Symantec: Alert, but Cautious

Symantec is praised for comprehensive virus-snuffing products that provide good management capabilities. Some customers, however, think it needs to ship out antivirus updates faster.

Mark Van Holsbeck is one of them. As director of enterprise security at label maker Avery Dennison, Van Holsbeck uses Symantec’s software on desktop PCs and Trend Micro’s on Lotus Notes e-mail servers. While he’s generally happy with Symantec, Van Holsbeck notes that Trend delivered definition files to protect against the MyDoom virus one hour before Symantec. “For me, time matters,” he says. “Even five minutes can mean thousands of lost dollars.”

Cary Shufelt, network architect at Oregon State University, which uses Symantec antivirus software to protect 5,000 computers, has the same complaint: “Sometimes their signatures aren’t timely. Symantec knows the virus is out there, but they won’t release signatures until the virus threat level exceeds a certain threshold.”

Symantec says that for lower-level threats—category 1 or 2 on the company’s five-point threat scale—it does not issue automatic updates right away. “We don’t want to cry wolf,” says Brian Foster, Symantec’s director of product management for enterprise antivirus. He says Symantec’s Web site offers uncertified “rapid response” definitions that are updated hourly.

For others, Symantec’s lead in the antivirus market is paramount. “I always want to go with someone who’s an industry standard and who I know will be around tomorrow,” says Sterling Beane, director of technology for Braxton County Schools in West Virginia, which uses Symantec’s security gateways and antivirus software.

At Temple University, the Blaster worm brought down 800 computers last summer, costing $500,000 in technician time to clean up, says Tim O’Rourke, vice president of computer and information services. The university was running Network Associates’ McAfee antivirus software on many of its PCs, but it had no policies about using the software or updating the virus definitions on those computers. After surveying several vendors, Temple selected Symantec. “We felt Symantec had a better product, and that it was better managed centrally,” O’Rourke says.