- Status
- May 11, 2014
- 1,639
Another gentleman on this forum Nico (congrats on the birth of his child) told me Symantec Endpoint Protection is the best he/company where he works has ever used.
Bitdefender just needs a good shake up!
Bitdefender just needs a good shake up!
- May 11, 2014
- 1,639
May be you could try out and do a general impression of Symantec Endpoint, I really enjoy reading them, as I always want to try them all, but that messed up my previous laptop's SSD, apparently some AV's won't go easily 
May be you could try out and do a general impression of Symantec Endpoint, I really enjoy reading them, as I always want to try them all, but that messed up my previous laptop's SSD, apparently some AV's won't go easily
@Tony Cole
I've been asked to do this several times... and just have avoided it - since - I suspect SE will be an administrative hassle until I get it all sorted out.
@Umbra : Does SE come with built-in automated policies - or does it require all manual configuration ?
Bitdefender products are not "bad" - it just seems a lot of users experience problems with it on their specific systems. It's difficult to tell precisely how many users have issues without any statistics.
Gotta try it out for yourself on your specific system.
A product that deletes threats found with default settings is not good in my opinion.
A product that doesn't give quarantine option for detected threats on ondemand scan is not good in my opinion.
A product that doesn't give quarantine option for detected threats on ondemand scan is not good in my opinion.
I agree.
BD Free deleted a system file without notification during installation. I couldn't recover it.
- Mar 15, 2011
- 13,070
Well some users stated to be problematic on the stability of the system but their free version is actually fine on most cases; I've tested both products on VM before therefore its a case to case basis.
______________________________________________
Anyway. signatures itself are totally ineffective but AV companies still implementing it as because you should have enough backup for offline situation; BB and HIPS are known for hooking process and not intended totally to be your relying protection + Cloud protection for online.
In short, those developers want to maintain all around aspects even there's already a cons/disadvantages.
- May 11, 2014
- 1,639
Yes Symantec Endpoint does have pre-configured policies i.e., antivirus section you can choose default, high or custom security. The application control does have to be configured, but it is very powerful (if configured correctly) will block all Crypto-Ransomware, and a lot more. Sonar and network protection is also very good. Currently trying it out on my old laptop, have been for 1-2 months, Nico advised me to give it a whirl - very powerful. Plus you have stealth settings, e.g., stealth mode web browsing and TCP resequencing.
- Jun 14, 2015
- 857
heh...my attempt at humour. Red letters in the Bible denote Jesus speaking; hence my joke.
That's why I'm not using it (can't speak for everyone).
SEP (unmanaged) comes with a basic setup like any other softs, but from that you have to setup each modules to fit your your needs. that is the difference with homeusers softs where you have different predefined setups. In some modules you don't have much to tweak. the most important in SEP is the firewall module, since you can allow/block/lookup/check everything
read my review of it here
i am the Savior !
exact, but since your detection based AV is supposed to detect those old threats; why they fail at it?
that is my point about detection; i will do an analogy:
1- bullets (common malwares encountered)
2- armor piercing bullet (a zero-day variant of known malware)
3- nuclear weapon (real brand new Zero-Day, not a remix or variant)
4- AV detection module (a bullet proof jacket)
now here we go :
- now i am the big bad evil hitman (aka the malware writter) ,
- oh i have a contract on your head (i want infect you), i shot at you my common bullets , your jacket stop them ! i was expected it !
- now that i know you have a good defense, i throw armor piercing rounds ... i guess i will hit you bad ... unless you are very lucky and use a top notch bullet-proof jacket (AV with very good heuristics).
- ok you survived , you made me mad , i throw at you my nuclear weapon, i nuked the whole city, you died , mission done. your jacket is just a piece of crap now.
now my view of protection:
1- holographic image of me (virtualization)
2- force shield (HIPS & BB, anti-exec properly set)
3- a bullet-proof jacket, i may need it (the AV module)
with the scenario above :
the nuke just hit a fake me , i survived
the nuke hit my force shield , i survived
do i need a bullet-proof jacket?
in the scenario above , if you use MY way of protection, you don't care
i agree , but in fact i don't need an AV.
symantec Norton don't rely much on Detection, the best example is their Smart Definition, oriented on Prevalence only. They also stop participating to all those useless test labs.
SEP is quite ugly in fact
- Jun 14, 2015
- 857
I must have missed something; where are they failing?
1- Same as your #1: I expected it
2- Your shield can fail or otherwise not shield everything (like fricken sharks with fricken lasers because you used a 'force' shield)
3- AH HA! You still have 'outdated' AV even with all your other fancy schmancy stuff
Yes, as the hologram didn't fool me (malware is 'enlightened' now--virtual-aware--and can escape the matrix, Neo) and I go around your shield and bust a cap in yo'...
Seriously, AV scan is still needed and advised as it is better to stop the malware from executing at all rather than catch it afterwards like HIPS and BB would.
Besides...this is what heuristics look like:
- Jun 14, 2015
- 857
No, they don't work when you 1) install them after you're infected, or 2) install too many of them against the warning, or 3) let your subscription lapse (why I don't ever recommend subscription security--"I've been meaning to renew that" is something I've heard often.)just check the number of post in the malware removal forum
Most recent had 3 AVs installed: http://malwaretips.com/threads/proxy-server-virus-127-0-0-1-port-8118.47754/
As to "why they fail" is a loaded question. They aren't 100% and don't claim to be, so some will "fail". Of those failures, how many prompted the user and the user just clicked by it (being desensitised from UAC and all)? How many "failures" weren't "failures" because many would argue (even on MT) that PUPs aren't Malware and adware, hijackers, fake utilities aren't malware, just PUPs. The rest I'd mostly attribute to performance-friendly default settings.
Really, I'd be curious what the failure rate would be if you excluded pilot error, of which there are many.
a failure is a failure wherever it comes from.
AVs, one or two decades ago were supposed to differentiate good files from bad files with almost no user input, quarantine the bad , allowing the good.
now technology and skills (of malware writters) evolved so fast that detection AVs are always behind. when you have a signature for a malware it is already too late , thousands are already infected.
we can prevent and virtualize a whole system or browser (Shadow Defender and Sandboxie), why AVs companies do not focus on that way ?
because traditional AVs are popular for the novice and it afford LOT LOT of CASH for the companies.
AVs, one or two decades ago were supposed to differentiate good files from bad files with almost no user input, quarantine the bad , allowing the good.
now technology and skills (of malware writters) evolved so fast that detection AVs are always behind. when you have a signature for a malware it is already too late , thousands are already infected.
we can prevent and virtualize a whole system or browser (Shadow Defender and Sandboxie), why AVs companies do not focus on that way ?
because traditional AVs are popular for the novice and it afford LOT LOT of CASH for the companies.
- Status
Similar threads
