Symantec's AntiVirus 10 Deployment Woes? 102
loraksus asks: "We recently deployed Symantec AV Corporate version 10 across on our network and have been having nothing but problems.
The new client breaks the MS Office install and causes machines to slow down significantly - some almost to the point of being completely unusable. The client (doscan.exe) also crashes very frequently (daily), and tends to take other things down with it. Symantec's 'workaround' is to drop by every workstation and insert the Office (or Wordperfect, it screws up both applications) CD, remove some office shortcuts and disable some virus scans. Since we manage clients over WAN links hundreds of miles away, this really isn't an option, nor is it an acceptable option given the number of workstations we manage. Are there any other admins dealing with this? Any advice? Solutions?"
"It seems that more and more closed source companies are now rushing software out the door that not only has a couple bugs, but glaring errors that would have easily been caught in even the most basic testing. Of course, we in IT usually have no recourse against these companies other than never buying their products, again.
Do you folks have any advice when it comes to dealing vendors who release software that is unusuable and can't provide an acceptable resolution?"
uh (Score:1, Informative)
Re:uh (Score:3, Insightful)
Especially with worms that spread themselves through open ports you need an active scanner to prevent it from creating a file on the system in the first place.
Sure (Score:4, Informative)
Just tarnish their name with a slashdot article.
I personally don't run virus scanners because of the problems they create. We have Symantec Antivirus 8 at work, but we've removed it from our slower systems and opted for more preventative measures.
Virus scanners do like 1000 times the scanning necessary to be _reasonably_ sure that your system is virus-free. While useful when they actually stop something, overall the cure is worse than the disease. A human just has to check the task manager and run msconfig to spot 90% of the malware out there.
Re:Sure (Score:1)
Can't say as I agree with you on this one. Discerning what should and should not appear in these lists can be more trouble than its worth. Not only that, the majority of the time the poor old human doesn't have the time.
Re:Sure (Score:2)
Re:Sure (Score:5, Funny)
Re:Sure (Score:2, Insightful)
Re:Sure (Score:1)
Re:Sure (Score:2)
Since they just merged with Veritas, it'd be interesting to see how they add any unix OS into the mix.
Re:Sure (Score:1)
-snip-
That would be helpful if it weren't for the fact that is malware out there that prevents the task manager from opening.
What I've seen (Score:4, Informative)
Re:What I've seen (Score:4, Informative)
We have remote offices too and we VNC or RDC over the WAN. It's slowish, but I think having the Office installation on a network share would alleviate many of the submitters woes. It's helped us big time...
Re:What I've seen (Score:3, Interesting)
Guess what we are running?
XP boxes tend to not have the same amount of trouble with this.
Re:What I've seen (Score:2)
1) Build an administrative install point
2) Install/Deploy from it
My advice: (Score:2, Interesting)
Re:My advice: (Score:2)
Re:My advice: (Score:1)
Re:My advice: (Score:1)
Re:My advice: (Score:2)
Re:My advice: (Score:2)
Bah. F-prot is the most unobrustive virus protection I've found.
Maybe... (Score:2)
It might be an idea to create a package of the client for deployment with something like Intel Landesk (don't know any other software deployment systems off the top of my head), or build your own package by using a tool to record all changes to a system while installing the client, apply the fixes, then build something that will copy all needed files and registry settings to the other clients.
It seems to
Re:Maybe... (Score:2)
Uh, Active Directory?
Re:Maybe... (Score:2)
Re:Maybe... (Score:2)
Yes I've never used LanDesk, but you don't ever have to run an installer by pushing a package through the AD if the admin doesn't want you too.
Re:Maybe... (Score:2)
symantec/norton are utter crap (Score:1)
Re:symantec/norton are utter crap (Score:1)
Re:symantec/norton are utter crap (Score:1)
Re:symantec/norton are utter crap (Score:2, Informative)
http://www.virusbtn.com/vb100/archives/products.xm l?eset.xml [virusbtn.com]
http://www.virusbtn.com/vb100/archives/products.xm l?symantec.xml [virusbtn.com]
Re:symantec/norton are utter crap (Score:1)
Re:symantec/norton are utter crap (Score:1)
Re:NOD32 is crap (Score:1)
Re:NOD32 is crap (Score:1)
Re:symantec/norton are utter crap (Score:1)
NOD32: 32 Success / 3 Failure / 5 No Entry
NAV: 28 Success / 6 Failure / 6 No Entry
Yes. (Score:2)
Re:Yes. (Score:1)
Plenty of options available Antivir [hbedv.com], Panda [pandasoftware.com], even AVG [grisoft.com] to name a few. I would not use Mcafee either. I tell all my client and people I know to get Symantec, especially Norton, off of their machine pronto. You are better off without it. the rules are a bit different in an enterprise, but the home use would be better off with nothing (no antivirus software) than with Norton.
