Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Bug Security Worms

Symantec's AntiVirus 10 Deployment Woes? 102

Posted by Cliff from the stuck-with-buggy-commercial-software dept.
loraksus asks: "We recently deployed Symantec AV Corporate version 10 across on our network and have been having nothing but problems. The new client breaks the MS Office install and causes machines to slow down significantly - some almost to the point of being completely unusable. The client (doscan.exe) also crashes very frequently (daily), and tends to take other things down with it. Symantec's 'workaround' is to drop by every workstation and insert the Office (or Wordperfect, it screws up both applications) CD, remove some office shortcuts and disable some virus scans. Since we manage clients over WAN links hundreds of miles away, this really isn't an option, nor is it an acceptable option given the number of workstations we manage. Are there any other admins dealing with this? Any advice? Solutions?"
"It seems that more and more closed source companies are now rushing software out the door that not only has a couple bugs, but glaring errors that would have easily been caught in even the most basic testing. Of course, we in IT usually have no recourse against these companies other than never buying their products, again.

Do you folks have any advice when it comes to dealing vendors who release software that is unusuable and can't provide an acceptable resolution?"
This discussion has been archived. No new comments can be posted.

Symantec's AntiVirus 10 Deployment Woes? More

Symantec's AntiVirus 10 Deployment Woes?

Comments Filter:

  • uh (Score:1, Informative)

    by Anonymous Coward
    Problem solved [clamav.net].

  • Sure (Score:4, Informative)

    by dtfinch ( 661405 ) * on Friday June 24, 2005 @03:24PM (#12903703) Journal
    Do you folks have any advice when it comes to dealing vendors who release software that is unusuable and can't provide an acceptable resolution?

    Just tarnish their name with a slashdot article.

    I personally don't run virus scanners because of the problems they create. We have Symantec Antivirus 8 at work, but we've removed it from our slower systems and opted for more preventative measures.

    Virus scanners do like 1000 times the scanning necessary to be _reasonably_ sure that your system is virus-free. While useful when they actually stop something, overall the cure is worse than the disease. A human just has to check the task manager and run msconfig to spot 90% of the malware out there.
    • A human just has to check the task manager and run msconfig to spot 90% of the malware out there.

      Can't say as I agree with you on this one. Discerning what should and should not appear in these lists can be more trouble than its worth. Not only that, the majority of the time the poor old human doesn't have the time.
    • It's also great when sysadmins decide to install AV on db servers and run the AV scanner at peak daytimes without giving you the option to turn it off. In our case the process was scanning a 300GB mySQL database... let the good times roll...

    • Re:Sure (Score:2, Insightful)

      by Madoc Owain ( 832726 )
      We're talking about corporate antivirus at the desktop level. You can't first reasonably expect any user who is not intimately familiar with the names of all process threads running on their PC to sift through msconfig looking for what shouldn't be there. Secondly, even if you work in a shop of Windows brainaics, the amount of productivity lost due to users checking their processes is huge compared to the minor inconvenience of a poorly-timed antivirus scan.
    • The part that is not acceptable is that a company of Norton's size only need to support a couple windows OS from the same vendor.

      Since they just merged with Veritas, it'd be interesting to see how they add any unix OS into the mix.

    • A human just has to check the task manager
      -snip-

      That would be helpful if it weren't for the fact that is malware out there that prevents the task manager from opening.

  • What I've seen (Score:4, Informative)

    by MikeDawg ( 721537 ) on Friday June 24, 2005 @03:25PM (#12903723) Homepage Journal
    We just got the new Symantec 10 version. An IT co-worker of mine installed it independent of the control center, and we have noticed major problems with it already too. Outlook works fine, however it completely breaks Thunderbird, and also the terrible performance hit that Windows XP took on his machine. We have the control center installed on a Win 2003 server right now, but the server is completely bare, but there is really no performance hit with nothing else running. We are still testing it though.

    • Re:What I've seen (Score:4, Informative)

      by over_exposed ( 623791 ) on Friday June 24, 2005 @05:21PM (#12904770) Homepage
      I just did a rollout on about 400 XP Pro (SP2) machines and only about 2% of them had that Office issue. All it took was pointing that dialogue box to our network installation source and viola! No more problems. It's actually gone surprisingly smooth given the very random assortment of hardware we have.

      We have remote offices too and we VNC or RDC over the WAN. It's slowish, but I think having the Office installation on a network share would alleviate many of the submitters woes. It's helped us big time...

