Interesting. Must these guys rename container based virtualization to feather-weight? There is enough confusing in the market as it is without having multiple names for the same thing. Jo _____ From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Rick Mack Sent: Thursday, April 10, 2008 12:49 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: OT: Best Antivirus software Hi, If the results of some of the AV testing are anything to go by, there is no such thing as a really good AV package. PC Magazine ran a large scale test last year and the best AV detection rate was 97% (while CA got the worst at 68% ;-)). On the common AV packages, that means at least 3-5% of all viruses worms and trojans are not detected. There is a russian site that will sell you source code for your own trojan for $200. As it turns out, the frequncy of these custom trojans is so low out in the wild that most of them aren't detected unless you use something a bit smarter like Sophos. If you have a look at the mode of action of the trojans, almost without exception they depend on users being local admins. So simple stuff like a locked down environment, application whitelists (eg Provision Networks Manage-it, part of their enterprise product) and products like appsense application manager may be far more effective than your average AV package. The advent of stuff like feather-weight virtual machines (http://www.ecsl.cs.sunysb.edu/fvm/index.html) that provide an intelligent containment layer for applications may very well replace AV software in future. Even without the additional functional checking, something like running a browser via Thinstall gives you hugely more secure access to the internet than a standard environment with nothing but the standard AV/firewall detection. In terms of standard AV packages, I've stuck with Trend for a long time, but a lot of my customers have used Sophos and it's detected stuff the other AV packages didn't see. Other comments aside, I think that Sophos may very well be one of the best AV packages out there. regards, Rick -- Ulrich Mack Quest Software Provision Networks Division On 4/11/08, Berny Stapleton <berny@xxxxxxxxxxxxxxxxx> wrote: I have had a few problems with AVG in SMB environments where I have seen quite considerable slow down of the machines, to the extent where I see the machines taking 5 or 6 minutes for the user to be able to use the machine from 30 - 50 seconds (After power on). Previously I have used Trend, and although they occasionally send out a bad pattern file which brings the machine to it's knees (I have seen the same thing with McAfee and Symantec) it hasn't served me too badly before.