“Enterprise-class”, my ass

The university has licensed a particular brand of anti-virus software for all students, faculty, staff, etc. The department I do IT work for (my day job) has a central console that allows administrators to monitor the status of the anti-virus software on all the computers on the network.
I know it well, as I was the one who set it up.
Unfortunately, it’s a piece of crap and is two major versions out of date (the university only got the newer versions a short while ago). It’s also not going to be supported soon, so we had to upgrade it.
Most end-user software seems to handle in-place updates really well. Mozilla Firefox, Windows, even Acrobat Reader update really easily. Certain other software, like Apache, MySQL, and other such things also update reasonably smoothly.
This anti-virus console is not one of those things.
I honestly couldn’t think of something that’s more of a pain in the ass to upgrade.
It turned out to be faster and easier to simply install the newer console on a different server, configure it by hand, and then manually re-install the client software on the 200 or so desktop systems (again, by hand) than it was to try to upgrade the existing console.
The new one’s quite a bit better than the old one, but there’s still no built-in “upgrade in-place” feature, so in a few years someone’s (hopefully I’ll be in grad school by then) going to have upgrade to the next version. That’ll suck; a lot of the configuration is stored in some unknown way, and not accessible to the GUI or the configuration files. If even the tiniest thing gets out of whack (which happens on occasion), diagnosing the problem (not to mention fixing it) is a massive pain in the ass.
Compare that to Windows Server Update Services — a simple Group Policy change on the clients (( We don’t have an Active Directory, so we can’t push it from a central system, but have to do the changes by hand. There’s a lot of inertia and legacy systems here. Oh well. )) and the clients get all their Windows Updates from the WSUS server, which can manage which updates are to be deployed to clients. Quick, simple, and scalable, all through an intuitive GUI.
Say what you will about Microsoft, but they have enterprise-class management down pat. This anti-virus company, though…not so much…

6 thoughts on ““Enterprise-class”, my ass”

      1. Piece of shit. We used that when I took over IT for my employer. I ditched it for NOD32 by ESet. Not perfect, by any means, but definitely better than Sophos.

        1. I almost want to like Sophos. It’s not awful, particularly the client itself, but the management console and network communications/integration need a lot of improvement.
          We’ve looked at alternatives, but the site license (free to us) makes it quite attractive, particularly with the budget crunch, both at the university and in the department. MS Forefront looks really nice, and integrates well with Microsoft networks, but the price is really steep.
          Fortunately, our users seem pretty smart, Firefox is the default browser on all our network PCs and with WSUS being rolled out to manage system updates, there’s not really a malware problem.
          The big issue is on lab computers, like those that run DNA sequencers and other robots: they’re on a nearly-isolated network, which protects them from most external threats, but there’s some lingering issues from the past (mostly some Conficker-A remnants that still pop up because it’s practically impossible to fix without a fresh install, which isn’t possible for several weeks for various reasons). However, with WSUS, we can keep the systems patched (previously impossible due to the isolated network) and Sophos keeps what issues there are well-contained.
          With the new Sophos console and WSUS, the majority of our standard IT issues go away, leaving us with more resources to actually make more improvements around the department.

  1. We use sophos regularly (SMB line) and have had very few issues with it. It deploys easily, and just works. I have used the Symantec line and think the management console of the Sophos SMB AV is much better.

Comments are closed.