SEP Replacement

Discussion in 'Business & Enterprise Computing' started by Rea:Per, Jul 30, 2018.

  1. OP
    OP
    Rea:Per

    Rea:Per Member

    Joined:
    Mar 27, 2011
    Messages:
    264
    Location:
    Sunshine Coast
    so what prompted the switch (or attempted switch) from webroot to sophos?
     
  2. Sphinx2000

    Sphinx2000 Member

    Joined:
    Sep 16, 2001
    Messages:
    7,876
    Location:
    Brisbane
    Yeah I was reading about this the other day, anti-ransomware caching sounds great in theory for workstation IO but not server IO...
     
  3. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    17,714
    Location:
    Canberra
    Partner status.
     
  4. scrantic

    scrantic Member

    Joined:
    Apr 8, 2002
    Messages:
    1,718
    Location:
    3350
    We also utilise Sophos SG UTM so I'm interested on the XG UTM and Sophos Intercept X interoperability. We have looked at NextGen stuff cylance, carbon black etc. All the AI stuff is great but I'm pragmatic and think that a solution solely relying on AI/ML rather than traditional signature based has a gap in your defences. I'm also keen on EDR to aid in review/remediation in event of outbreaks.
     
  5. EvilGenius

    EvilGenius Member

    Joined:
    Apr 26, 2005
    Messages:
    10,342
    Location:
    Rocky
    We're in the middle of a switch from webroot to crowdstrike because our parent company already has 30k seats and webroot can't compare with the pricing. I haven't nearly gotten my head around it yet, compared to webroot it's incredibly complex. EDR seems to be it's bailiwick though.



    The one issue we had with Webroot in the years we've been using it is a massive performance hit if you use the built in system optimiser, it's an option under policies that you will apply to various groups/endpoints. We had it scheduled for twice a week, and twice a week like clockwork at those times system performance would crawl to a halt. It took us a long time to figure out the reason behind it though as users being users swore it happened every single day and we couldn't find an event in our environment that matched.

    Other than that I still swear by webroot.
     
    Last edited: May 28, 2019
  6. Skitza

    Skitza Member

    Joined:
    Jun 28, 2001
    Messages:
    3,753
    Location:
    In your street
    I’m still running it and we have migrated the entire company to it now. It’s pretty good, very little issues if any. A huge caveat and it’s huge, not that I care that much, but there is no quarantine section. So if a file is deleted because it thinks it’s a PUA or a false positive.... it’s gone :)

    Other than that, can recommend.
     
  7. millsy

    millsy Member

    Joined:
    Mar 31, 2007
    Messages:
    12,778
    Location:
    Brisbane
    Just to chip in for a second, SEP and similar are foremost signature based AV.

    Comparing them to Crowdstrike/Carbon Black etc. is not really apples to apples, they are immensely more complex and offer very different functionality. If you only intend to use a tool for AV and don't have anybody that's dedicated to look at what Crowdstrike and the like flag, you're probably wasting your money as you're not taking advantage of the feature set.
     
  8. power

    power Member

    Joined:
    Apr 20, 2002
    Messages:
    59,738
    Location:
    brisbane
    anyone here a symantec.cloud (former messagelabs) shop? Symantec have EOL'd the product and we are looking for an alternate. Vendor helpfully gave us almost no notice of the status.

    We use it as a CSP and cloud mail filtering service. Their upgrade path sounds expensive so we are looking for something else. Not using/wanting any Symantec AV or other - just web filtering and mail filtering.
     
    Last edited: Jul 25, 2019
  9. wazza

    wazza Member

    Joined:
    Jun 28, 2001
    Messages:
    3,461
    Location:
    NSW
    Do you have any more details on this? We use Messagelabs for email filtering and I've heard nothing from them about an EOL, and can only find reference to their web security product being EOL'd online.
     
  10. Gunna

    Gunna Member

    Joined:
    Dec 25, 2001
    Messages:
    7,207
    Location:
    Brisbane
  11. scrantic

    scrantic Member

    Joined:
    Apr 8, 2002
    Messages:
    1,718
    Location:
    3350
    We moved from symantec.cloud after many years to Mimecast for the last couple. Mimecast was significantly more costly but has been a much better platform overall.
     
  12. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    37,907
    Location:
    Brisbane
    Eons ago. It sucked, so we dumped it.

    I've recommended these folks to SMBs before. Dunno if they scale well for larger places [edit - says they do government, so I'd assume so]. But their pricing and service is good, and they're on AU soil so it's nice and zippy.
    https://www.mailguard.com.au/
     
    Last edited: Jul 29, 2019
  13. Sphinx2000

    Sphinx2000 Member

    Joined:
    Sep 16, 2001
    Messages:
    7,876
    Location:
    Brisbane
    We are moving most people to Office 365 Hosted Exchange plans with the Advanced Threat Protection addon.
    https://products.office.com/en-au/exchange/advance-threat-protection

    On-prem Email doesn't suit most clients anymore, only pay for what you use, and frees up a lot of local resources for other important things.
     
    Last edited: Jul 26, 2019
  14. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    37,907
    Location:
    Brisbane
    Sssshhh don't say that out loud! The box huggers will hear you!
     
    millsy likes this.
  15. wazza

    wazza Member

    Joined:
    Jun 28, 2001
    Messages:
    3,461
    Location:
    NSW
    That's all I could find, and covers the web security not email security - if it's just the web security going EOL then I'm happy.


    From a lot of reports I've seen the built in filtering and ATP still fall short of most external filtering products like messagelabs.

    Cmon, it's friday and the rant thread is dead - surely that means it's time for another cloud vs local argument.
     
    elvis likes this.
  16. looktall

    looktall Working Class Doughnut

    Joined:
    Sep 17, 2001
    Messages:
    24,765
    we've already established in another thread that elvis prefers his spreadsheets to be cloud based.
     
  17. power

    power Member

    Joined:
    Apr 20, 2002
    Messages:
    59,738
    Location:
    brisbane
    i'll have a read over the suggestions, but ya know when the solution you have goes from $10k to $30k per annum you really start to look around.

    I also get the feeling that no-one has understood the product.
     
    Last edited: Jul 26, 2019
  18. OP
    OP
    Rea:Per

    Rea:Per Member

    Joined:
    Mar 27, 2011
    Messages:
    264
    Location:
    Sunshine Coast
    well thanks for that power.

    we are also using symantec.cloud's MX scanning. so now i have to find yet another solution.
    geeez

    taking a look at that M$ Advanced Threat Protection
     
  19. power

    power Member

    Joined:
    Apr 20, 2002
    Messages:
    59,738
    Location:
    brisbane
    yes we use the MX scanning as well, you kind of get complacent when the prodcut you are using just works and has done so for quite some time. The replacement sounds like a cash grab from where i'm sitting anyway.
     

Share This Page

Advertisement: