I have an question, mostly directed at symantec itself.
I work in The Netherlands as an IT Specialist with an company that services about 100+ customers.
We almost exclusivly use Symantec Endpoint Protection and Mail Foundation but my faith is starting to fail in these products.
At several of our customers we have had outbreaks of virusses recently, none of which endpoint of mail foundation stopped.
Oh yes, of course the management interfaces show that threats have been stopped but we have to many occurences that get through.
Our most recent issue has been the anserin (http://www.symantec.com/security_response/writeup.jsp?docid=2005-112315-0608-99) virus. The problem with this one it that the phone home traffic gets you on spam blacklists even with port 25 closed for everyone except the mail server. Causing big disruption with the small to medium business clients.
This is an virus that's pretty old and this gets though endpoint.
By now I'm wondering why symantec's AV products can be bypassed so often when to product is up to date, with full protection enabled...
Even when infected, endpoint was unable to detect the virusses. We had to use an competitors off-line scan solution to find en disinfect the computers.
My goal btw is not to handle every individual case but to discus the general performance of the product.
Any response from symantec would be greatly appriciated.
Dominic