Symantec vs. Microsoft vs. Kaspersky


Fully [H]
Feb 19, 2008
I recently took over a small side job as part as my normal job. It's a 8-10 user network on Server 2003. They currently have Endpoint (10 or 11) installed but it expired about 2 weeks ago so now I'm looking for either renewing or replacing it.

I really got turned off by Endpoint immediately due to a few things. 1, two people I know told me horror stories of all of the Malware it missed on systems they had to clean up. 2, as soon as I installed the client on a fresh machine, I kept getting blue screens as the registry hives could not load on boot. I removed it and now the system is fine again. It also constantly had cpu cycle's ticking and it did slow the machine down a bit (P4 3ghz 1GB). Truthfully though, I haven't spent any time with the admin console just because I really don't like Symantecs products and don't care to start. I also don't like their business ethics and want to put my money where my mouth is with this purchase. Unfortunately it's already in place and renewing would be the simplest solution here.

I downloaded the trial of Kaspersky Business for Workstations and File Servers and I loved the ease of install. I also checked out the Admin toolkit and felt it was very easy to use. I quickly figured out how to push out installations, updates and modify the protection modules. It also didn't seem to bog down the systems because you don't have to install all of the extra modules if you don't want. Just the file AV and maybe another one or two modules I would use. Plus, I really like the price on this suite, it's very similar to Endpoint pricing for me.

Finally, I love MSE at home so obviously Forefront is a consideration at work. It cost almost $20/seat more though than Kaspersky/Endpoint. I can get a government discount though so it's not going to be necessarily that much more. I will get the price to make sure though, if it's legitimately worth checking out over Kaspersky. If it's worth a little extra then we'll pay it.

I want something that's not going to bog down the system by letting me choose the protection level. Obviously detection performance is most important though, but it's not worth the cost of system performance loss, like Endpoint.

I know someone here has experience with these and can help me make up my mind.
I was looking at kaspersky next round of renewals. We also have SEP, and I can't run away from it fast enough. We're having the same issues you are having, but I'll add in that the admin console fucking sucks. I tried running it in a VM and it was completely unusable. On real hardware was better...marginally, but still not something I want to hassle with day to day. To say nothing of it's "user friendliness", of which it has none.

I'm also field testing Sophos because of it's AD integration. Right now it's between those two.
The non Profit I work for is in the process of switching from Endpoint to Forefront. No idea how it works yet but Symantec is horrible.
We switched from symantec to forefront for the whole company back in august. It has performed much better than symantec ever did. As for how it compares to Kaspersky I have no idea. Keep in mind that forefront is designed to be used with a centralized management server which has some decent overhead requirements. The clients can be installed with their reporting features disabled though.
We used Kaspersky where I work and we just migrated away from it- I found the admin interface quite bad, it kept interfering with legitimate apps and was generally just a PITA to manage. We switched to ESET and right now it's running much better than Kaspersky ever did.
This site ranks Kaspersky #1, but their reviews do not include Microsoft.

If I'm to understand Forefront correctly, all of the client updates are done through WSUS? I don't think I have the time to move them over to that right now. Kaspersky seems to just pull the updates from the Admin kit, which is what I'm looking for right now.
I agree, symantec is junk. Forefront seems pretty good. As far as Kaspersky... I have no real experience.
This site ranks Kaspersky #1, but their reviews do not include Microsoft.

TopTenReviews is well known for being the definition of "Biased reviews based on who pays them the most for advertising that month". It's all advertising and affiliate links there. is the best of the antivirus review sites, real world testing, and honest non-biased results.
We used Kaspersky where I work and we just migrated away from it- I found the admin interface quite bad, it kept interfering with legitimate apps and was generally just a PITA to manage. We switched to ESET and right now it's running much better than Kaspersky ever did.
Well, the newly released kit seems really easy to me. I've been able to find everything I've been looking for and some things I wasn't. How did you guys feel about the actual scanning? Did you find yourself often installing other apps to clean systems?

