Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Opinions Needed: Proactive Anti-Virus?
New Posts  All Forums:Forum Nav:

Opinions Needed: Proactive Anti-Virus?

post #1 of 8
Thread Starter 
Hey guys,

So I got into a mini-debate at work this week about proactive use of anti-virus, and whether or not it is necessary.

So let me define what we meant by proactive use:

We currently use Kaseya to manage client machines, and Kaseya has a module for anti-virus, using a modified version of Kaspersky Anti-Vir. It constantly scans client machines, it screens everything, it blocks sites.. and it drains CPU and RAM. Now, this might not be a big deal on a Core i5, but some of our clients are using machines from 2006/2007. When they've already got a lot of things open this can be a real drain.

Now, I expressed my opinion that this is not necessary. We could use a more reactive approach, as in having weekly scheduled scans by an anti-virus program.

I personally advocate for the use of MSE on every computer, and Malwarebytes. Weekly scans with both, and be done with it.

We also do weekly backups of client machines, so if a really nasty rootkit got in there, we could always rollout one of the recent backups.

My argument is that we are doing our clients a disservice by eating up CPU resources with constant scanning, where we could save them some annoyance by using Anti-Virus that is not scanning constantly.

Now, I may be uneducated, I am a junior level tech.

Please, experienced Network/Sys Admins, tell me what you think? What is the ideal anti-vir solution in the corporate environment?
Ender
(8 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 3820 TPOWER X79 GeForce GTX 570 Corsair 16GB 
Hard DriveCoolingOSPower
Crucial M4 128GB SSD Antec Kuhler 620 Win 7 Seasonic M12 600w 
  hide details  
Reply
Ender
(8 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 3820 TPOWER X79 GeForce GTX 570 Corsair 16GB 
Hard DriveCoolingOSPower
Crucial M4 128GB SSD Antec Kuhler 620 Win 7 Seasonic M12 600w 
  hide details  
Reply
post #2 of 8
i'm not experienced in anything but as an average user, avast is good even back when I had a pentium 4 with 1gb of ram
Budget Rig V2
(10 items)
 
  
CPUMotherboardGraphicsRAM
Ryzen R7 1700 @ 3900 Asus AB350M Pro4 EVGA GTX 1080 TI SC2 Hybrid Corsair Vengeance LPx 
Hard DriveCoolingOSMonitor
MyDigitalSSD BPX EVGA CLC 280mm Windows 10 Pro Benq PD3200U 
PowerCase
Seasonic Platinum 660 Fractal Design Mini C 
  hide details  
Reply
Budget Rig V2
(10 items)
 
  
CPUMotherboardGraphicsRAM
Ryzen R7 1700 @ 3900 Asus AB350M Pro4 EVGA GTX 1080 TI SC2 Hybrid Corsair Vengeance LPx 
Hard DriveCoolingOSMonitor
MyDigitalSSD BPX EVGA CLC 280mm Windows 10 Pro Benq PD3200U 
PowerCase
Seasonic Platinum 660 Fractal Design Mini C 
  hide details  
Reply
post #3 of 8
Thread Starter 
Quote:
Originally Posted by Ubernoobie View Post
i'm not experienced in anything but as an average user, avast is good even back when I had a pentium 4 with 1gb of ram
Well we're talking about large corporate environments, where we need something that can be managed by an admin for the users. Not sure what kind of management avast! has.
Ender
(8 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 3820 TPOWER X79 GeForce GTX 570 Corsair 16GB 
Hard DriveCoolingOSPower
Crucial M4 128GB SSD Antec Kuhler 620 Win 7 Seasonic M12 600w 
  hide details  
Reply
Ender
(8 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 3820 TPOWER X79 GeForce GTX 570 Corsair 16GB 
Hard DriveCoolingOSPower
Crucial M4 128GB SSD Antec Kuhler 620 Win 7 Seasonic M12 600w 
  hide details  
Reply
post #4 of 8
Quote:
Originally Posted by archangelabove View Post
Well we're talking about large corporate environments, where we need something that can be managed by an admin for the users. Not sure what kind of management avast! has.
Not great.

I would argue that its more of a dis-service to risk down time because something snuck in. Slower productivity but high levels of security are more important than speedy quickness but being vulnerable. I know everywhere ive worked a premium is put on stability even at the expense of some speed.

