corporate antivirus

network86

New Member
Oct 12, 2011
29
Has anyone used Comodo for business? Is the firewall like the home edition? Or is it more user friendly?
 

loveboy_lion

Level 1
Verified
Feb 23, 2012
511
dont know abut which company uses comodo for business but all universities and collages in US use Comodo SSL certificate
http://www.comodo.com/news/press_releases/2011/09/Comodo-And-InCommon-Partnership.html
 

pcjunklist

Level 1
Dec 28, 2011
523
The easiest corporate AV's to manage are Symantec Endpoint Protection (SEP) and Microsoft System Center 2012 Endpoint Protection (part of SCCM). The most versatile would be MS SCCM, it provides a great management platform with a half decent AV and if your GPO's are set correctly you shouldn't get any viruses. Also MS is a cheaper solution to Symantec. Comodo Enterprise is just the regular CIS that can be run by a Management package which really can't compare to the big names. Comodo is fairly cheap though I think a year deal is only $1 per license. When I get a chance I have a 8 hyper-v server setup with 8 different Enterprise AV's that I intend to test, hopefully end of weekend or early next week.
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Forgot about Microsoft. I'd assume Kaspersky is quite expensive.
 

pcjunklist

Level 1
Dec 28, 2011
523
The thing that really irritates me is almost all the management side of the AV's use Java. I really hate having to install java on a server.
 

nick76

Level 1
Thread author
Jul 2, 2012
58
with Vipre you don't have to install Java anywhere. And it's really easy to manage, but I'm quite unsure about protection
 

pcjunklist

Level 1
Dec 28, 2011
523
If your systems are getting lots of virus's I think you should look over your policies and GPOs. Do you have any gateway protection? Any site blocking on the firewall?

nick76 said:
with Vipre you don't have to install Java anywhere. And it's really easy to manage, but I'm quite unsure about protection
 

malbky

Level 1
Jun 23, 2011
1,011
I agree to pc junklist. There are certain Idiots in our school lab who will disable Kaspersky while using the pcs. THey think its a hinderance. This is how our machines get infected. So I asked the system admin to change the settings in Kaspersky's centralised manager password protect all settings. From that time we have had far less cases of virus issues.
 

nick76

Level 1
Thread author
Jul 2, 2012
58
nope, domain users cannot install/uninstall software, they cannot disable av, and they cannot download exe, cmd, vbs...... They don't have access to removable devices or CD ROM, and everything between inside and outside is strictly filtered. The problem is about some IDIOTS users who have privileges as local admin. Conficker has been inserted with one of these users. but I cannot deny them as local admin. :-(
 

McLovin

Level 76
Verified
Honorary Member
Malware Hunter
Apr 17, 2011
9,222
Are you able to remove them in the active directory users?
 

enaph

Level 28
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,787
Why not try SAAS? http://en.wikipedia.org/wiki/Software_as_a_service
Webroot: http://www.webroot.com/En_US/business-web-security-saas.html
Symantec: http://www.symantec.com/theme.jsp?themeid=symantec-cloud&inid=us_ghp_cont1_symcloud
 

Spirit

Level 2
May 17, 2012
1,832
If I were you i would have go with either Norton or Kaspersky because they have good protection,professional technician, advance knowledge of security.

Yes it can cost you few more $ than other but if you want good protection to business you have to spend some extra bucks.
 

pcjunklist

Level 1
Dec 28, 2011
523
Nobody in a domain should be running as an admin. You should setup a local admin account on the machine so they can use the "run as admin" but not as a day to day operational user. With Win2k8 and Win7 you should be utilizing both Software Restriction Policies and Applocker. If you have the money you should look at bit9 whitelisting much easier to implement. You should also implement some strict computer usage policies with punishments. Forgot to ask, do these local admin's have domain admin rights as well?

nick76 said:
nope, domain users cannot install/uninstall software, they cannot disable av, and they cannot download exe, cmd, vbs...... They don't have access to removable devices or CD ROM, and everything between inside and outside is strictly filtered. The problem is about some IDIOTS users who have privileges as local admin. Conficker has been inserted with one of these users. but I cannot deny them as local admin. :-(
 

malbky

Level 1
Jun 23, 2011
1,011
Cant help if admins are Idiots. Trust me no security can prevent infections when idiots use the pc. Best bet switch to linux.
 

pcjunklist

Level 1
Dec 28, 2011
523
It has nothing to do with the OS it's just following least privilege.
malbky said:
Cant help if admins are Idiots. Trust me no security can prevent infections when idiots use the pc. Best bet switch to linux.
 

nick76

Level 1
Thread author
Jul 2, 2012
58
Forgot to ask, do these local admin's have domain admin rights as well?
No, the local admin aren't domain admins. we have only 6 domain admins with very hard rules with them.
 

pcjunklist

Level 1
Dec 28, 2011
523
Good, that would be a total disaster. You should look into some form of app control either it be applocker or bit9. You may also be able to add a companion scanner on their machine for extra protection, depending on the hardware specs of the laptop. Maybe EAM or mamutu. Have you installed Emet on any of the machines?
nick76 said:
Forgot to ask, do these local admin's have domain admin rights as well?
No, the local admin aren't domain admins. we have only 6 domain admins with very hard rules with them.
 

nick76

Level 1
Thread author
Jul 2, 2012
58
I'm planning to add EMET on all internet enabled wks. I'm testing the resource usage, because normally users tend to be very annoying with wks performances...
 

pcjunklist

Level 1
Dec 28, 2011
523
To help with Emet distribution, not sure what your setup is so I just added some general help links

http://recxltd.blogspot.com/2012/04/recx-emet-configuration-builder.html
http://blogs.technet.com/b/configmgrteam/archive/2012/05/15/deploying-and-configuring-the-enhanced-mitigation-experience-toolkit.aspx
nick76 said:
I'm planning to add EMET on all internet enabled wks. I'm testing the resource usage, because normally users tend to be very annoying with wks performances...
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top