Tag symantec endpoint problems

We have used Symantec products at work as long as I have been there.  Over the years their AV and spam products have done a satisfactory job although the cost for doing so always seemed high to me.  Things started going bad a couple years ago.

Symantec’s product for scanning Exchange for viruses and spam introduced PREMIUM ANTI SPAM.  This was an optional add on for the product.  It promised better spam detection than the base product.  In reality there was next to ZERO spam detection unless you ponied up additional dollars for the premium spam detection.  It really annoyed me that they double dipped the customer like that.  Pay once for the product and then pay more if you want the product to actually work, great business model.

Then Syamntec introduced version 11 of their product called Symantec Endpoint Protection.  This thing is in a word, a pig.  It’s initial release was so buggy that it actually knocked servers offline, making them unable to communicate with clients.  The package is massive bloatware on both the server and client levels.  Any client that is unlucky enough to have SEP loaded on it instantly becomes bogged down by the huge resource demands the software demands.  SEP is a dog, a big fat, lazy dog.  It has all of these features that we didn’t need which did nothing but contribute to the bloat.  The server install is equally messy, requiring installation of a secondary web server as well as using a slow, buggy java app to manage it all. 

Well our renewal was coming due and I decided to look at Vipre from Sunbelt Software.  I have dealt with Sunbelt for years.  They are located right next door in Tampa.  I have read good things about it and downloaded the eval.  Vipre is all about speed.  It concentrates on doing a few things well, anti-virus and anti-malware detection/removal.  The entire Vipre package was only 36 meg.  SEP requires two cd’s worth of code.  Installation of Vipre was easy, the management console was intuitive and pushing out the client was simple.  Another plus is you can automate the removal of SEP when you install the Vipre client.   

Once I got the quote for the product I was treated to yet another pleasant surprise.  The costs are a fraction charged by a corporate monster like Symantec.  In fact over the next three years we would be paying approximately 40% of what we would if we stayed with Symantec. Game over.  I’ll be deploying Vipre over the next few weeks as well as Ninja, their Exchange protection package.  See ya SEP.

So after all the bullshit with IX, I thought I was maybe finally out of the woods after talking to Kenny the manager.  Kenny told me that a vulnerability had been found and was in the process of being addressed.  Well my hopes were dismissed this morning when I discovered that malicious java code was once again injected into the site description of  my PHPBB3 bulletin boards in two domains.

Of course I was pissed.  I decided to forego the electronic ticket system that always seems to route to the Ukraine based dummies.  I called instead.  I got someone that spoke english and I told him the deal.  He asked if I could send in the code that was inserted so they could look into it.  Well at least he didn’t say it was my fault as the Ukraine folks like to do.  We’ll see what happens, if anything.

This weekend is going to be insanely busy.  Tomorrow we have a race to time first thing.  Once returning from that I have a bunch of stuff I want to get done prior to mom’s visit for the holidays.  The list includes mowing and weed whacking, steam cleaning the carpet and a bunch of smaller jobs that are too numerous to list.  We also are going out Saturday night to dinner with my mom to celebrate Ali and my birthdays.  Oh well, it is the holiday season, you are supposed to be busy.   

I did 25 minutes of Wii Fit time last night.  I was starting to sweat through my shirt by the time I was done.

Since my mom introduced me to Zicam at Christmas I have felt the onset of what felt to be illness at least a half a dozen times.  Each time I started feeling shitty I used Zicam and each time it appeared to stave off whatever was trying to get into me.  The other night I started feeling crappy once again but I decided to keep the Zicam in the box.  I started to wonder if using it all the time just puts off the inevitable.  If you don’t get full blown sick from whatever it is, your body never goes through the process of building up an immunity to it so the cycle keeps repeating.  Keep in mind this idea is totally based on my non-medical opinion.  Anyway, the symptoms started Monday and so far it hasn’t progressed, I have just felt a shade under normal.

I have had a ton of things going on at work with new things I am implementing.  After getting 3 new servers on the wire in the past few weeks I have started other projects like upgrading our Symantec AV to version 11, implementing office wide message archiving on to a 4 terabyte NAS device, working on our intranet and setting up some additional rules in Exchange to clean up after users that are either too lazy or too ignorant to empty out their sent and deleted items on a regular basis.

The symantec upgrade has been the most problematic and it was expected.  I don’t think I have ever had a Symantec AV upgrade go smoothly.  The Symantec product line has a lot of features and looks pretty but it also is a hog.  Version 11 of the AV product is the biggest pig of all.  The AV client that goes on workstations manages to mutate from a 60 meg install file to 450 meg on the workstation once it is installed!  That is ridiculous.  I also had a major problem when I pushed the AV client to our main file server, somehow it managed hose the server, cutting it off from communicating on the network which caused a boatload of problems.  Much of yesterday afternoon was spent trying to straighten that mess out.

I called up Symantec for tech support.  After navigating a phone menu and hearing the standard recording “We are experiencing above normal wait times, blah , blah, blah…” I am soon greeted by a live person.  He tells me that if I want to wait, the queue is about an hour to talk to someone.  WTF?  Instead they could put me on a call back list.  I commented “Wow your stuff must have LOTS of problems”  I got put on the call back list.  I still have not received that call.  There are some cool parts of the version 11 product.  The management is much more comprehensive and powerful although the management console requires that you run a version of Java older than the current release which again is stupid.  If you keep your Java up to snuff the Symantec console will simply not work.