEXEC.EXE. I was able to remotely uninstall Sophos and then remotely install NOD32 all from the same batch file :)

psexec.exe @complist.txt -u YOURDOMAIN\administrator -p PASSWORD -c \\SERVER\SHARE\start.cmd

add the following lines to the start.cmd...

MsiExec.exe /X{09C6BF52-6DBA-4A97-9939-B6C24E4738BF} /q /norestart
MsiExec.exe /X{C12953C2-4F15-4A6C-91BC-511B96AE2775} /q /norestart
MsiExec.exe /X{FF11005D-CBC8-45D5-A288-25C7BB304121} /q /norestart
\\SERVER\SHARE\nod32\setup.exe /forceold /silentmode /instmfc /cfg=\\SERVER\SHARE\nod32\nod32.xml

You can of course have the NOD32 setup reboot the PC, but I chose to ask the user instead.

Regards,

Ed.