      • Re:What I've seen (Score:3, Interesting)

        by loraksus ( 171574 )
        The thing is, if you have office 2k on win 2k, you don't get a nice dialogue box and it isn't 2%, but closer to 100%.
        Guess what we are running? :(
        XP boxes tend to not have the same amount of trouble with this.
        • This exact same issue (MSOffice looking for source media) is caused when you patch a badly installed office. Suck it down:

          1) Build an administrative install point
          2) Install/Deploy from it

  • My advice: (Score:2, Interesting)

    by virid ( 34014 )
    Very simple. Get a refund and call Trend Micro.
    • I think if he can't do something that drastic yet, start keeping track of all the time wasted on it.
    • Yes trend's scanner is much faster and just as accurate (if not more!).It's all i'll use on my windows box. A very drastic but money and time saving move, switch your OS!
      • Hahaha...and if you do SOME RESEARCH, their updates bring your system to a HALT. See April pattern update that took out a good chunk of ASIA. Yeah, THERE'S a WINNER. Come on folks, quit crying. There is no perfect software. Never will be. You have to test, and if there are issues demand fixes. Symantec actually is far more innovative than most companies, and maybe that's part of the problem. But, your dammed if you do and dammed if you don't. I'd be more inclined to think that if some of you cleaned
    • Yeah, or in my experience Sophos AV Small-Business Edition. I uninstalled Norton AV from a machine yesterday to get Sophos AV on it like the rest of the company and Sophos found a trojan that had been there for months undetected by Norton. One of the 'information-stealing' kinds. On a CXO's machine. Yay.

    • Bah. F-prot is the most unobrustive virus protection I've found.
  • We mostly use 7.6 and 8.0 at work and should upgrade, but after reading this I think we'll stick to 9.0.
    It might be an idea to create a package of the client for deployment with something like Intel Landesk (don't know any other software deployment systems off the top of my head), or build your own package by using a tool to record all changes to a system while installing the client, apply the fixes, then build something that will copy all needed files and registry settings to the other clients.
    It seems to
    • Intel Landesk (don't know any other software deployment systems off the top of my head)

      Uh, Active Directory?
      • You can't create the kind of packages with AD as you can with Landesk. AD is more for giving you a list of possible software to install, it still uses the regular way of installing software by running the installer. Landesk can push files and registry settings without running any installer.
        • You create an MSI package and publish it via Active Directory. No installer, out of the users control and can reboot the machine or not at the admins request.

          Yes I've never used LanDesk, but you don't ever have to run an installer by pushing a package through the AD if the admin doesn't want you too.
          • Ah, interesting. I havent looked into that aspect of AD myself, but I believe they decided to use Landesk instead of AD because of some things, including the way it installs software.
  • use nod32, norton products suck the big one one one
  • Use someone else.
    • Untitled Document The most concise intelligent response I've read here yet on this subject.

      Plenty of options available Antivir [hbedv.com], Panda [pandasoftware.com], even AVG [grisoft.com] to name a few. I would not use Mcafee either. I tell all my client and people I know to get Symantec, especially Norton, off of their machine pronto. You are better off without it. the rules are a bit different in an enterprise, but the home use would be better off with nothing (no antivirus software) than with Norton.

      Norton because it is the defa

  • Uh... you tested it first right? (Score:1, Insightful)

    by Anonymous Coward
    Uh... you tested it first right?

    In my area of responsibility, something not working is MY fault. It is not the vendors fault, it is my fault for not testing enough or not chosing the right product.

    New or updated software gets testing. Then a *limited* rollout. IF, and ONLY IF, it works for the three test users/servers, then it gets rolled out everywhere.

    • Sadly your an exception to the rule, the average IT admin/manager is a complete idiot anymore. Just recently the latest definition for trendmicro was rolled out UNTESTED and 90% of the computers in the company became non funtional... goodtimes
    • Actually its only your fault if the software works as expected but YOU screwed something up for it not to work properly. If Symantic promised that it would scan virii without messing up his system(s) and he followed the install/configuration procedures perfectly then it isn't his fault that the software doesn't work as expected. It is the vendors fault for selling faulty software. Now it wasn't advantageous for him to have rolled it out untested, but it isn't the admins fault if the product doesn't work
      • Um. No.

