[THIN] Re: OT: Exchange AV scanner of choice
- From: "Taylor, George" <gtaylor@xxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Tue, 14 Sep 2004 09:00:01 -0600
AntiGen from Sybari software has taken care of us very well. It has
several engines you can subscribe to, Norman, NAI, SOPHOS, CA-IT, CA VET
and a worm list they keep. It's pretty good at content filtering, i.e.
who's it from, whats the subject, file types, etc.., it also has a nice
template setup for deploying across mulitple Exchange servers. Now
they'll do SPAM filtering for ya also, but we use another product for
that.
I run it on all of our Exchange servers, I just looked at our main SMTP
server (W2K, Exchange2000 on an XSeries 345), it's catching about 18 -
20 incidents per minute, it's purging most, but quarantining 1 or 2
every couple minutes or so and the server is basically idleing.
Every time I see one of these new piece of crap worms come out I whisper
to myself 'Damn I love Antigen...'
_____
From: Evan Mann [mailto:emann@xxxxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, September 14, 2004 7:06 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] OT: Exchange AV scanner of choice
Little different then the usual AV product of choose question, I'm
looking for Exchange specific recommendations.
I'm using Symantec Mail Security 4.5 and it's starting to give me
problems that appear to be load related. My servers have plenty of
power, but I think the AV engine is choking on the massive influx of
mass mailing worm e-mails I've gotten recently. I see 2-5k a day now
and it's causing services to crash. When they restart, they don't work.
I've tested products about 8 months back, but need new recommendations.
I remember liking AntiGen (Expensive) and Trend, but not liking McAffee
because the UI was non-intuitive and slow (java).
Other related posts:
