My Security Story
I work for a small technical college we have about 350 permanent employees and 300 part-timers with around 5000 students and 1450 altiris nodes. We used Sophos for about 5 years and started having some real problems with the scanning functions. The scan would start and use all system resources until it finished regardless of the settings we tried to change. We were not protected from zero day problems and were devastated by several virus outbreaks. At one point we lost our ability to keep email working for over 3 days due to the product issues and network traffic problems.
One of the operations staff employees saw the "Lightspeed" product at a conference and knew we needed to try something else. No research was done a small server was purchased the operations staff was having some management issues and no one really investigated what we were getting into just glad to be free of the product that seemed to be causing so many issues. We just jumped in no pilot nothing and deployed Light speed across our campus we informed our users that this product would be better than the last and it would free us from the scanning issues that we were plagued with on the desktops the fairy tale began.
Since everyone was sick of Sophos we put our hope in the new product it seemed to function pretty well for about 30 days then the next nightmare for our IT staff began. The Light Speed rep said we did not have it on a powerful enough server so operations did a reinstall on another new server. After about 90 days we started having the same problems and the Light speed rep suggested that we were still running on a box to small for our needs. So the operations folks went out and purchased another server with more processing ability and memory well Light Speed did not deliver.
The installations were never smooth and we had to tweak the product on individual work stations to allow software programs to run because light speed would disable software products. It was very time consuming and everyone complained about the resources that this application used, scanning had to be disabled on many systems to use specific products, We found this product and it was just as bad if not worse for our users.
Everyone including IT started to blame the anti-virus product first for every computer issue. Then we got hit with the conficker –B worm variant and my staff had enough we demanded that we get an enterprise version of something that did more than just scan for viruses.
Working with our new operations manager we looked at a number of products and started to investigate what would work best in our environment. We called our Symantec-Altiris rep and got a copy of SEP since we are using a number of Altiris products we wanted something we could trust and that would work well in our current environment an grow with us as we continue to grow. Our operations staff was not as familiar with Altiris as the technical staff but since we already had a good working relationship with so many other products and after showing them some of the demos on SEP they were willing to at least listen.
We started a pilot program with about 20 nodes the CIO and VP of Finance were both on the pilot the product has been really effective after running the pilot for about 60 days we just received permission to purchase at the start of the new fiscal year July 1, 2009.
Just to be thorough we also piloted several other products including Kaspersky and Microsofts security products we did not want to get into another product that did not perform well in our environment. We made sure we bought the right server, have plenty of memory and room for growth potential since we have three more small campus buildings that will come on line later this year. We are also able to use the deployment server to remove the old client app and push out the new client app with a simple script.
The SEP product was the easiest to work with and our operations staff was extremely pleased with the customer support that Symantec provided during our pilot setup. Our threat protection is finally going to be something we can be proud of and maybe we can overcome some of the negative feelings towards IT by having a product that allows users to actually work in our environment while being protected. The scanning agent does not kill our processing on the desktop and we look forward to a new year with our end point security in place for desktops.