        He's not driving a passenger car. That is more comparable to Joe Home User. He is operating a fleet of trucks or a racing car. To not test before he bought a new fleet or to enter a race without testing your new suspension would be remiss.

  • Symantec = bad (Score:3, Funny)

    by mabu ( 178417 ) on Friday June 24, 2005 @03:39PM (#12903893)
    Symantec's products are the only software I've ever seen that can take a 2Gz P5 and make it perform like a P-133. It is really nothing short of amazing how bloated and resource-intensive their products are. I'm beginning to think this is part of their anti-virus strategy: they make the system so ill-performing and unstable, no virus or worm could properly operate.
    • Well, we started with 700-1ghz celerons w/ 128 mb of ram, so you can see how bad it has become :(
    • A "P5"? Hmm...where do you get those?
      • A "P5"? Hmm...where do you get those?

        I took a P2 and P3 and glued them together. ; )

        Actually, I meant a P4. I can't keep track of all those darn things these days. I just keep throwing money and memory and higher CPUs at these boxes trying to make 'em perform decently.
    • Anyone here on Slashdot who dares to dispute the awesome veracity of the parent post needs to plan a trip to Dublin in the near future.

      I will show you a room which contains two computers:
      2.26 GHz Dell P4 - Windows XP SP2 with Norton 2005
      200 MHz Bastard P2 - No current OS, multiple available

      You call me ahead of arriving at my house and I will put your choice of Linux/BSD/Windows that I have available on that second box. Then show you that the 200 MHz PC is faster than the 2+ GHz Dell when Norton is d

    • Given past performance of prior releases, there should be no surprise that SAV 10 has issues out of the box. Any ISA who doesn't lab-test the product first is foolish. Remember when it used to be Norton Antivirus, and weighed in at 6 megabytes? Let me tell you about another Symantec product...

      Several years ago, there was a firewall product called AtGuard. It was a small 3 megabyte firewall that was affordable ($25), free updates, stable, logical in operation. It worked just as you would expect an indepen
    • Actually, I have not seen this. I have run Symantec for years. I am a consultant and find that most people never clean up their systems...that's what really leads to problems. But of course, blame the vendor. I bet half of the people bitching on this board are running an illegal copy of Norton/SAV anyway.

  • The name should have been your first clue (Score:5, Funny)

    by MarkusQ ( 450076 ) on Friday June 24, 2005 @03:40PM (#12903898) Journal

    The client (doscan.exe) also crashes very frequently (daily), and tends to take other things down with it.

    That would probably be the reason they named it that.

    You can't even say they didn't warn you.

    --MarkusQ

    P.S. If the next update contains a program called something like "fuscan.exe," "bsodscan.exe," or "solscan.exe" I'd advise against running it.

  • I just rolled it out to around 300 XP Pro machines on my LAN and 60 across our WAN. So far only a couple head aches with just a few machines on the LAN, mostly with MS Office (Outlook). The patch that Symantec provides works though. This all seems normal to me. NoZ
  • This isn't advice that's useful to you - it's too late for you.

    Never be an early adopter of new technology in a mission critical environment. I thought everyone learned their lessons on that from MS Service Pack experiences years ago...

  • Tech Support? (Score:1, Flamebait)

    by fdiaz5583 ( 531839 )
    I don't understand...since when did Slashdot become a place for technical support? Here's your official Symantec Tech Support line: http://www.symantec.com/techsupp/enterprise/produc ts/sav_ce/sav_ce_10/contact_ts_online.html [symantec.com]

    • Re:Tech Support? (Score:3, Insightful)

      by Keith Russell ( 4440 ) *

      An IT professional consulting a forum of his peers when official tech support channels* prove to be unhelpful? How uncouth.

      *: Or did you miss the "workaround" link?

  • What you are describing is actually better than the experience I am having with MacAfee now.

    The company did an auto install from the help desk. Some software run times went from 10 min to 3 HOURS. By using exclusions, we have conquered that problem, but it still messes up my acrobat runs by putting in blankl bookmarks. (run the same file on another machien with NAV, and the file is fine.)

