Kaspersky in the Enterprise - any good?

As subject really.

We currently use Trend Officescan and due to some annoyances with the product I'm looking at alternatives rather than simple hitting renew.

We need to cover around 550 machines, a mix of workstations and servers.

Naturally I want all the "usual stuff" like speed, stability, good detection (especially on Spyware/Trojans) but I also need good central management capabilities and good tech support if/when I require it.

I'm currently trialling NOD32 Enterprise. Kaspersky are next on the list so I'm doing a little advance homework.

Appreciate any comments, good or bad.

TIA.

 

If twas I. I'd pick Kaspersky. KL support must be 20x larger.

 

Kaspersky is #1 in detection and response (AV-Comparatives, Consumer Reports, eWeek, PC World, etc) to outbreaks, as well as #1 rated AntiSpyware (SC Magazine) protection included with all licenses. We have deployments ranging from 10 users to 50,000 users using Kaspersky AntiVirus.

Kaspersky includes a full centralized management with all the business licenses and protects windows/linux workstations, windows/linux/novell servers, exchange/lotus notes/unix mail servers, and Microsoft ISA/checkpoint gateways.

~~ snipped ~~ (LWM)

-Christopher-

Lexan Systems
"Bulletproof Your Network"
http://www.lexansystems.com

ph: (800) 820-6772 x101

 

One of the things I've noticed is that manufacturers have a funny knack of finding tests and reports that rate their product #1

One of the things the Kaspersky UK chap I spoke to today told me was that they took it as a bit of a compliment when at Infosec every A/V company had the banners up proudly showing how their product came top of XYZ test and on every single banner Kaspersky was #2 - a backhanded compliment IYSWIM.

I'm sure I'll see how good it is when I try it out, I guess I'm after feedback on general stability, maintenance required and the remote management aspect mostly.

 

Just in short I would go for Kaspersky for sure.
Best detection rate and great service.
http://www.kaspersky.com/business_products

 

Well at least you don't have to look as hard with Kaspersky, check out any of the recent awards below from the last 12 months alone!

SC Magazine
Av-Comparatives
Consumer Reports
PC World
eWeek
Computer Shopper
C|Net
VB 100
ICSA Labs
West Coast Labs
PC Pro
Test-Seiger
INFO Exame
PC Advisor
PC User
Kurztest
PC Magazin
INternet Compleet
Escholha Info
Mir PK (Personal Computer World)
CHIP Magazine
Computer Idea magazine
APC Magazine
Xtreme PC
Cobet
SecureIT for Business
NetGuide
WinMag Magazine
XChange XCellence
Com!
PC Professional Brand Trak
Computer Buyer



-Christopher-
Lexan Systems
"Bulletproof your network!"
http://www.lexansystems.com
ph: (800) 820-6772

 

Looks liek a very impressive list to me.

 

The last and the only time I used kaspersky was on Vista (dont remember the version # .. but it was 6.xx.xx) and I certainly was not happy with it.

Once when my machine shutdown due to loss of power in the area, Kaspersky gave me a "corrupted database" error on the next bootup. I don't know which databases had gotten corrupt... one? few? all? it didn't tell me which one(s) exactly.. and I dont know whether it was protecting me at that time? It showed a red cross in the systray.

These are just my experiences for the short while that I trialled Kaspersky, they may help you or may not help you.

 

Use version 7 on Vista and you will be surprised.

 

Indeed. Is is fast, secure and very smooth.
Runs great here

 

and not released at the enterprise level at the moment. The enterprise level product is currently at V6, and I assume will be for some time since a V6 MP3 KAV WKS (i.e. the enterprise level product) beta is really just appearing now.

That said, some general comments since I happen to run KAV WKS at home:

• It's a very solid product with respect to detection
• One of the main advantages of V6 and later is the fine granularity of the installation procedure. If there are modules that are unneeded due to coverage elsewhere on your domain, you can configure them to not be installed (vs. simply disabled with most other products). Examples here might include the web and mail AV.
• Test it out on the "least" powerful typical configuration on your network, whatever that may be. KL has worked on performance of late and it has improved significantly, but it is still a somewhat heavy application - not inordinately so, but performance should be assessed before jumping and then having a bunch of unhappy users.
• I've not used the Admin kit for centralized management, so unfortunately can't comment on this since this is where a lot of the enterprise level focus should be. However, I haven't seen any real complaints in connection with this facility.
• In a number of years of use, the main operational issue I've seen is the occasional corrupted definition file update. Generally, it's solved with a reboot. In the worst cases it's required a manual file deletion (generally updcfg.xml). Not a major issue if you keep an eye on things. Not as bad as the standard Live Update stability issues with Symantec (IMHO).

Blue

 

Bingo. That's almost the key thing and rightly or wrongly it can be the best standalone product on the planet but it the remote management/admin side of it sucks ass it will be a non-starter.

I'm downloading the evaluation as we speak, but essentially I want something that is fairly "bare bones" that detects viruses and spyware, not really after an all-singing and dancing "suite" with firewalls and stuff like that.

 

KAV WKS (i.e. KAV for Windows Workstations) is basically KIS with a network connector module as well, so it's the fully loaded product. It is quite nice that an Admin can adjust the install to yield a "bare bones" product without having the other stuff dragged along as disabled modules.

It might make sense to read some of the recent threads in the Protection for Small and Medium Businesses section of the KL forum. That should give you some idea performance/etc. of the enterprise product.

Blue

 

Registration seems broken on the official KAV forums - I registered and it won't let me validate as per the link/backup info in the registration email.

Anyway, I see there are various modules. Whilst I'm not expecting people to do the work for me, I'd be interested to know the pro's and con's of each module in a corporate environment - thinking perhaps Proactive Defence and Mail Scanning isn't needed when we're on a firewalled LAN and use Exchange Server etc.

 

Kaspersky will have a lot more features such as Anti-Spam/Anti-Hacker Firewall but these are centrally managed and easily disabled. Anti-Spam is disabled in the business environment by default (and I recommend such as well).

 

Proactive Defense is Kaspersky's version of HIPS, Host Based Intrusion Protection System. It protects against registry changes as well monitors checksum of application files. It also is used to detect malware like traits, for example if it sees a file doing something like a keylogger even though there is no sig it will notify the user that it suspects there is a keylogger. I think this module is a very important component of Kaspersky, although you the registry module can get noisy. These can be centrally managed though.

I would recommend the mail component, it does a good job integrating with Outlook, but I recommed not using the AntiSpam component unless you really have no other spam protection and no budget. It is very meger and I don't recommend any serious users to use it.

 

It's only been a couple of days since I installed Kaspersky, but my initial impressions are that it is more resource hungry than NOD32.

Also it seems to have introduced some odd things into my system (a nice stable C2D Windows Vista Business Ultimate box) such as Internet Explorer intermittently not opening despite Task Manager showing the process as firing up, and odd applications opening but opening minimized to the taskbar.

I chose to install the File/Web/Anti Hacking and Anti Phishing modules and disabled scanning of Network Drives.

Early days but so far I'm finding NOD32 much less intrusive.

Anyone care to comment if they've found the same or the exact opposite?

 

At least another TMOS user(s) will be dropping like flies - what an insufficient program.

Now to the better point...Yes sireee the K program is superb in every way and one I betaed for my +25,000 plus seats. I can ONLY trust that my employer will move beyond distraction to satisfaction!