Hello Everyone,
I am the IT Specialist & Security Admin for the largest textile company in Turkey. We have over 6000 employees, 33 servers, and 550 clients.
We originally installed another vendors AV solution, and found that when the downadup virus hit in April, it infecrted all of our computers worldwide! I was at home when my IT manager sent a message and said, “we need you, there is a virus problem. Can you come in?”
When I arrived, I saw Downadup was everywhere. We had originally decided to use another AV product, as everyone in the IT department trusted the product. However, this product couldn't identify and delete downadup. Because of this, every computer on our network was infected! Our DC (Domain Controller) was down and the addional controller was also down. All servers were down.Terminal servers,file servers etc. We didn't have disaster recovery. We were in trouble!
We didn't know what to do! How could we not have a Disaster Recovery Plan, or no System's Backup? We were pretty upset that our AV solution didn't protect us! At this point, we shut down all the computers and servers, and decided we needed a new solution.
We chose Symantec.
So, the IT management went to the "big boss," to explain we needed a new solution, one that would not only fix our problems, but also have technical feedback and support that would help us immediately. The answers all pointed to Symantec Endpoint Protection.
When we installed the first solution, the decision was made to save money and take the mentality that if a computer fails, we'd simply re-install the OS and move on. That didn't work, considering downadup hit every computer on our network. When IT explained that all data, all email, all customer information and data transfers could be lost, it helped drive home the point that a real AV solution was required.
So, we needed to elaborate on why Symantec was chosen.
We explained that technical support, virus definition creation, and the online technical help was very good.
Additionall, Symantec has a very good reporting tool and very good client & Server communications.
Installing SEP to all computers on the network would be relatively quick. We also needed to articulate the fact that our WAN network and computers in other cities could also be setup with SEP relatively quickly, with different LUA and/or GUP servers for downloading definitions that would stop future outbreaks similar to downadup.
He was in agreement, so supported the decision to contract with Symantec.
At this point, we contacted Symantec, who had someone come out to our location and review our issues, and how and what SEP could do to eliminate the troubles we were experiencing. He installed SEP on our server and began showing us how we could deploy the solution to our multiple clients, create groups, create rules, etc.,
The first thing we did was create a rule for Downadup. We closed autorun.inf files everywhere. Next, we tested SEP on a Flash Disk that had been infected with downadup. As expected, SEP manager saw Downadup and deleted it immediately. It worked flawlessly!
After our test, we began to develop our plan for deploying SEP throughout our WAN.
We began deploying to the clients locally and in other cities, installing LUA. After which, we created new device rules - blocking USB flash dries, blocking p2p programs, blocking mp3 file uploading and sharing, creating new liveupdate rules for all locations, etc.,
I then had reports scheduled and sent to my company email, which was very easy to setup. My reports include Full Report, Risk Report, Unmanaged Clients, Infected Computers, New Risks. Symantec is a complete solution, and I know our network and clients are now secure!
Best Regards.