  • I stopped using non corp SAV last year. I found that when I installed it things started to crawl, even on an Athlon 3000+ nicely loaded. I tried it out on some other machines and had the same result. So for personal and friend use, I started using AVG. At work we had a similar situation. We purchased new machines in the office (P4 3.0 Dells) which had McAffee on them and they even crawled. I wiped a test machine, installed SAV, and it seemed worse. Apps's crashed, errors opening Office and various docs. So

  • No incentive to make decent AV-ware (Score:5, Insightful)

    by mabu ( 178417 ) on Friday June 24, 2005 @04:10PM (#12904170)
    The legacy that Microsoft created, of bundling free software with other core products has scared away many good software developers from wanting to compete in this and other arenas. So just a few who have managed to stay alive because they got started early (Symantec and McAffee) are still around, but there's really not much incentive for them to make their products solid -- I suspect most of these companies are outsourcing programming to India anyway, and their products are so compartmentalized for the purpose of managing big, cheap programming teams, this results in crappy software.

    Symantec relies on a mafia-subscription-type structure, and software so complicated and bad, that un-installing it in many cases isn't an option unless you want to have to re-format your hard drive. That's their business model. It's not based around producing a really excellent product.

    This is one of those scenarios where the "competition" has become so lazy, it's almost desirable for Microsoft to put the final nail in the coffin and put them out of business. Their products couldn't be any worse than Microsoft's versions, and at least we'd probably have better work-arounds with bugs.
  • Do you not test new software before you do a network rollout? When I was an IT director I would have fired anyone who did a deployment w/o testing then you would be dealing with 1 machine and figuring things out rather than asking slashdot.
  • Comment removed based on user account deletion
    • Again, you guys are supposed to be techies - yet you aren't aware of Trend's problems? They have worse QA problems than anyone. Since when should a virus definition update take down your computer. Seems it happened to thousands of systems in April. Poor, Poor choice to go with Trend. At least keep your $$ in the USA.

  • Testing (Score:4, Insightful)

    by RabidMonkey ( 30447 ) <canadaboy.gmail@com> on Friday June 24, 2005 @04:25PM (#12904298) Homepage
    As much as everyone hates testing, this is one thing that should have been caught in QA before the patch/update was released. Come on - you just dropped a major version into how many machines? You mean you didn't catch something like frequent crashes and office breaking in your QA Cycle? In your pilot?

    As much as I hate doing QA and Pilots, they work. For little stuff, screw change management and just change it. But for something like a major release or update, you need to do some testing before you dump the code out to users.

    It just makes sense in a CYA way, and makes the weekends yours again.
  • Also look into Panda Antivirus, I have yet to have a single problem with it, and it will catch a considerable amount of spyware and malware as well. I also couldn't agree with previous posts, symantc and norton is terrible, the worst antivirus in my opinion. I would never use it and have had nothing but problems with the machines that I have worked on that have it installed. It won't update, gets corrupted, it is just crap and i can not believe anyone would put their name to such a shoddy product.
    • I had problems w/ Panda Firewall 2003, and reverted to XP-SP2's less-robust FW.

      I have had a good experience with the AV product. Only downside is the mandatory registration. What, they don't trust me???
  • One thing you can do is simply not upgrade right away. I've never been a big fan of Symantec, but one thing I've learned from them is to not jump on the latest software upgrade. I don't have to deal with them any more, but one customer was 1/2 way through an upgrade to the newest version of A/V when their A/V guy quit. I was handed his job and simply stopped rolling out the newest version. The manager asked me why. A few sample cases where the previous guy had problems rolling it out (taking down serve

  • SAV CE 10 is pretty bad (Score:3, Informative)

    by k00laid ( 731314 ) on Friday June 24, 2005 @04:53PM (#12904527) Homepage
    We got into the testing phase of deployment and it didn't make it past there, instead we've gone back to 9.0.3. A couple things of note from our experience though:
    1. Doscan.exe isn't the primary client application, rather it is the startup scanner app. It is also the proverbial root of all evil. When Doscan is allowed to run, it kicks off a memory leak in Rtvscan.exe (the real client) and we saw memory usage hit the 75-100 MB range, causing the sluggish performance.

    2. The fix that Symantec is going with now is to keep the startup scan from running through a registry change, either before or after installation (KB article here [symantec.com]). I tried this and it did help, but not enough to make it worth it , since I still saw a 30 MB+ memory hit.

    3. As far as I know anything between 9.0.1 and 10.0 is not readily available or even offered unless you call Symantec Licensing Support and ask for it. The very latest version of 9 is the 9.0.3 we have and it seems pretty good.
  • Do you folks have any advice when it comes to dealing vendors who release software that is unusuable and can't provide an acceptable resolution?"
    Yes. Stop using their products.

