I would have to disagree on this, bloatware can become a big issue for us. Of our 1,000+ PCs at least 15-20% are 7 year old Dell Optiplex G1s, these PCs use Celeron 400MHz processors and have only 256MB of SDRAM. While these PCs are old they do their job quite well (word processing, email, web browsing, hospital terminals, etc), what makes them still usable is the ability to keep the base system resource usage to a minimum.
As for proving which is better I can't do that, but I can offer a large amount of personal experience with multiple AV platforms. It has definitely been my experience that systems running Symantec are much more likely to be infected with virii and/or spyware. It has been a common occurrence that when we take over support for a user or group, we first need to clean up their heavily infected systems and then shortly after we will uninstall Symantec/McAfee/other and install f-prot instead. This will usually solve the majority of these new users problems and usually they won't require much assistance from us on this topic afterwards.
The other problem with bloatware is that many users end up with multiple programs running that are supposed to handle the same task. I had one user who had 4 software firewalls installed on his system and he was wondering why his PC was barely lurching along. Also add to this the list of security vulnerabilities that are introduced by these all-in-one security programs from Norton and McAfee. Just take a look over at the Open Source Vulnerability Database (http://www.osvdb.org) and you will see what I mean. Each one of these vulnerabilities requires patching the actual A/V software itself. There have been 4 vulnerabilities in Norton this year so far. A search for F-Prot or Frisk leads to no entries, heck we have had some users bring in laptops where the A/V engine hadn't been updated in years and the system still had the latest definitions and was virus free.
Spyware is definitely a little more tricky, but we seem to fair pretty well here. Instead of buying a separate software solution we rely on F-Prot's ability to catch the more malicious variants and then lock down user's workstations to prevent the less malicious but more bothersome varieties. While this solution isn't perfect, it doesn't add any cost and the PCs that still have problems are quickly cleaned up by one of our techs.
________________________________________________
Stephen Bogdanski Network Support, MSU-CVM
Michigan State University [log in to unmask]
A227 VetMed Center Phone: (517) 353-5551
East Lansing, MI 48824 Fax: (517) 432-2937
>>> STeve Andre' <[log in to unmask]> 11/01/05 11:57AM >>>
On Monday 31 October 2005 20:35, Margaret Wilson wrote:
> I won't requote prices since Peter has done an excellent job of that
> already. :-) Unlike many antivirus products (especially Symantec) which
> have turned into what I call "bloatware" using up a ton of RAM, NOD32 has a
> small footprint and is very configurable. It also updates daily, sometimes
> more than once. I second Peter's wish that MSU would negotiate reduced
> rates with Eset.
>
> Regards,
>
> Margaret
[snip]
I'm not concerned with "bloatware" (love that term) per se, as something
that works is FAR more important to me than something with a smal
memory footprint.
As with John Valenti, I've found Symantec to be OK. I can't think of the
last time a user got a virus, so the combination of MSU's email spam/
virus filter and Symantec seems to be working well. ...But how do I
prove that? I'm not at all against jumping to a different platform but
judging how well they work isn't simple. Spyware detectors are easier
to judge I think, owing to the sheer volume of dreck out there. So far
I think Spysweeper is one of the winners.
This topic, spyware & virus protection might make for a very lively
interesting NAG meeting.
--STeve Andre'
Political Science
