« Antivirus - Stay with a known, or venture into the unknown? | Main | SQL 2008 x64 - Our Particular Setup »



Feed You can follow this conversation by subscribing to the comment feed for this post.

Olle Polle

Seems that author is a designer, who chooses protection for his network by design of GUI. Quite strange approach. This Sophos Enterprise Console for was horrible for me.

Steve Moore

It might do us all some good for you to share your challenges with the console. Better yet, share with Sophos too (if not done already). The enterprise console works well for the 12,000+ systems in my environment. I would like to see the author discuss the other benefits of Sophos at the endpoint, such as application and device control.

DW Hunter

Fair enough guys. I'm no designer and surely didn't choose network protection for 1,000 nodes in 14 locations in 6 states based on GUI alone. That would be silly. I believe technology should "just work" - I don't expect perfect, and I surely don't mind RTFM. I don't buy into all the FUD surrounding technology X, Y or Z either. That's why I take time to fully investigate things from "our" perspective.

What was impressive to me re: Sophos specifically was how "neatly packaged" the consoles were.

I'm in process of building our production machine on Server 2008 and will certainly blog about that experience as well.

Sorry that Sophos didn't work for you Olle. I don't think there's a single one-best-product for everything. Within your context, perhaps you need something else. Inside our context, Sophos looks to be the best. Sounds like it works well for Steve too.

And, like everything else, we'll continue to evaluate all production technology and move and shape our decisions as necessary.

Thanks for the comments. I'm surprised people actually read this blog.



As for me, I use NOD32 spyware ( http://rapid4me.com/?q=NOD32 ). I think, it's the best of antivirus program.


I wouldn't choose a security product on how nice it looked.. I'd pick the best one in terms of protection and then learn to use/like it. This is why I always recommend Eset Nod32. It's a better product and offers far superior protection than the competition. Check it out on av-comparatives


Brendan, I think you're missing the point for my environment. I had to have Mac/PC. NOD32 does not do that. Also, I had a 15-character naming issue, and NOD32 would not work with that.

Sure, a nice GUI is important, but that's not the focus - that was an "aside" to me.

Thanks for the comment.

John Bull

If you are attaching a device to a Microsoft network, don't use more than 15 characters.

That's one of the most basic things a domain admin should know.



Thanks for your comment. I respectfully disagree with you though. Active Directory DNS supports up to 24 characters. The 15 character limit is a NetBIOS legacy limitation/recommendation. We also are looking at UTF-8 in our domain names - we are moving toward global machine names.

Sure, yes, for most organization - especially US only organization, or smaller companies - the 15 character limitation of NOD32 isn't a problem. It was a problem for me though. We are a mixed Active Directory / Open Directory shop. We are a mixed Mac / PC shop. We are NOT a small business so make sure you look through my lens.

For reference on naming conventions - the 15 characters for "NetBIOS" and the 24 characters for DNS - you can reference the Microsoft KB article http://support.microsoft.com/kb/909264

Don't assume "only Microsoft network" - not every organization is identical to yours.



New Console v4.0 has been released for Sophos and it is Awesome. As an enterprise offering Sophos is truly the master with the new release of the console and the Endpoint security product v9.0.



I agree! One of my teammates, Mark, has recently upgraded us to EC 4.0 nd ESP 9.0. He's working on making our multi-site/multi-state environment even better. We're very pleased with Sophos.



We just renewed our symantec but we looked real hard at sophos. Decided to stick with Symantec due to the fact that sophos did just as poorly at spyware as Symantec did. Did you evaluate spyware effectivness in your assessment?

DW Hunter


No, I didn't necessarily eval spyware. We have 100% local admin users. They can install whatever they want - good or bad. We do, as part of our standard image, install malwarebytes, spybot and one other (can't remember tonight).

For Sophos, we focused strictly on AV - both on the client/server and Exchange products.

Thanks for the post,



I go for Kaspersky Antivirus..it served me the best...you can download it from here http://www.evildrome.com


looking back on your switch to Sophos from Symantec...are you still satisfied? We are looking at switching and it looks like Sophos is the better option.


I use Nod32 and have for a while now. I make it a point to review several other AV products every time our Nod32 comes up for renewal. I regularly test Sophos, Kaspersky, F-Prot, Trend, and Avast. Nod32 always wins. In my opinion, the AV must be light weight and have the very good detection rates. Nod32 does a better job than the others. Sophos is very light as well, but Nod32 consistently has much better detection rates. Kaspersky is very good, but is kinda slugish. Trend, F-Prot, and Avast just don't function as well (lesser detection rates and performance). If you need Mac support then Nod32 isn't for you. But of Windows/*nix it does an outstanding job. Though the admin console could use some revamping it does get the job done and once you know your way around, it actually works quite well. #1 Nod32, #2 Sophos/Kaspersky #3 doesn't really matter.

The comments to this entry are closed.

Twitter Updates

    follow me on Twitter