    Next question, please...
  • I rolled it at a 10-user Windows 2000 desktop/Netware 6.5 server and no problems there. I have it on my laptop and a few other misc machines and no problems or noticible slowdowns... Ran 8, 9 and now 10 just fine.

    I did notice the automatic scan started after installing the software, which although annoying, was definately not a show-stopper or a point to whine about.

    I've migrated quite a few server off of Trend Micro as their software us utter garbage. I'm saddened they bought Intermute, as I hope CWShr
  • jump ship to an OS that doesn't require crap like this... the solution is staring you in the face...

    How much longer are people gonna take crap like this from Microsoft and the never ending rigmarole of having to waste cpu cycles constantly scanning items as they are read in and out of the disk???

    It's just unbelievable the sheer crap you guys will put up with... I personally dumped Microsoft back in 2000 and haven't regretted it one single bit...

  • Is to stay at least one revision behind. I just finished getting everything updated to 9.0.2.1000 and have now tested and approved 9.0.3.1000 for use. We're testing 10 but it won't leave the testing environment until these problems are solved.

    What? You don't test these things before deployment?
  • We've run somewhere between 6.x and 8.x I think. Damned thing will still just inexplicably stop working. Even heard of one instance on a six month old home machine crapping out.
  • Was test it before pushing it company wide. My Company has offices all over the state. Before any new software is deployed, we test it on a small segment(5-10 users) of the userbase at the main office. That way we can discover/ workaround any issues, before we have a thousand computers to fix.

    Your situation teaches us that no software comany, no matter how big, should be trusted until its been tested in-house.

  • TEST TEST TEST (Score:3, Insightful)

    by BenTheDewpendent ( 180527 ) <ben.junknstuff@net> on Friday June 24, 2005 @07:11PM (#12905592) Homepage
    You just deployed a product to your whole network with out testing? Now you bitch about issues you are bumping into? Do you buy a car with out testdriving it?

    TEST TEST TEST! if you had done any testing before hand or research you could hae found information of these problems perhaps taken preventivtive measures against some of the problems you are seeing.

    All AV software causese a performance hit and my understanding is this software is also now taking out adware, spyware etc regkeys and all in nearlyone motion. I also belive the min reqirements are 128MB ram which means its not accounting for RAM being used by office, SQL, etc, that is for windows and SAV10 alone. So if you are just sporting 128,256, or 384 meg of ram on a machine I would expect to see a performance hit.
  • I think that is unfortunately indictive of the current state of affairs..

    I have seen the same problem with other large AV suppliers as well, the scanning engine just overwhelms the system, which is often taxed due to the 'upgrade' to XP.

    At the rate we re going, it will take a 2nd CPU just for scanning..

  • My experience is that Symantec has a long history of serious problems with new releases. Apparently the company managers are unwilling to hire enough technical staff.
  • We've been having that same problem in the office where I work, too. Each installation needs to be baby-sat with Office installation CDs at the ready. And I guess we're at the point where Symantec is so big that it just doesn't care, even with Microsoft's own anti-virus software on the horizon. Symantec already has your money, why fix anything? Duh.

    At home, Symantec's been slowing down my machines for a couple years now. As their virus signature definitions come up for renewal, I just go to Grisoft [grisoft.com] an

  • Go take a peek at Avast! www.avast.com I've been running the home version and loving it for what it does and does not do.
    They got a enterprise version, home version, oh and a Linux version too!
  • We're having problems with it. doscan.exe is taking a LOT of CPU on some systems. We haven't been able to reproduce it in our lab but it hit some developers. Symantec has a reg key to disable that. doscan also crashes, but it seems to be on systems with a lot of Adware so it shows up which systems to scan.

    The biggest problem we've hit is that it's causing errors with ClearCase. I haven't dug in to it very much but on Friday we removed the AV from a test system and the new errors in ClearCase stopped.
  • Comment removed based on user account deletion
  • A good company will have an effective helpdesk (no no, don't laugh). When I worked at Attachmate we had a helpdesk that evaluated new software before putting it on the approved list. This was the practice there, in part, because it was the practice in the firms we sold to (I'm talking multi-thousand seat firms). The annual challenge for Attachmate was to get onto the "approved vendor list" at these major firms. From the helpdesk perspective this makes good sense: you can better support fewer things, and you

Slashdot Top Deals

One man's constant is another man's variable. -- A.J. Perlis

Close