Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

McAfee EPO vs Norton CE

Status
Not open for further replies.
mrbase

mrbase

MIS
Oct 14, 2001
50
US
Ok..here is my problem.

I am responsible for AV-covering about 200 servers + 2500 workstations spread over Europe.

Until a few weeks ago I used to cover/manage all systems with Epolicy. This worked great so I wasn't planning on switching to anything else.

Management however is thinking about a vendor switch that will result in changing all AV software from Mcafee to Norton (including the AV management software). They are thinking about Symantec AV Corporate Edition V8.1

From what I know about Symantec CE 8.1 (I used to work with the older versions about three years ago) is that Symantec is ok but I didn't have half of the management and reporting options I now have with EPO.

so here's my question:

How to convince my superiors that McAfee is better suited for managing larger networks, traveling users and that it has far better reporting capabilities.

All the help is welcome :)

The "rooie poon"....is never alone
 
Sort by date Sort by votes
Hi MB, here's my reply to a previous thread:

Before committing to EPO/McAfee last year, we did a head to head comparison of the Symantec & NAI offerings.

a) Based on 9000 seats, we could get a better price from NAI
b) Since my company is global (spread across 15 countries with many sites of varying sizes), EPO was far more scalable to our needs
c) We found Symantec to be more user-friendly, but at the expense of customisation
d) At the time, Symantec didn't appear to have the same level of reporting capabilities, but I'm not sure whether that has now been improved upon
e) The big downside of NAI, as you've probably read many times in this forum is support. They are improving their knowledgebases, but there's a long way to go before they can match Symantec. When an NAI support engineer says they will call you back, just don't believe them.

Hope that helps
 
Upvote 0 Downvote
thanks for your reaction ReallyTallCupboards.

Would you happen to know if there are any independent reviews about both products?

Since we are using EPO for over 2 years now i am aware of the support of NAI. When i have a important issue i always use my direct contacts (either the Territory Manager or a Senior Systems Engineer) They will make sure the issue gets solved.

I did run some tests with NAV CE 8.1 but i simply don't see this software being capable of managing systems over a lot of different locations. Also i am worried about the support of traveling users. And since i also work in a global company (responsible for the European Region) i think i need more scalability then Norton CE offers me.

But i still need some fact info. I contacted my NAI contacts and am waiting on some feedback from them.
But all the info i can gather here is more then welcome.

thnx

The "rooie poon"....is never alone
 
Upvote 0 Downvote
OK..

since i started this thread i might as well keep on filling it :)

here's the info i just received from my NAI contact.
I hope this helps some of you guys in choosing your corporate AV vendor. I know that EPO does the job better (at least for me) then Symantec's CE8.1 but know i have some facts to give to the management.

For all of you out there willing to read some more text here we go:

SSMS / SESA vs. ePO 3.0 (SSC 5.0 vs ePO 3.0)
SSMS / SESA Simply Explained: Symantec have recently released a security management ‘vision’ called Symantec Security Management System (SSMS) which is underpinned by Symantec Enterprise Security Architecture (SESA). This vision outlines their strategy to manage all Symantec Security products and selected 3rd party technology from one console. The three components that were released to support this vision are Incident Manager (IM), Event collector for AV, and Event Collector for firewalls. These tools provide extra visibility and in the case of IM, some event aggregation (described as correlation, but there is a big difference.) However, let’s be clear, if you want to manage a Symantec AV environment, you still need to purchase and implement Symantec System Center 5.0 (SSC). The only change SSMS / SESA will make to this is reporting. You will then need to purchase and implement the event collector component of SESA (difficult and arduous).

