BlueZannetti
October 19th, 2003, 01:40 AM
I usually lurk, but the question of “which AV?” interests me.
NOD32/NAV2004/KAV 4.5, should I choose one of these? Something else?
I’ve followed the threads here (http://www.wilderssecurity.com/showthread.php?t=14902) and elsewhere (http://www.dslreports.com/forum/remark,8201352~root=security,1~mode=flat) on the “X vs. Y” in the AV world. Although many comments made by the contributors may be blasphemy to satisfied customers, I found them useful since I was actually weighing my options and had used the three that I’ve listed. But it’s hard keeping all of our experiences in perspective
If everyone owned identical hardware, had the same set of applications installed, surfed the same sites, and practiced the same level of safe computing, you might be able to identify a best AV program. Last time I looked, this isn’t the world I live in.
Everyone is right and everyone is wrong, at least when it come to me selecting an AV for my platform to cover the scope of my PC usage.
Signatures vs. heuristics? Signatures are best, until you are that mythical patient zero, the first infection of an epidemic. After that, maybe you’ll look at strong heuristics in a new light. That is, until someone deletes a needed file, not realizing that heuristics are fallible. Should I base my decision on patient zero? No. Should I base my decision on the poor fellow who mistook a false positive and paid dearly? No again. But I will listen to both and make a decision that’s right for me.
Bloatware vs light? For those of us who started when PC’s had one floppy (5 1/4 or 8" - take your pick) and 64k of RAM, everything’s bloatware these days. Of course, on the right PC virtually anything will run fast. It’s bloatware if I feel compelled to disable needed features to get acceptable performance. If you have a faster PC, my bloatware may be your speed demon.
Payware vs. free? I generally go the payware route since I can. However, when I was a much poorer college student, freeware would have been my only option and I would have embraced it.
Ability to recognize viruses in a controlled test? This is the toughest and most controversial since it is all too easy to label this as an objective judge of performance. It’s not. The outcome of tests focusing on viruses that will never invade my world make an interesting story that has no relevance to me. The problem is that I can’t discern relevance until after the fact. I try to listen to the victims of virus attacks and those who have experienced the software stopping viruses. You’ve never had a virus get through? Well, first of all, let’s establish that you’ve been attacked in the first place and that the attack was thwarted, then we can discuss specifics.
For me, the only AV that has had to handle attacks was NAV and it performed admirably. By the same token, the only AV that let viruses through was also NAV. I know definitively that this failure was my own fault. I turned off needed features to get “good” performance. For the PC I had at the time, a lighter program would have been a much more appropriate solution – this is where options like NOD32 can absolutely shine.
My eventual decision this year? KAV 4.5 Workstation, although I'll probably augment it with NOD32 on one of my PC's.
Was running NOD32 for a few months. Looked good and still think that it’s an excellent package. It’s probably my preferred AV on anything less than a P4 class PC. Had one false positive – I’m sure no one else will have it, it centered on the uninstall facility of an expensive technical mathematics environment. I liked the speed. Simple to use. Absolutely no problems.
I had upgraded my systems from NAV 2002 to NAV 2004 due to all the positive comments. NAV2002 was solid - no missed viruses and NAV caught many e-mail based samples in the past. Regretted installing NAV2004 from the start. Don’t know the causes of the instability, and didn’t really want to spend time learning. Looked great while working. Would have preferred automated daily updates, though. In my book, this is a significant issue with a typical NAV installation. Received a refund on my purchase.
Tried KAV workstation 4.5. Was aware of the heavy resource usage reputation. Good price on multiple (4) licenses. Very configurable. No resource issues as I’ve set it up on my P4 level PC’s. Do not believe I’ve compromised functionality. Some additional malware types not well covered by NOD32 tipped me in favor of KAV. Very pleased so far. One deficiency seems slated for remedy in version 5 (sounds like the target release is Feb 2004 or so) and there is a bit idiosyncratic behavior in the control center. Noted it while stressing the program, but it’s irrelevant for virtually all of my usage.
Sorry for the length, but I thought that I’d share some of my struggle to put a few of the recent discussions in perspective for a newbie passing through. These threads on which AV to buy are much less definitive than would appear during an initial read, even if you focus only on the "objective" tests.