I have been checking out av-comparatives but it's all home editions. I can't compare Kaspersky 2010 to Symantec 2010 and get the same results as Kaspersky Business 6 vs Endpoint 11. Maybe the scan engines are similar but they have completely different modules. Anyways, according to av-comparatives, Symantec is the one to get right now. I know it's not.

If was going to get 'bought out' by someone, wouldn't it been Symantec who spends a ton on advertising? They're like 6th place.
I've developed a hatred for symantec over years. There corporate stuff is OK, but I dunno if they'll ever win me back after the whole "removing norton hoses your network stack" problem that they had for years. All that being said I'd say endpoint is pretty solid.
I have been using MSSE on some systems recently and I really like how small the foot print is and how integrated it is with windows. I worry about how well it can actually do the job being the new kid on the block though. I've read comparisons that rate it really high, but that doesn't mean very much IMO.
Never messed with Kaspersky in anything above a small biz. I used to like them but discovered that have (or had, haven't kept track) some nasty removal issues similar to removing old versions of norton where it messed up the network connection.
I've hated Symantec for years, but have to admit over the past 2 years..and especially the past year, since they've totally re-writted their engine from the ground up, it's a great product. Detection and cleaning rates are high, and its footprint has gotten VERY light...the home antivirus product rings in at..8 megs now!

When their home engine makes it into their corporate edition product...I don't know. Their management console was quite intuitive, but I recall many hours spent manually removing corrupted workstation installs when the push installs failed.

Kaspersky has consistently been a solid product, great detection rates, fairly slick management console of the biz edition. Some versions were known to be a bit heavy, recent versions have gotten fairly light.

Another option to consider, and the one most of my clients run...Eset NOD32 Business Edition.

The top 3 at, Kaspersky, Eset.

MS Forefront is doing quite well also, and with the STRONG climb over the past year, including added development resources of the MSE should remain a solid choice.

I'd recommend to trial each of them...see which one you feel most comfortable with. With under a 10x node network, esp at gov't pricing...the price shouldn't be much of a factor, you're not talking about a huge budget here with only 10x nodes. It just boils down to "Try a few, see which ones run best on your networks hardware with your applications, combine that with how you feel about the management interface".
Thought I would chime in here with my two cents. I'm no fan of Symantec Endpoint Protection. The management console is absolutely retarded. Half the time push-installs don't work or an upgrade from a previous version through push will fail as well. I will say, however, that the new version 11.0.5 is fairly light-weight and the detection/prevention has drastically improved. If you only have a few seats to deal with then it's a decent choice now. If you have a lot of workstations to manage then I would highly recommend other solutions.

That being said, I'm a big fan of ESET NOD32 AV because of the awesome management console and excellent client. It has good detection rates, easy on the workstations, etc.

I've also been playing around with Sophos because I have a few clients that have Macs and Linux workstations on their domain and Sophos can run on those and also be managed from the server console. It's a bit heavier but very good from my experience so far.
What are the price differences between Microsoft Forefront Client Security & ESNET NOD32 for a medium sized business? (I'd rather not deal with a salesperson unless I have to.)

I can find the prices on MFCS on but not much on NOD32.

We have 55 users and I am looking to move away from Symantec.
Forefront Question: Do you have to use WSUS to update client PC's from a centralized location?
I'd advise check out Sunbelt's VIPRE. I like their product.
I have to give them credit for being funny.

"Kiss your enterprise antivirus bloatware goodbye... "

How good are their detection rates? Find yourself using other tools to clean infected machines or does this product catch them all?
We use it to catch things our enterprise SAV client doesn't detect at the place I work. It's lightweight and doesn't really hamper performance --- they've got lots of benchmarks on their site so you can see how lightweight it is. Seems like a solid product and fairly inexpensive IMO.
Forefront Question: Do you have to use WSUS to update client PC's from a centralized location?

you can use WSUS or use microsoft update on the client side, The only way forefront updates is through windows/microsoft update.