Its easy to argue for reactive AV if you think like a consumer, but thinking corporate IT is a whole different ballgame. If you were to get a virus on your personal machine, you can always just rip it out or reinstall your OS.
If an entire network gets hit by something then the whole thing gets shut down.
Micro Mule
(11 items)
 
  
CPUMotherboardGraphicsRAM
i7 6700k MSI Z170I Gaming Pro AC Gigabyte GTX 1070 G1 Gaming 16GB GSkill Ripjaws V DDR4 3200 
Hard DriveCoolingMonitorPower
250GB Crucial MX200, 960GB Adata , 1TB WD Black Noctua NH-L12 LG 27UD68 4k Seasonic M12II 620W 
CaseMouseAudio
Corsair Obsidian 250D Logitech Performance Mouse MX Topping TP-30 Mk2, 2x Polk M10, Sony MDR-7506 
  hide details  
Reply
Micro Mule
(11 items)
 
  
CPUMotherboardGraphicsRAM
i7 6700k MSI Z170I Gaming Pro AC Gigabyte GTX 1070 G1 Gaming 16GB GSkill Ripjaws V DDR4 3200 
Hard DriveCoolingMonitorPower
250GB Crucial MX200, 960GB Adata , 1TB WD Black Noctua NH-L12 LG 27UD68 4k Seasonic M12II 620W 
CaseMouseAudio
Corsair Obsidian 250D Logitech Performance Mouse MX Topping TP-30 Mk2, 2x Polk M10, Sony MDR-7506 
  hide details  
Reply
post #5 of 8
A real-time scanner should already be sufficient.

Full scanning on top of when you're already scanning inbound files and running processes is a bit redundant.
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
post #6 of 8
to me the ideal anti-virus solution would be one with satallite clients installed and the primary anti-virus software installed on the server. all doing the same thing but the satellite clients wouldn't take up nearly as much resources.

with that being said alot of the other stuff is unneccesary such as the internet security protocols and firewalls as windows has a firewall built in as well as most corporations use either a router or a specific hardware firewall depending on the how sensitive the clients data is.

with that why don't you do some research on some other less hungry anti-virus'. i personally use webroot and find it has a very minimal impact on the system and offers some pretty good protection.
    
CPUMotherboardGraphicsRAM
Core 2 Duo E8400 EVGA NF67 Geforce 9800 GT Corsair and OCZ XTC Platinum 
Hard DriveOSMonitorKeyboard
2x 1Tb, 1x 500Gb, 1x 250Gb Win7 Ultimate x64 Acer AL1916W Saitek Eclipse 
PowerCaseMouseMouse Pad
550w Antec P180 Logitech G7 Generic 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Core 2 Duo E8400 EVGA NF67 Geforce 9800 GT Corsair and OCZ XTC Platinum 
Hard DriveOSMonitorKeyboard
2x 1Tb, 1x 500Gb, 1x 250Gb Win7 Ultimate x64 Acer AL1916W Saitek Eclipse 
PowerCaseMouseMouse Pad
550w Antec P180 Logitech G7 Generic 
  hide details  
Reply
post #7 of 8
Thread Starter 
Well the anti-virus we use isn't terrible on resources, but we're doing so many different things at the same time. We audit machines for changes, we push patches, we run various procedures. It's just so many little things pile into big things.

And damn laptop users are the bane of my existence. I love doing all the procedures on desktops at night. But that's not the case with laptops. Grr.

I understand stability over speed, especially in the corporate environment. It's the same reason we buy Dell machines and pay 150 dollars to upgrade 2GB of RAM. Because it reduces liability, and our time as an IT staff is better spent with real issues.. but the DIY Overclocker in me hates to see inefficiency.

I hate buying from Dell and having to pay for upgraded RAM, but my boss refuses to put RAM in there that isn't Dell, for fear of issues being caused, and for fear that installing DECENT RAM in it would take up my time as a tech. (Makes me very mad).
Ender
(8 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 3820 TPOWER X79 GeForce GTX 570 Corsair 16GB 
Hard DriveCoolingOSPower
Crucial M4 128GB SSD Antec Kuhler 620 Win 7 Seasonic M12 600w 
  hide details  
Reply
Ender
(8 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i7 3820 TPOWER X79 GeForce GTX 570 Corsair 16GB 
Hard DriveCoolingOSPower
Crucial M4 128GB SSD Antec Kuhler 620 Win 7 Seasonic M12 600w 
  hide details  
Reply
post #8 of 8
well alot of those things can be changed from daily or live scan's to say over night when the computers are not in use or weekly, patches should only be rolled out as they become a problem or become needed. live scanners can be tweaked, to run in a more low priority mode to keep its impact on the system minimal.
    
CPUMotherboardGraphicsRAM
Core 2 Duo E8400 EVGA NF67 Geforce 9800 GT Corsair and OCZ XTC Platinum 
Hard DriveOSMonitorKeyboard
2x 1Tb, 1x 500Gb, 1x 250Gb Win7 Ultimate x64 Acer AL1916W Saitek Eclipse 
PowerCaseMouseMouse Pad
550w Antec P180 Logitech G7 Generic 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Core 2 Duo E8400 EVGA NF67 Geforce 9800 GT Corsair and OCZ XTC Platinum 
Hard DriveOSMonitorKeyboard
2x 1Tb, 1x 500Gb, 1x 250Gb Win7 Ultimate x64 Acer AL1916W Saitek Eclipse 
PowerCaseMouseMouse Pad
550w Antec P180 Logitech G7 Generic 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Opinions Needed: Proactive Anti-Virus?