And with that, I’ll gently walk back to the shadows.
Blue…
NOD32/NAV2004/KAV 4.5, should I choose one of these? Something else?
I’ve followed the threads here (http://www.wilderssecurity.com/showthread.php?t=14902) and elsewhere (http://www.dslreports.com/forum/remark,8201352~root=security,1~mode=flat) on the “X vs. Y” in the AV world. Although many comments made by the contributors may be blasphemy to satisfied customers, I found them useful since I was actually weighing my options and had used the three that I’ve listed. But it’s hard keeping all of our experiences in perspective
If everyone owned identical hardware, had the same set of applications installed, surfed the same sites, and practiced the same level of safe computing, you might be able to identify a best AV program. Last time I looked, this isn’t the world I live in.
Everyone is right and everyone is wrong, at least when it come to me selecting an AV for my platform to cover the scope of my PC usage.
Signatures vs. heuristics? Signatures are best, until you are that mythical patient zero, the first infection of an epidemic. After that, maybe you’ll look at strong heuristics in a new light. That is, until someone deletes a needed file, not realizing that heuristics are fallible. Should I base my decision on patient zero? No. Should I base my decision on the poor fellow who mistook a false positive and paid dearly? No again. But I will listen to both and make a decision that’s right for me.
Bloatware vs light? For those of us who started when PC’s had one floppy (5 1/4 or 8" - take your pick) and 64k of RAM, everything’s bloatware these days. Of course, on the right PC virtually anything will run fast. It’s bloatware if I feel compelled to disable needed features to get acceptable performance. If you have a faster PC, my bloatware may be your speed demon.
Payware vs. free? I generally go the payware route since I can. However, when I was a much poorer college student, freeware would have been my only option and I would have embraced it.
Ability to recognize viruses in a controlled test? This is the toughest and most controversial since it is all too easy to label this as an objective judge of performance. It’s not. The outcome of tests focusing on viruses that will never invade my world make an interesting story that has no relevance to me. The problem is that I can’t discern relevance until after the fact. I try to listen to the victims of virus attacks and those who have experienced the software stopping viruses. You’ve never had a virus get through? Well, first of all, let’s establish that you’ve been attacked in the first place and that the attack was thwarted, then we can discuss specifics.
For me, the only AV that has had to handle attacks was NAV and it performed admirably. By the same token, the only AV that let viruses through was also NAV. I know definitively that this failure was my own fault. I turned off needed features to get “good” performance. For the PC I had at the time, a lighter program would have been a much more appropriate solution – this is where options like NOD32 can absolutely shine.
My eventual decision this year? KAV 4.5 Workstation, although I'll probably augment it with NOD32 on one of my PC's.
Was running NOD32 for a few months. Looked good and still think that it’s an excellent package. It’s probably my preferred AV on anything less than a P4 class PC. Had one false positive – I’m sure no one else will have it, it centered on the uninstall facility of an expensive technical mathematics environment. I liked the speed. Simple to use. Absolutely no problems.
I had upgraded my systems from NAV 2002 to NAV 2004 due to all the positive comments. NAV2002 was solid - no missed viruses and NAV caught many e-mail based samples in the past. Regretted installing NAV2004 from the start. Don’t know the causes of the instability, and didn’t really want to spend time learning. Looked great while working. Would have preferred automated daily updates, though. In my book, this is a significant issue with a typical NAV installation. Received a refund on my purchase.
Tried KAV workstation 4.5. Was aware of the heavy resource usage reputation. Good price on multiple (4) licenses. Very configurable. No resource issues as I’ve set it up on my P4 level PC’s. Do not believe I’ve compromised functionality. Some additional malware types not well covered by NOD32 tipped me in favor of KAV. Very pleased so far. One deficiency seems slated for remedy in version 5 (sounds like the target release is Feb 2004 or so) and there is a bit idiosyncratic behavior in the control center. Noted it while stressing the program, but it’s irrelevant for virtually all of my usage.
Sorry for the length, but I thought that I’d share some of my struggle to put a few of the recent discussions in perspective for a newbie passing through. These threads on which AV to buy are much less definitive than would appear during an initial read, even if you focus only on the "objective" tests.
And with that, I’ll gently walk back to the shadows.
Blue…