Discussion in 'Business & Enterprise Computing' started by Rea:Per, Jul 30, 2018.
so what prompted the switch (or attempted switch) from webroot to sophos?
Yeah I was reading about this the other day, anti-ransomware caching sounds great in theory for workstation IO but not server IO...
We also utilise Sophos SG UTM so I'm interested on the XG UTM and Sophos Intercept X interoperability. We have looked at NextGen stuff cylance, carbon black etc. All the AI stuff is great but I'm pragmatic and think that a solution solely relying on AI/ML rather than traditional signature based has a gap in your defences. I'm also keen on EDR to aid in review/remediation in event of outbreaks.
We're in the middle of a switch from webroot to crowdstrike because our parent company already has 30k seats and webroot can't compare with the pricing. I haven't nearly gotten my head around it yet, compared to webroot it's incredibly complex. EDR seems to be it's bailiwick though.
The one issue we had with Webroot in the years we've been using it is a massive performance hit if you use the built in system optimiser, it's an option under policies that you will apply to various groups/endpoints. We had it scheduled for twice a week, and twice a week like clockwork at those times system performance would crawl to a halt. It took us a long time to figure out the reason behind it though as users being users swore it happened every single day and we couldn't find an event in our environment that matched.
Other than that I still swear by webroot.
I’m still running it and we have migrated the entire company to it now. It’s pretty good, very little issues if any. A huge caveat and it’s huge, not that I care that much, but there is no quarantine section. So if a file is deleted because it thinks it’s a PUA or a false positive.... it’s gone
Other than that, can recommend.
Just to chip in for a second, SEP and similar are foremost signature based AV.
Comparing them to Crowdstrike/Carbon Black etc. is not really apples to apples, they are immensely more complex and offer very different functionality. If you only intend to use a tool for AV and don't have anybody that's dedicated to look at what Crowdstrike and the like flag, you're probably wasting your money as you're not taking advantage of the feature set.
anyone here a symantec.cloud (former messagelabs) shop? Symantec have EOL'd the product and we are looking for an alternate. Vendor helpfully gave us almost no notice of the status.
We use it as a CSP and cloud mail filtering service. Their upgrade path sounds expensive so we are looking for something else. Not using/wanting any Symantec AV or other - just web filtering and mail filtering.
Do you have any more details on this? We use Messagelabs for email filtering and I've heard nothing from them about an EOL, and can only find reference to their web security product being EOL'd online.
Is it this?
We use mimecast here at work, seems decent but I had nothing to do with it's set up or ongoing support
We moved from symantec.cloud after many years to Mimecast for the last couple. Mimecast was significantly more costly but has been a much better platform overall.
Eons ago. It sucked, so we dumped it.
I've recommended these folks to SMBs before. Dunno if they scale well for larger places [edit - says they do government, so I'd assume so]. But their pricing and service is good, and they're on AU soil so it's nice and zippy.
We are moving most people to Office 365 Hosted Exchange plans with the Advanced Threat Protection addon.
On-prem Email doesn't suit most clients anymore, only pay for what you use, and frees up a lot of local resources for other important things.
Sssshhh don't say that out loud! The box huggers will hear you!
That's all I could find, and covers the web security not email security - if it's just the web security going EOL then I'm happy.
From a lot of reports I've seen the built in filtering and ATP still fall short of most external filtering products like messagelabs.
Cmon, it's friday and the rant thread is dead - surely that means it's time for another cloud vs local argument.
we've already established in another thread that elvis prefers his spreadsheets to be cloud based.
i'll have a read over the suggestions, but ya know when the solution you have goes from $10k to $30k per annum you really start to look around.
I also get the feeling that no-one has understood the product.
well thanks for that power.
we are also using symantec.cloud's MX scanning. so now i have to find yet another solution.
taking a look at that M$ Advanced Threat Protection
yes we use the MX scanning as well, you kind of get complacent when the prodcut you are using just works and has done so for quite some time. The replacement sounds like a cash grab from where i'm sitting anyway.