Norton because it is the defa
Uh... you tested it first right? (Score:1, Insightful)
In my area of responsibility, something not working is MY fault. It is not the vendors fault, it is my fault for not testing enough or not chosing the right product.
New or updated software gets testing. Then a *limited* rollout. IF, and ONLY IF, it works for the three test users/servers, then it gets rolled out everywhere.
Re:Uh... you tested it first right? (Score:1)
Re:Uh... you tested it first right? (Score:2, Interesting)
Re:Uh... you tested it first right? (Score:2)
He's not driving a passenger car. That is more comparable to Joe Home User. He is operating a fleet of trucks or a racing car. To not test before he bought a new fleet or to enter a race without testing your new suspension would be remiss.
Symantec = bad (Score:3, Funny)
Re:Symantec = bad (Score:2)
Re:Symantec = bad (Score:1)
Re:Symantec = bad (Score:2)
I took a P2 and P3 and glued them together. ; )
Actually, I meant a P4. I can't keep track of all those darn things these days. I just keep throwing money and memory and higher CPUs at these boxes trying to make 'em perform decently.
Re:Symantec = bad (Score:1)
I will show you a room which contains two computers:
2.26 GHz Dell P4 - Windows XP SP2 with Norton 2005
200 MHz Bastard P2 - No current OS, multiple available
You call me ahead of arriving at my house and I will put your choice of Linux/BSD/Windows that I have available on that second box. Then show you that the 200 MHz PC is faster than the 2+ GHz Dell when Norton is d
Re:Symantec = bad (Score:2)
Several years ago, there was a firewall product called AtGuard. It was a small 3 megabyte firewall that was affordable ($25), free updates, stable, logical in operation. It worked just as you would expect an indepen
Re:Symantec = bad (no, your computer is BAD) (Score:1)
The name should have been your first clue (Score:5, Funny)
That would probably be the reason they named it that.
You can't even say they didn't warn you.
--MarkusQ
P.S. If the next update contains a program called something like "fuscan.exe," "bsodscan.exe," or "solscan.exe" I'd advise against running it.
I just rolled it out..... (Score:2, Informative)
This Won't Help (Score:2)
Never be an early adopter of new technology in a mission critical environment. I thought everyone learned their lessons on that from MS Service Pack experiences years ago...
Tech Support? (Score:1, Flamebait)
Re:Tech Support? (Score:3, Insightful)
An IT professional consulting a forum of his peers when official tech support channels* prove to be unhelpful? How uncouth.
*: Or did you miss the "workaround" link?
Well, don't switch to MacAfee (Score:2)
The company did an auto install from the help desk. Some software run times went from 10 min to 3 HOURS. By using exclusions, we have conquered that problem, but it still messes up my acrobat runs by putting in blankl bookmarks. (run the same file on another machien with NAV, and the file is fine.)
I went to AVG (Score:2)
Re:I went to AVG (Score:1)
Re:I went to AVG (Score:2)
Re:I went to AVG (Score:2)
http://www.grisoft.com/doc/Single/lng/us/tpl/tpl0
I tried out the personal so see how it ran... and then went over to the professional. No biggie.
No incentive to make decent AV-ware (Score:5, Insightful)
Symantec relies on a mafia-subscription-type structure, and software so complicated and bad, that un-installing it in many cases isn't an option unless you want to have to re-format your hard drive. That's their business model. It's not based around producing a really excellent product.
This is one of those scenarios where the "competition" has become so lazy, it's almost desirable for Microsoft to put the final nail in the coffin and put them out of business. Their products couldn't be any worse than Microsoft's versions, and at least we'd probably have better work-arounds with bugs.
Test Before Rollout (Score:1)
Re:Test Before Rollout (Score:2)
He's the IT director. The guy who did the rollout has already been fired.