ePO 3.0 unique capabilities over SSC 5.0
1. Express global updating - ePO can now update a 50,000 node network in under an hour. Symantec provides no numbers as to how fast they can update a network.
2. True enterprise management – ePO manages desktops, file servers, groupware servers, client firewalls, and threat analysis. It also reports on gateway activity. Symantec ONLY manages desktops, file servers, and client firewalls. ePO allows you to manage your entire virus and blended threat protection infrastructure from one console, saving valuable time during setup and policy implementation.
3. Reporting – When management asks for a report to see that your infrastructure is protecting you against the latest threat or when they want to see compliance reports, it’s only a click away if you’re using ePO. SSC offers NO REPORTING!
4. Find rogue devices, viral vulnerabilities, and ensure 100% coverage – a. Using ThreatScan or NT directory import, auto-discovery of machines simple. SSC offers no way to automatically find and import machines on the network. b. Find unprotected machines and PDA’s connecting to your network – ePO can coordinate rogue machine discovery with ThreatScan. c. ePO with ThreatScan can proactively find viral vulnerabilities before exploitation.
5. Tailored for small or large businesses – ePO is designed to work with small or large offices. With the new Small Business Getting Started Wizard, even the most inexperienced users can setup ePO with confidence in the shortest amount of time possible. More experienced administrators have the option to make ePO scalable by using SQL as a back-end, and customize the install to meet the complex issues of their larger network.
6. Mobile user flexibility – features such as updates from nearest server, and postponable and resumable updates make life for traveling users more friendly without compromising security.
7. Scalability – ePO can manage up to 250,000 nodes with a single server. Symantec’s SSC 5.0 can manage somewhere around 12,000 nodes per server. ePO saves the customer software and hardware costs as well as costs associated with setup and maintenance.
8. Updating – With Express Global Updating ePO can not only automatically download definition updates for distribution, but can also automatically download engine enhancements, service packs, and hotfixes. Natively SSC can handle no updates, that is a function of LiveUpdate. LiveUpdate will NOT handle service packs or hotfixes. By automatically downloading these updates, ePO allows the administrator to rest comfortably knowing that all security enhancements to their McAfee products are downloaded. The risk of infection is greatly reduced.



The "rooie poon"....is never alone
 
Upvote 0 Downvote
And to keep this topic readable i am posting these test results separate.

Summary of McAfee strengths
1. Comprehensive detection of ALL threats, not just so-called 'in the wild' threats.
Isolates the threat before it gets the chance to spread.
2. Advance protection from new threats, using heuristic and generic detection.
Secures the network against many of today's outbreaks.
3. Superior cleaning of viruses and worms and removal of Trojan horses.
Prevents down-time and minimises clean-up costs.
4. Reliable and accurate.
No costly false alarm problem.
5. Effective scanning of compressed, archived and packed files.
Leaves no hiding places for viruses, worms and Trojans.



AV-Test.org - May 2003
McAFEE SYMANTEC
Detection of ITW viruses using 3 month old virus definitions 34/46 30/46
Detection of ITW viruses using 3 month old virus definitions 21/46 15/46



Virus Test Center, University of Hamburg - April 2003
McAFEE SYMANTEC
Detection of VIRUSES under Windows XP 1st 4th
Detection of MALWARE under Windows XP 1st 4th

Full results at


Virus Test Center, University of Hamburg - December 2002
McAFEE SYMANTEC
Detection of VIRUSES under DOS 1st 3rd
Detection of MALWARE under DOS 1st 3rd
Detection of VIRUSES under Windows 98 1st 4th
Detection of MALWARE under Windows 98 1st 5th
Detection of VIRUSES under Windows 2000 1st 5th
Detection of MALWARE under Windows 2000 1st 5th
Detection of VIRUSES under Linux 1st - *
Detection of MALWARE under Linux 1st - *
Same level of VIRUS detection under all Windows platforms 1st - *
Same level of MALWARE detection under all Windows platforms 1st - *

* No place given.
Full results at
AV-Test.org - September 2002
McAFEE SYMANTEC
On-demand detection of Linux ZOO viruses 100% N/A *
On-demand detection of Other [Java, OS/2, Palm] ZOO viruses 92.31%% N/A *
On-demand detection of ZOO ActiveX controls 100% N/A *
On-demand detection of ZOO backdoors 99.36% N/A *
On-demand detection of ZOO Trojans 98.46% N/A *
Archived file formats scanned 22/23 N/A *
Compressed file formats scanned 7/13 N/A *

* Product not tested
Full results at [see test 2002-03]



AV-Test.org - September 2002
McAFEE SYMANTEC
On-demand detection of Linux ZOO viruses 100% N/A *
On-demand detection of Other [Java, OS/2, Palm] ZOO viruses 92.31%% N/A *
On-demand detection of ZOO ActiveX controls 100% N/A *
On-demand detection of ZOO backdoors 99.36% N/A *
On-demand detection of ZOO Trojans 98.46% N/A *
Archived file formats scanned 22/23 N/A *
Compressed file formats scanned 7/13 N/A *

* Product not tested
Full results at [see test 2002-02]



