So I am currently involved with evaluating new managed client AV products for our environment and LANDesk AV is one of the contenders.
Currently we are running SAV10 however our renewal is comming up soon and we have to upgrade the product to accomodate a Win 7 rollout that is anticipated.
Orignially we considered SEP 11, however the reviews were less than glowing, conifguration seemed cumbersome due to the modules available, and it meant retaining a dedicated VM/server for client management.
The current contenders are as follows:
McAfee Enterprise (upper management is interested from use in past environemnts)
SEP 11 (An updated port from our current SAV10 infrastructure, but reports indicate that it seems somewhat bloated, neither myself in engineering nor security are a fan of continuing with this option currently)
ESET Business Edition (This is the security teams "favorite" as their assesment is that the engine is one of the most advanced out there plus it offers realtime download scanning, though everything I have read which is limited suggests that it is a bit of work to implement it properly and its not as intuitive as other clients, that and the rate of detection isn't any better than simpler clients)
Landesk AV based on Kaspersky (This would be for me the easiest solution as we already use LANDesk for client management, the AV piece is just a module in the agent and is easy to deploy, and as a part of the deployment they include the removal option which means I wouldn't have to script an uninstall process of whatever we have on the systems (primarily SAV though some Sophos)
So while I am leaning towards LANDesk AV because of its convenience and my efforts to consolidate technologies, security is concerned that it might not be the best possible product for threat detection/remediation.
Wondering if anyone has any data they could share if possible or real world expereince with the LD AV client, I think the biggest problem is the lack of knowledge surrounding LD AV by our security people as it is relatively unknown (though they do like the fact that it uses kaspersky defs and the engine).
Also security was concerned that the LANDesk agent did not seem to scan .jpg files, some extended java files, and also did not do real time download scanning which are all things they felt put clients at high risk.
Regardless of what we choose between LDAV and ESET or whatever I feel it stands to be better than where we are with SAV 10, but the ease of deployment and client management as well as possible lower expense are all for me big draws to LDAV...wondering if there is anything I am missing about the product?