Re:Test Before Rollout (Score:1)
Re: (Score:2)
Re:Solutions: Trend isn't one of em (Score:1)
Testing (Score:4, Insightful)
As much as I hate doing QA and Pilots, they work. For little stuff, screw change management and just change it. But for something like a major release or update, you need to do some testing before you dump the code out to users.
It just makes sense in a CYA way, and makes the weekends yours again.
Panda (Score:1)
Problems w/ Panda firewall (Score:1)
I have had a good experience with the AV product. Only downside is the mandatory registration. What, they don't trust me???
Don't upgrade right away (Score:1)
SAV CE 10 is pretty bad (Score:3, Informative)
Re:SAV CE 10 is pretty bad (Score:1)
Your Solution is as follows: (Score:2)
Next question, please...
No problems here yet (Score:2)
I did notice the automatic scan started after installing the software, which although annoying, was definately not a show-stopper or a point to whine about.
I've migrated quite a few server off of Trend Micro as their software us utter garbage. I'm saddened they bought Intermute, as I hope CWShr
"Any advice? Solutions?" YES... (Score:2)
How much longer are people gonna take crap like this from Microsoft and the never ending rigmarole of having to waste cpu cycles constantly scanning items as they are read in and out of the disk???
It's just unbelievable the sheer crap you guys will put up with... I personally dumped Microsoft back in 2000 and haven't regretted it one single bit...
My solution ... (Score:2)
What? You don't test these things before deployment?
Anecdote (Score:2)
What you should have done.... (Score:1)
Your situation teaches us that no software comany, no matter how big, should be trusted until its been tested in-house.
TEST TEST TEST (Score:3, Insightful)
TEST TEST TEST! if you had done any testing before hand or research you could hae found information of these problems perhaps taken preventivtive measures against some of the problems you are seeing.
All AV software causese a performance hit and my understanding is this software is also now taking out adware, spyware etc regkeys and all in nearlyone motion. I also belive the min reqirements are 128MB ram which means its not accounting for RAM being used by office, SQL, etc, that is for windows and SAV10 alone. So if you are just sporting 128,256, or 384 meg of ram on a machine I would expect to see a performance hit.
Performance Hit (Score:2)
I have seen the same problem with other large AV suppliers as well, the scanning engine just overwhelms the system, which is often taxed due to the 'upgrade' to XP.
At the rate we re going, it will take a 2nd CPU just for scanning..
Symantec has a long history of serious problems. (Score:2)
My experience is that Symantec has a long history of serious problems with new releases. Apparently the company managers are unwilling to hire enough technical staff.
time to move on (Score:1)
At home, Symantec's been slowing down my machines for a couple years now. As their virus signature definitions come up for renewal, I just go to Grisoft [grisoft.com] an
Re:Well, it's not entirely Symantec's fault... (Score:2)
The office issue is also seen in across the network installs, as apparantly there is some issue with it not actually seeing the shares. The office 2k installer is also a bit retarded in that it doesn't let you change the source, you have a oh so wonderful box with "retry" and "cancel"
Nor do you have a central applet that would allow you to disable the login "quick" scans.
Symantec "wisel
Tell symantec that they are fired (Score:2)
They got a enterprise version, home version, oh and a Linux version too!
Yes. (Score:2)
The biggest problem we've hit is that it's causing errors with ClearCase. I haven't dug in to it very much but on Friday we removed the AV from a test system and the new errors in ClearCase stopped.
Re: (Score:1)
You didn't evaluate it??? (Score:1)
Re:pain (Score:3, Insightful)
He's managing systems across a WAN, it should be obvious that that's even less a solution than Synaptic suggested.
I do like to get one point across, though: all those virus scanners, malware removers, and lots of other Windows 'toys' have all this unnecessary cruft around them. They all have a different look and feel, or even a theming system people really don't care about when they use them. There's o
Re:pain (Score:1)
Guess which 'favourite OS' I meant there.
Re:pain (Score:3, Interesting)
It's a much better solution. Granted it'd take time to plan and implement and familiarise users with new software, but in the long run - much better solution.
Note that I gave the URL for ClamWin, which would be a 'quick' (well, quicker) solution. I've havn't used ClamWin extensively, but its light enough to run on windows running under Qemu w
ClamWin (Score:2)
Re:pain (Score:1)