> But overall, an antivirus is not necessary in modern Windows system, so you may skip on these $40.
Er. . .no, that's not true. AV and AM are very important to this day. You just don't have to pay any money to get them, between things like AVG, Avast, and MalwareBytes. These aren't Free as in freedom, but they are Free as in beer for very reliable AV.
And on an enterprise network, you're probably going to be pretty well served with an enterprise edition of Symantec Endpoint Protection (or its equivalent elsewhere), which lets enterprise solutions like BlueCoat ProxySG and CAS prevent problems for your users.
AV is good. Don't not install AV just because some of it costs money.
I largely agree with you, but I am a stickler for AV. If you'd like more of an explanation of why it's important, feel free to ask.
I used to be fairly neutral regarding AV's.
Then I saw all the really stupid and really serious vulnerabilities Tavis Ormandy dug up in pretty much all the AV products, including the Symantec Endpoint Protection (https://googleprojectzero.blogspot.com/2016/06/how-to-compro...).
The sheer amount of incompetence and neglect displayed by AV vendors has made me strongly question third-party AV's being a net positive.
At the end of that article, the writer directly thanked the Symantec team for fixing these problems quickly.
Every company has vulnerabilities. How they respond when told about these vulnerabilities is much more important, and, at least by this account, Symantec is pretty responsible when it comes to responding to the discovery of these vulnerabilities.
And, to be clear, in the past year so, Symantec has been investing heavily into their own security. You can say "They should have done it before" all you want, but the fact that they're doing it speaks to, at the very least, the current leadership's competence.
Especially with the purchase of Blue Coat, they seem to want to bolster their offerings in a more meaningful way than "we give you virus definitions". Given Blue Coat CAS did and continues to use third party virus engines, even post purchase by Symantec, that would imply that Symantec is trying harder to improve their product.
EDIT: Full disclosure, I work heavily with Symantec products, but I do not work for them directly. It's my job to provide _support_ for Symantec products, not to sell them to people.
> Every company has vulnerabilities. How they respond when told about these vulnerabilities is much more important, and, at least by this account, Symantec is pretty responsible when it comes to responding to the discovery of these vulnerabilities
How about eliminate the attack vector in the first place? No third-party AV, no problems.
The more they extend their offerings, the more features they add, the more they extend the attack surface. And the attack surface of an average AV product is HUGE.
Considering the raw amount of incompetence displayed, not having a third-party AV in the first place seems like a reasonable choice.
Want something scanned? Run it through Virus Total or something. Done.
That's not exactly a scalable solution. You have to keep in mind that large companies often have thousands of requests they have to process every _second_. VT is great, but I doubt they'd be happy if they were getting DDoS'd by every major corporation that wanted to run signature checks they didn't have cached.
EDIT: I also think you're misunderstanding. Symantec Endpoint Protection isn't the one that has multiple AV engines. Their (well, Blue Coat's) CAS appliance uses them.
Er. . .no, that's not true. AV and AM are very important to this day. You just don't have to pay any money to get them, between things like AVG, Avast, and MalwareBytes. These aren't Free as in freedom, but they are Free as in beer for very reliable AV.
And on an enterprise network, you're probably going to be pretty well served with an enterprise edition of Symantec Endpoint Protection (or its equivalent elsewhere), which lets enterprise solutions like BlueCoat ProxySG and CAS prevent problems for your users.
AV is good. Don't not install AV just because some of it costs money.
I largely agree with you, but I am a stickler for AV. If you'd like more of an explanation of why it's important, feel free to ask.