The AV-Test Award 2012

Yep. That is their approach and the whole paradigm behind Insight and SONAR. Digital Signature present? Yes - Clean. No? Flag as suspicious. New program version with digital signature changed? Flag as suspicious. Whitelisted one version, next version again flagged as suspicious.

Can you imagine how much trouble it is for a developer of small free apps or a small-time, low employee developer to pay for digital certificates (the cost is not cheap). Symantec isn't doing good to these smaller developers at all....

But as far as tests go, they can claim "we catch nearly everything"....

 

Interestingly, NIS has just won the AV-Test Award for Best Usability 2012, which includes considerations such as FPs, Warning pop ups etc. Endpoint results in business environment could be quite different of course, but then again, Symantec won that as well??!!. Go figure.

http://www.av-test.org/en/test-procedures/award/2012/

 

Let's just say Symantec's internal whitelisting program prioritizes for larger and more well-known software and clients. As such, it is more difficult to see within test results what lodore and I are talking about.

Still, I don't call Symantec mediocre - they do provide decent protection. It's just that I'm not sure I agree entirely with their process. For sample submission, FP resolution, etc. - it takes a few days to resolve such issues unless you are registered for premium/gold support (endpoint). Other vendors will add detection or fix the FP in a matter of hours, or 1-2 days without paying for any "gold" support.

Those are little bugbears I have with Symantec, but I can't deny their products on the whole still offer fairly decent protection with low system impact.

 

Personally I have always like Norton, but am not using it now, mainly because I do not have the confidence in it since they pulled out of AV-C tests.

I have always liked F-Secure, but it is expensive compared to the prices you can get KIS or Norton for.

At this point in time I am pleased with the protection I am using as shown by my sig.

Regards,
Jerry

 

As for this - they have many business clients and they just like any other big IT company (any big IT support vendor such as IBM, HP, any big security vendor such as McAfee, Microsoft).

I have experience with Microsoft, McAfee and Symantec business security solutions and they do the same with false positives submission and for new samples. They prioritize the sample addition and FP fixing depening the client you are - for example with Symantec - home Norton users are treated with the lowest priority - if a problem occurs, Symantec offer paid Norton services which will manaully remove undetected sample. But if you have basic business support included in the business product or essential, or gold - they act a lot faster when it comes to sample addition or FP fixing. I have done this for my clients. Anyway, submitting undetected samples or FP data, providing information and details in forms takes some time. Microsoft also provides higher priority for some very big business clients, low for any non-MS products human who submits them malware and medium priority for home users of WD, MSE, etc. and medioum for small businesses.

 

er34, even with the "essential" endpoint support, they are still slower than I'd like compared to some of the smaller vendors or even McAfee. You really have to fork out for the "gold support" to get a quick response, and gold support is actually pretty quick (few hours to a day), whereas the "basic" support is more like two days on average. With some other vendors, even the lowest level of support (home user) is as fast as Symantec's basic endpoint support.

I understand Symantec is BIG and has more clients to deal with, but should they not allot staff accordingly?

Other than this I cannot say I have major complaints about Symantec. Detection rates are decent enough and support works for the most part. I do, however, prefer PC Tools to Norton in the consumer space as Norton, in my opinion, has features I don't really need