MS Forefront Endpoint Protection 2010

Discussion in 'other anti-virus software' started by syk69, Jul 24, 2010.

Thread Status:
Not open for further replies.
  1. syk69

    syk69 Registered Member

    Joined:
    Feb 7, 2010
    Posts:
    183
    Anybody have experience with forefront endpoint security? Pros? Cons? Just to get an idea how it behaves in a network environtment. How easy is the learning curve? Database overhead? Configure ability? Performance hit on workstations? Things like that would be appreciated, thanks!
     
  2. m0unds

    m0unds Guest

    Re: MS Forefront Endpoint Proteciton 2010

    we never ended up really heavily testing it for our environment at work because of a bureaucratic decision to use another product but both the learning curve and performance impact on client machines was minimal. it's a good product with good per-seat pricing, imo.
     
  3. syk69

    syk69 Registered Member

    Joined:
    Feb 7, 2010
    Posts:
    183
    Re: MS Forefront Endpoint Proteciton 2010

    Cool thanks for the insight, did you get a chance to deal with their support? How was it like?
     
  4. 3GUSER

    3GUSER Registered Member

    Joined:
    Jan 10, 2010
    Posts:
    812
    Re: MS Forefront Endpoint Proteciton 2010


    I have tested MS Forefront the previous version in a small test environment and I was not happy because it was way too slow to install , has too many pre-requirements and I find it difficult to operate with . As for the workstation protection - it doesn't have many settings , pretty much nothing to change . I ditched it fast .

    As for support :
    I have dealed with Microsoft's support regarding other products and they have always been perfect - very knowledgable and responding promptly . It is visible that they care about their clients.
    Their virus lab is fast if you send them undetected sample . But the product is not top when it comes to detection ( I find this to be the most important part).
     
  5. syk69

    syk69 Registered Member

    Joined:
    Feb 7, 2010
    Posts:
    183
    Re: MS Forefront Endpoint Proteciton 2010

    Was it a windows 7 64 bit environment? I have only installed the new 2010 version which I think is in beta right now and it installed rather quickly. As far as detection looks to be pretty decent from my test but like I said I wanted to know others experience like yourself which I appreciate. Unfortunately I really don't think any of the corporate AVs offer 100% detection so as long as its within close range its fine and most importantly how support is for dealing with virus outbreak.

    Let me ask you this as well, what product gave you satisfactory detection rate?
     
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    I wouldn't be surprised if the Exchange version was 100% detection, it uses 4 engines.

    Obviously that would be too heavy to have in the client version though.
     
  7. 3GUSER

    3GUSER Registered Member

    Joined:
    Jan 10, 2010
    Posts:
    812
    Re: MS Forefront Endpoint Proteciton 2010

    Hi !
    Sorry for my late reply .


    No , Windows XP and Windows 7 - both x86.



    Yes , decent , but not perfect . I believe that antiviruses must detect viruses/malware and that is their main job . If they can't do their main job in a perfect way (pretty much excellent detection) , they are not for me.


    Yes , unfortunately you are right . Vendors are scared of false positives and that is why they don't implement more and stronger technologies in their business products . If FP occur offen in businesses , a business might easily change the vendor.


    I use Symantec products as for antivirus but prefer and would recommend you McAfee Enterprise 8.7 because I think it has the best detection rate in corporate products (if you turn its Artemis to higher level and if you use its extra feutures). I have absolutely no experience with McAfee's support but Symantec's support has always been perfect - I personally can't complain.

    As for Microsoft - their support is great , I also contacted them earlier today - I am pleased as I have always been.
     
  8. 3GUSER

    3GUSER Registered Member

    Joined:
    Jan 10, 2010
    Posts:
    812
    But 4 engines is also not a guarantee for 100% detection especially in plain scanning ;) It is another question that for email (server) all executables could be blocked
     
  9. syk69

    syk69 Registered Member

    Joined:
    Feb 7, 2010
    Posts:
    183
    Re: MS Forefront Endpoint Proteciton 2010


    McAfee? Wow I have to respectfully disagree. That's what our network uses and its been horrible. We have over 10k stations. The detection rate has been mediocore. Constantly machines getting infected. For example, I scan 1 computer thats infected that I saw on the EPO admin console. Only 2 files detected as infected. I use forefront and there's over 10 viruses on that same pc. Not to mention the false positive disaster of 5958 DAT where it rendered thousands of computers unbootable from detecting svchost.exe as a virus.

    Also we have had to add so many exclusions its ridiculous. Even had to uninstall McAfee to install certain programs that users use because it would block them even though they were safe. Really bad database overhead. Computer performance gets slowed down. To get support to correctly identify malware takes way too long. Going back and forth sending logs and doing full scans when uneccessary due to having submitted sample. I could go on and on with how bad McAfee has been in our network.

    Hence the curiosity of Forefront which Microsoft has been known for being 1 of the best at false positives. If having any at all.
     
  10. 3GUSER

    3GUSER Registered Member

    Joined:
    Jan 10, 2010
    Posts:
    812
    Re: MS Forefront Endpoint Proteciton 2010

    Ooops . I am really sorry . It seems my words caused you some pain . You had to remind yourself some unpleasant experience . Please , excuse me! :thumb:


    Well , yes , 0 false positives . They simply have excellent Quality Assurance Dept. (QA).
     
  11. syk69

    syk69 Registered Member

    Joined:
    Feb 7, 2010
    Posts:
    183
    Re: MS Forefront Endpoint Proteciton 2010

    Not your fault :thumb: McAfee has just been a headache for our network. Really forward to putting it in the past. I appreciate the information none the less. If Microsoft could provide us excellent support and no issues with false positives with good detection rate (hopefully over 95%) then its a step in the right direction for our network.
     
Loading...
Thread Status:
Not open for further replies.