Jump to content



Photo

Centralized AV for Server 2012


  • Please log in to reply
25 replies to this topic

#16 Dan~

Dan~

    Neowinian Senior

  • Joined: 21-May 03

Posted 04 March 2013 - 11:48

McAfee + EPO


#17 cluberti

cluberti

    Neowinian

  • Joined: 01-January 10

Posted 04 March 2013 - 21:59

it is the sccm as a whole. it really is a pain...

Lets go into deploying a client...where is the verification in the admin console that it has been pushed successfully, it has been installed successfully, or if it failed for that matter. Lets go into managing a client that may or may not have the client pushed, how do you tell it was pushed, how do you tell it wasn't, how do you tell if it is in the process of. Lets go into attempting to view anything...connection fails because of a firewall issue..all the ports are open, hell the firewall is disabled...how can it be a firewall issue???

Just about every other management console based software has a way to monitor deployments from start to finish and have a way to be able to tell exactly what is stopping them for the admin to fix the issue. I have used many, kaseya, altiris, level platforms, and labtech and all of them you can tell what is going on at any given point during just about whatever you are doing and you get things like logs and error codes. If ms would just steal one of these management suites it would be beneficial to the rest of us.

If you care to prove differently I have a nice test environment that shows otherwise and would be more than happy to give you a brief tour of what I am complaining about.

Windows already has a gigantic servicing engine that logs just about anything, and an SCCM task sequence can monitor this - in addition, a task sequence that uses MDT integration offers even more (logging and TS customization). As someone who's used most of the deployment products out there at this point, SCCM is in fact at least as powerful and configurable, and the fact it's a lifecycle management product (versus just an OSD product) makes it (and SCEP) worth the price when coupled with the other products in the suite. If you need a management console to troubleshoot for you, you're already behind the 8 ball as you're trusting information from someone or something that may or may not be the OS making judgement calls on failures. Any SCCM OSD should have pre-flight checks so that if failures are going to occur, you catch (and log) them before you start touching the client machine to be (re)installed.

I'd put SCCM and SCEP (+DCM, NAP, and DA) up against any lifecycle management product any day of the week - heck, you get licensing to SCOM and Orchestrator as well with your System Center purchase, which also means endpoint monitoring, reporting, and automation as desired based on things like performance data, event logs, and DCM / NAP configuration.

Honestly, most environments that fail to get the most out of the System Center suite (especially with the 2012 version) comes down to the admins not knowing how to set it up and manage it properly, rather than the software.

#18 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 21
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 04 March 2013 - 23:43

We mainly use sccm for the remote control feature, a simple feature that any of these products support. Sccm fails at connecting almost 40 percent of the time. Some random error about firewall or network connectivity. I can connect with any other software pushing clients to the computer even connecting with rdp, but sccm ha an issue. This is random, sometimes it connects and sometimes it doesn't. If it can't do something this simple we cannot trust it to do anything else.

Firewall is not an issue, we completely disabled it as a test, Dns isn't an issue we can connect to the computer many different ways, network connectivity isn't an issue see previous comment. It doesn't give an error to properly troubleshoot this. We cannot trust a product like this but my predecessor decided this was a good product to go with and we are stuck with something that works half assed.

For craps and giggles, I created a 2012 sccm server in a test environment, that same issue may or may not be there but after I push there is no status on the console to tell you what/where the install is or if it failed or succeeded. He'll I can push to a pc that has been retired, no error no status, nothing. And you probably will see this as no problem....while this is a small environmental test of around 50 live, the production is several thousand some are turned off in the it closet that won't be deployed. The push from sccm is very poorly designed. I would even say the the remote tools also fall in that category. I wouldn't trust this for a proper inventory or to push packages out.

#19 cluberti

cluberti

    Neowinian

  • Joined: 01-January 10

Posted 05 March 2013 - 00:39

I deal with environments of 100,000 PCs or more, and setting up reporting (real time and otherwise) isn't that hard. Push works fine, and reporting does too. If you're seeing retired machines still in SCCM, or having issues pushing packages, that would be an issue to be investigated. Perhaps it's easier for me because I do it for a living and know how to use SQL reporting and SQL in general.

#20 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 21
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 05 March 2013 - 02:38

It is very easy for me to recommend other utilities because I too do it for a living and have been exposed to many tools not just given one package and told to deal with it. I see it from the user side, the admin side, and the tech side. I can't say with 100% certainty that this package is good or worth the money. I have seen many packages from initial testing to production roll out and have trained many. I can tell you in this environment this system doesn't work properly. it is my first go at sccm which was preinstalled to me coming in and dealing with it. From what I see this is a very cumbersome, unfriendly, and near hostile piece of software. For a tool that is supposed to help you it does a lot of fighting against you and makes you job counter productive.

#21 remixedcat

remixedcat

    meow!

