May be you could try out and do a general impression of Symantec Endpoint, I really enjoy reading them, as I always want to try them all, but that messed up my previous laptop's SSD, apparently some AV's won't go easily
No, but you can disable any protection module you wish. Same as Comodo...
A product that deletes threats found with default settings is not good in my opinion.
A product that doesn't give quarantine option for detected threats on ondemand scan is not good in my opinion.
Yes Symantec Endpoint does have pre-configured policies i.e., antivirus section you can choose default, high or custom security. The application control does have to be configured, but it is very powerful (if configured correctly) will block all Crypto-Ransomware, and a lot more. Sonar and network protection is also very good. Currently trying it out on my old laptop, have been for 1-2 months, Nico advised me to give it a whirl - very powerful. Plus you have stealth settings, e.g., stealth mode web browsing and TCP resequencing.
heh...my attempt at humour. Red letters in the Bible denote Jesus speaking; hence my joke.
That's why I'm not using it (can't speak for everyone).
Messiah complex? hehe
You haven't said anything new, though. "More damaging" is not synonymous with "more prevalent". "New" malware isn't mutually exclusive with "old" malware--especially since "old" malware is more prevalent and more likely to be encountered.
That's like saying, "bullets are antiquated because nuclear weapons are really damaging" and calling any bullet-proofing "obsolete".
Which threat are we most likely to encounter? Common/bullets/script-kiddies/wannabes or 0-day/uncommon?
Symantec is saying that traditional AV is a necessary layer of security, not obsolete. AV only is an obsolete/ineffective approach to security, AV itself isn't obsolete. Surely you don't disagree with that?
(I like Norton and ran it when my ISP gave it away for free and when beta-testing it/Norton gave it away and it is fast. My only gripe was the crappy UI--an affliction to pretty much all security software--and WS.Reputation.1 = false positive)
I must have missed something; where are they failing?exact, but since your detection based AV is supposed to detect those old threats; why they fail at it?
- now i am the big bad evil hitman (aka the malware writter) ,
- oh i have a contract on your head (i want infect you), i shot at you my common bullets , your jacket stop them ! i was expected it !
- now that i know you have a good defense, i throw armor piercing rounds ... i guess i will hit you bad ... unless you are very lucky and use a top notch bullet-proof jacket (AV with very good heuristics).
- ok you survived , you made me mad , i throw at you my nuclear weapon, i nuked the whole city, you died , mission done. your jacket is just a piece of crap now.
now my view of protection:
1- holographic image of me (virtualization)
2- force shield (HIPS & BB, anti-exec properly set)
3- a bullet-proof jacket, i may need it (the AV module)
Yes, as the hologram didn't fool me (malware is 'enlightened' now--virtual-aware--and can escape the matrix, Neo) and I go around your shield and bust a cap in yo'...do i need a bullet-proof jacket?
No, they don't work when you 1) install them after you're infected, or 2) install too many of them against the warning, or 3) let your subscription lapse (why I don't ever recommend subscription security--"I've been meaning to renew that" is something I've heard often.)just check the number of post in the malware removal forum