maximum protection with minimum intervention

[lucid]

All,

I recently began to work for a small company that does IT for small businesses. Alot of these businesses run simple peer 2 peer networks of about 5 computers behind your typical off the shelf router.

Previous to my arrival, the company has installed norton internet security as its standard AV/Firewall suite to the computers at these offices.

Having lurked in these forums for a while, I would like to see if the wise people here think there might be a better solution for us to use.

What we need is to strike the best balance between protection and ease of use. Our users are really in no position to answer popups as to what program should and shouldn't be allowed out (and they also don't want to have to call us to help them decide). Norton does seem to excel in automatically configuring access rules and this is why we have been using it. But looking at the tests, its AV abilities are questionable and HOLY CRAP is it ever boated.

Can anyone else suggest some alternatives in an AV and Firewall that would offer better protection without adding complexity?

Thanks in advance.

[The Hammer]

Quote:

Originally Posted by lucid

All,

I recently began to work for a small company that does IT for small businesses. Alot of these businesses run simple peer 2 peer networks of about 5 computers behind your typical off the shelf router.

Previous to my arrival, the company has installed norton internet security as its standard AV/Firewall suite to the computers at these offices.

Having lurked in these forums for a while, I would like to see if the wise people here think there might be a better solution for us to use.

What we need is to strike the best balance between protection and ease of use. Our users are really in no position to answer popups as to what program should and shouldn't be allowed out (and they also don't want to have to call us to help them decide). Norton does seem to excel in automatically configuring access rules and this is why we have been using it. But looking at the tests, its AV abilities are questionable and HOLY CRAP is it ever boated.

Can anyone else suggest some alternatives in an AV and Firewall that would offer better protection without adding complexity?

Thanks in advance.

I'm not sure what test results you have been looking at but the link I've provided shows it has the highest rating of Advanced Plus for its Av abilities. http://www.av-comparatives.org/ As to bloat a number of users have reported it runs quite well on their systems and since your computers aren't primarily for gaming there should not be a problem regarding bloat. Remember the old adadge If it ain't broke don't fix it.

[Paranoid2000]

Any "decent" firewall will have to issue prompts at some point (e.g. to alert the user to a new application attempting network access or to warn about a change to an existing trusted program). The only way to avoid such prompts is either to pre-configure and lock systems down completely so nothing can change (which means disabling Windows and third-party software updates) or by using an "enterprise" firewall where all configuration is done by a central server (Kerio, Tiny, Outpost offer such versions).

If you go the "lock down" route, most firewalls offer the option of blocking traffic instead of prompting for new and changed applications.

[chaos]

Quote:

Originally Posted by lucid

All,

I recently began to work for a small company that does IT for small businesses. Alot of these businesses run simple peer 2 peer networks of about 5 computers behind your typical off the shelf router.

Previous to my arrival, the company has installed norton internet security as its standard AV/Firewall suite to the computers at these offices.

Having lurked in these forums for a while, I would like to see if the wise people here think there might be a better solution for us to use.

What we need is to strike the best balance between protection and ease of use. Our users are really in no position to answer popups as to what program should and shouldn't be allowed out (and they also don't want to have to call us to help them decide). Norton does seem to excel in automatically configuring access rules and this is why we have been using it. But looking at the tests, its AV abilities are questionable and HOLY CRAP is it ever boated.

Can anyone else suggest some alternatives in an AV and Firewall that would offer better protection without adding complexity?

Thanks in advance.

I would recommend Kav+outpost pro or nod32+outpost pro.
But as paranoid2K said at some point some prompts will inevitably pop.Rarely of course ...

[bigc73542]

Of all the firewalls I have used and that is quite a few the norton firewall pops up about as little as any I have used. And the pop ups are not all that confusing as some firewalls are. regardless what is said about norton products they are effective and user friendly. I never could figure out why some people don't like them. Just sheep in the flock I guess.

[Stem]

lucid,

I cannot see why you feel a change is needed, unless there has been some breach or some continual problems. Removing firewalls that are fully setup/configured and are doing thier job correctly, for replacements that may cause problems with config and possible conflict, well for me, I would leave the setup as is.

[lucid]

As expected, some excellent insight from the fine users of this board.

Perhaps I was a little quick to judge norton out. My main concern with norton is that it seems slower than most to update their signatures and it would be bad to be caught unprotected when something new and nasty starts spreading rapidly.

So is it fair to say that perhaps in this situation, Norton's strengths in ease of use would outweigh any of its potential weaknesess? Paranoid and Chaos (i only name you since you did provide alternatives, anyone else, please feel free to answer as well) would you bother moving away from Norton in this situation?

I guess as an additional followup question, what's the general consensus on the need of a personal firewall in a small business workgroup environment? If the users are behind a Router, would the admin overhead of managing personal firewall software be worth the additional protection provided? Is a good AV enough?

[zapjb]

GhostWall = no popups

http://www.wilderssecurity.com/forumdisplay.php?f=76

And see this as well.
http://www.wilderssecurity.com/showthread.php?t=101643

Then licensing for GhostWall. I'd think that'd be it. Oh and for AV either NOD32 or KAV6.