Sometimes the Good Things Never Change

It’s rare in this business that a good product doesn’t become rubbish.  I’ve spent a little while looking at one of my favourite AV solutions, Trend Micro Office Scan (TM OS).  The last time I looked at TM OS it was at V5.58 and it only managed clients.  Now it can do both servers and desktops. 

When I first saw TM OS I didn’t like it.  I was working a 6 month contract and I was tasked with deploying this new AV solution.  It seemed different to me.  All I’d used up to that point were MuckAfee and Sinmantec.  What was different was that Server Protect and OfficeScan were simple to install, simple to deploy, simple to manage and simple to remove (i.e. the uninstall works – imagine that!?!?!?).  They were malware scanners and didn’t try to be a complete security suite that would eventually break your desktops and servers.

I quickly learned the error of my ways (thanks Thorsten) and I ended up buying in and deploying Trend Micro to manage the anti-malware for the global network I designed, deployed and managed after that contract.  There were bugs here and there (probably 3 over 2 years) but support fixed them quickly.  Updates were reliable, reports were simple and usable and it actually stopped infections.  What was best was that the management console was simple to use.  That’s something that MS have implemented with the first version of ForeFront Client Security.  Upgrading the software was easy – update the management server and the clients got updated automatically.  Deploying the client?  You could do it from a website, from a file share, via a login script or create an MSI to deploy automatically via GPO or SMS/SCCM.

I started looking at TM OS this week and was pleasantly surprised.  I knew they’d introduced firewall functionality.  Guess what – I can reliably disable it permanently from the management console!  Wow!  That shouldn’t sound impressive at all but considering the failings of some "yellow pack" software just can’t get this right at all.

And working with firewalls is simple.  ID your website (TCP 8080) and agent ports (TCP port randomly generated but changeable during installation) and you’re laughing:

  • Open both ports on the management server.
  • Open the agent port on the agent computer.

No AD integration is used.  That’s actually a very good thing – hard as it is for me to say.

I’m glad to say that the anti-malware I’ve always liked best is still king of the hill:

  • Simple
  • Reliable
  • Hands-off
  • Effective

EDIT:

It’s a pity about the cost of TM.  They priced themselves out of my market today.  I couldn’t stop laughing when the salesman told me how much they wanted.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.