  • Tech Issues Solved: 1
  • Joined: 28-December 10
  • Location: Vmware ESXi and Hyper-V happy clouds
  • OS: Windows Server 2012 R2
  • Phone: I use telepathy and cat meows to communicate

Posted 07 March 2013 - 04:52

I can honestly say the Sophos, still, by far was the easiest to setup and configure. I have been busy testing AV suites over the past few days and I still vote for Sophos for large networks.

#22 cluberti

cluberti

    Neowinian

  • Joined: 01-January 10

Posted 08 March 2013 - 22:44

Sophos might be easy to set up, but it's performance impact compared to just about any other A/V product is pretty horrible. There's more to an A/V product than how easy it is to manage.

For what it's worth, other than FEP/SCEP, the very latest Symantec A/V release (12.1.2) actually has a very light performance impact for a good A/V product.

#23 xendrome

xendrome

    In God We Trust; All Others We Monitor

  • Tech Issues Solved: 8
  • Joined: 05-December 01
  • OS: Windows 8.1 Pro x64

Posted 08 March 2013 - 22:45

Trendmicro OfficeScan works well for us.

#24 remixedcat

remixedcat

    meow!

  • Tech Issues Solved: 1
  • Joined: 28-December 10
  • Location: Vmware ESXi and Hyper-V happy clouds
  • OS: Windows Server 2012 R2
  • Phone: I use telepathy and cat meows to communicate

Posted 09 March 2013 - 00:56

Sophos might be easy to set up, but it's performance impact compared to just about any other A/V product is pretty horrible. There's more to an A/V product than how easy it is to manage.

For what it's worth, other than FEP/SCEP, the very latest Symantec A/V release (12.1.2) actually has a very light performance impact for a good A/V product.


That was the opposite for my setup. Mine was very low resource usage.

#25 PGHammer

PGHammer

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 31-August 03
  • Location: Accokeek, MD
  • OS: Windows 8 Pro with Media Center x64

Posted 21 March 2013 - 13:58

Hello folks,

I'm just wondering if there is a AV product out yet that is designed for Server 2012 environments. I'd like to be able to deploy AV clients to Windows 7, Vista, and XP machines on my LAN via my Server 2012 box. Based on the small amount of reading I've done, FEP doesn't yet support Server 2012. Are there other alternatives?


That's because FEP was pretty much replaced by System Center Endpoint Protection (it's the same product, actually) - it's why I'm having to get my feet wet with SCCM for my virtualization test lab. The test lab will have a mixed bag of Windows and Linux clients (I'm adding a Sabayon 11 client right now as I type this). I'm hoping to not need to do a kitchen-sink; preferably, I'll only need CM/EP and VMM along with their prereqs. I have SQL Server 2012 Express SP1 installed with the defaults (it will only be used by System Center). Now I'm trying to figure out the proper settings for SCVMM to link to the SQL Server Express DE - for some reason, I get no warnings, yet the install always bombs connecting to the DE.

#26 PGHammer

PGHammer

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 31-August 03
  • Location: Accokeek, MD
  • OS: Windows 8 Pro with Media Center x64

Posted 10 May 2013 - 16:54

Windows already has a gigantic servicing engine that logs just about anything, and an SCCM task sequence can monitor this - in addition, a task sequence that uses MDT integration offers even more (logging and TS customization). As someone who's used most of the deployment products out there at this point, SCCM is in fact at least as powerful and configurable, and the fact it's a lifecycle management product (versus just an OSD product) makes it (and SCEP) worth the price when coupled with the other products in the suite. If you need a management console to troubleshoot for you, you're already behind the 8 ball as you're trusting information from someone or something that may or may not be the OS making judgement calls on failures. Any SCCM OSD should have pre-flight checks so that if failures are going to occur, you catch (and log) them before you start touching the client machine to be (re)installed.

I'd put SCCM and SCEP (+DCM, NAP, and DA) up against any lifecycle management product any day of the week - heck, you get licensing to SCOM and Orchestrator as well with your System Center purchase, which also means endpoint monitoring, reporting, and automation as desired based on things like performance data, event logs, and DCM / NAP configuration.

Honestly, most environments that fail to get the most out of the System Center suite (especially with the 2012 version) comes down to the admins not knowing how to set it up and manage it properly, rather than the software.


True - heck, I admit that I am very much at sea regarding System Center, especially the improvements in SC 2012. Fortunately, Microsoft is ready to help, with a whole series of System Center 2012 courses offered via Microsoft Virtual Academy, covering every single application in the suite. The courses are free, and even count toward both certification *and* contribute towards CEUs - a classic win/win/win scenario. And they don't require IE, either. (I've been using Firefox to do the coursework.).

The major reason i'm using MVA, as opposed to my usual OJT is that my server OS HDD is currently too little for a full SC 2012 deployment. If such is NOT the case for you, you CAN always grab the six-month trial of the entirety of SC 2012 (it even includes Windows Server 2012 if you lack it) via TechNet.



Click here to login or here to register to remove this ad, it's free!