AV-Test.org - December 2001
McAFEE SYMANTEC
On-demand detection of Linux ZOO viruses 100% 56.34%
On-demand detection of Other [Java, OS/2, Palm] ZOO viruses 92.31%% 50%
On-demand detection of ZOO ActiveX controls 100% 100%
On-demand detection of ZOO backdoors 99.36% 75.16%
On-demand detection of ZOO Trojans 98.46% 76.74%
'Correctly and well cleaned' Excel 97 macro viruses 100% 38.1%

Full results at [see test 2001-12]










Virus Test Center, University of Hamburg - February 2002
McAFEE SYMANTEC
On-demand detection of unknown macro viruses 97.8% N/A *
On-demand detection of unknown macro malware 77.3% N/A *
On-demand detection of unknown script viruses 81.7% N/A *
On-demand detection of script malware 73% N/A *

* Product withdrawn from test.
Full results at


AV-Test.org - November 2001
McAFEE SYMANTEC
On-demand detection of ZOO Linux 32-bit file viruses 100% 56.34%
On-demand detection of ZOO other [Java, OS/2, PalmOS] file viruses 92.31% 50%
On-demand detection of ZOO VB script viruses 99.45% 89.56%
On-demand detection of ZOO other script viruses 100% 75%
On-demand detection of ZOO backdoors 100% 74.28%
On-demand detection of ZOO Trojans 99.27% 75.64%

Full results at [see test 2001-10]



Virus Test Center, University of Hamburg - October 2001
McAFEE SYMANTEC
Detection of VIRUSES under DOS 1st 5th
Detection of MALWARE under DOS 1st - *
Detection of VIRUSES under Windows NT 1st 8th
Detection of MALWARE under Windows NT 1st - *
Detection of VIRUSES under Windows 98 1st 7th
Detection of MALWARE under Windows 98 1st - *
Detection of VIRUSES under Windows 2000 1st 8th
Detection of MALWARE under Windows 2000 1st - *
Detection of VIRUSES under Linux 1st - *
Detection of MALWARE under Linux 1st - *
Same level of VIRUS detection under all Windows platforms 1st - *
Same level of MALWARE detection under all Windows platforms 1st - *

* No place given.
Full results at







AV-Test.org - July 2001
McAFEE SYMANTEC
On-demand detection of ITW backdoors 100% 90.23%
On-demand detection of ITW Trojans 100% 71.83%
On-demand detection of ZOO backdoors 99.12% 51.12%
On-demand detection of ZOO Trojans 97.95% 32.26%

Full results at [see Short Tests 2001-07-06]



c't magazine - June 2001
McAFEE SYMANTEC
Detection of virus construction kits 100% 83.3%

Full results in c't magazine, June 2001



Virus Bulletin - July 2001
McAFEE SYMANTEC
'Standard' virus detection [all viruses] 100% 99.61%

Full results in Virus Bulletin, July 2001



Virus Test Center, University of Hamburg - July 2001
McAFEE SYMANTEC
Detection of UNKNOWN VIRUSES and MALWARE under Windows NT 1st N/A *

* Product withdrawn from test.
Full results at


Virus Test Center, University of Hamburg - April 2001
McAFEE SYMANTEC
Detection of VIRUSES under DOS 1st - *
Detection of MALWARE under DOS 1st - *
Detection of VIRUSES under Windows NT 1st - *
Detection of MALWARE under Windows NT 1st - *
Detection of VIRUSES under Windows 98 1st 9th
Detection of MALWARE under Windows 98 1st - *
Detection of VIRUSES under Windows 2000 1st - *
Detection of MALWARE under Windows 2000 1st - *
Detection of VIRUSES under Linux 1st - *

* No place given.
Full results at

The "rooie poon"....is never alone
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

intel233
  • Locked
  • Question
ASA5510 - SSL Cert
Replies
0
Views
198
intel233
intel233
intel233
  • Locked
  • Question
Mcafee EPO 4.5
Replies
2
Views
88
intel233
intel233
intel233
  • Locked
  • Question
EPO 5-Dat Available issue
Replies
0
Views
58
intel233
intel233
Newtt
  • Locked
  • Question
Installing 3rd party software via McAfee EPO server
Replies
0
Views
61
Newtt
Newtt
diembi
  • Locked
  • Question
McAfee can stop my not virus process?
Replies
0
Views
62
diembi
diembi

Part and Inventory Search

Sponsor

Back
Top