Tuesday, November 13, 2007

Why I'm beginning to hate Symantec

Normally my blog is about recanting the rituals and animal sacrifices necessary to resurrect dead systems from the great bit bucket in the sky. Today however we'll take a small departure and go over why I'm beginning to hate Symantec. Now don't get me wrong, I've used products from other companies like mcafee and Avert and Nod and some of those ones named after small asian furry creatures and I've yet to meet any that could catch all viruses all the time. And now that malware, spyware, and adware have joined the fray they're all starting to seem pretty sucky. You begin to miss all that extra computing power that you lose when you have to run 2 or 3 different programs on your home box just to feel remotely safe.

So anyway I got an email blast from Symantec today notifying me that I automatically am getting an upgrade to the latest and greatest successor to the Enterprise Edition of their A/V solution. Now I've found that the old 10.2 was pretty decent, didn't cause many problems, and caught just enough junk that it wasn't worth the time to evaluate other vendors. So I went and downloaded "Symantec Endpoint Protection" and loaded it onto some test machines. Machine 1: Loaded fine, rebooted okay. It killed skype and windows search - generated nice pretty crash errors in each program. Machine 2: Loaded fine, rebooted okay, and caused the VPN connection that never ends. Literally, had to reboot the machine to get it to let go. Resolved by ripping out the driver for "teefer2" on each NIC. Machine 3: Loaded and left for the day.

The new management console for administration has a nice GUI and gives you access to some nice data like who's logged into each client PC, MAC info, ram, etc. More bells, whistles, creates custom deployment packages, makes expresso, slower than a dead snail. I'll give it a few more days before I have to give up and wait until the next release to try again.

Other reasons why I'm beginning to hate Symantec:
1. What they did to Backup Exec.
2. What they did to Backup Exec technical support.
3. Their licensing site. (how hard is it to just show me all my licenses without having to enter in my friggin serial # each login?)
4. Symantec Endpoint
5. The online knowlegebase for product support.
6. What they did to Backup Exec.

UPDATED: I went ahead and use the Endpoint Protection Manager to create a separate deployment package for my Developers and Technical sales guys. This package only has the A/V, Antispyware but leaves out the network threat protection. This is working out much better for now.


Anonymous said...

I'm a tech guy for a local software company and many of my clients use Symantec for their network antivirus, spam blocking, etc.
I just got off the phone with another tech who installed Symantec Endpoint Protection. It kept the server from "seeing" the workstations and vice-versa, so our shared app was inaccessible. He tried to uninstall Symantec and for some reason it wouldn't go away cleanly until after he reinstalled and uninstalled again. After uninstalling Symantec, our program worked fine again.
Just an FYI...


Anonymous said...

I second your pain!

Yo, minoría absoluta said...

Was difficult to remove TEEFER2 from your system? I have tried and I cannot even after uninstalling Endopoint Protection

Anonymous said...

Your programs are not working because the Symantec Endpoint software contains a Firewall. You need to install this without the firewall; everything should work.

Gnawgnu said...

Um, yeah. The "This package only has the A/V, Antispyware but leaves out the network threat protection" covers that. By excluding all network threat protection you don't get all the firewall components that get in the way.

Anonymous said...

I haven't had many issues with Symantec EP except for the "teefer2" client. For some reason on our Dell XPS M1530's with the Intel 4965AGN driver you cannot connect to a secured wireless network. However you could connect to an unsecured wireless network. Took me a while to figure this out. Removed "Teefer2" and everything runs great, so far!

Anonymous said...

I have got 3 IBM x3650 servers loaded with Symantec Endpoint Protection . The only good the product did was:

--Cant Remote Desktop to any server (which symantec claims that its solved in MR2)

--Everything is superslow (even after having 4 GB RAM installed on those servers)

--SQL Server access becomes a nightmare

--Crashed my SQL & Application Server the moment i installed the AV

I know some of you might tell me to check the firewall rules in symantec endpoint protection . But I havent installed the symantec endpoint protection firewall onto the server.

I dont know why Symantec has to release such a crappy product without testing it throughly in a domain envoinment . It seems that they only test the product in their crappy labs & ignore rest scenarios!!!!

Kevin said...

disable the teefer2 driver on each nic and all should work. my pain is getting the endpoint console to work on a server that already has 2 websites and WSUS AAARRRGGG

Mike Waldron said...

Stay away from the Symantec firewall that is included with SEP. It caused nothing but major problems at our firm (a financial firm). I'm dumping SEP and moving to AVG when our renewal's due. I used to love Symantec, but I hate them with a passion now... SEP sucks and so do all their other desktop products. Bloatware that viruses seem to glide right through. I've had two infections in two months!

Anonymous said...

Symantec is one of the best companies in security and data integrity and availability. It's not God, but I could say it the best if you want to have all the products you need from one company. Now the only comment I will say, Please guys, if you are going to "Try" something new then: 1. Read all the information from the product. 2. Install and try it in a lab or test environment, so you can make any adjustment that you didn't think of before you installed. 3. If you don't do any of the first to point, please don't complaint. SEP it's a great product. You just need to know how to set it up depending of your needs. Sometimes better means complex, so you can set it up depending your clients needs.

DefSol said...

I was a follower of Symantec AV. I understand Anon that you do need to be prepared and follow due course, but in saying that I never had to read all the product info, nor test in a lab (unrealistic for most). Symantec Corp Edition 8 & 9 put in and bang works first time - easy deploy easy manage bit resource hungry, but could live with that. Now Install SEP 11 & cause drive mappings to all point to same location and these could not be removed - Upgraded to MR2 and problem fixed. Just migrated to new server 2008 domain and now f/p server will drop shares for XP clients. Read article regarding MR2 & DFS - maybe responsible & upgraded to MR3. Upgrade to MR3 and was going fine until yesterday - took done f/p server and dfs. Not cool just after big server migration.

It's all about expectation - with Cor 8 & 9 the expectation was high because it was a great product. No other product came close (IMHO). Now it seems to have been all downhill. I'm trying to find more info and find the exact cause but if SEP off, f/p server & dfs good - except when I get stung by malware.

Also why need both ISS & Tomcat ?

Anonymous said...

What Anonymous is saying about Symantic is a subjective point, I happen not to agree, which is OK that is why there are many different flavors of virus and malware tools. Symantic for my money is over rated and I would not run the product, it has killed more of my server than it has protected. I think it goes back to Peter Norton, Mr. Know All DOS, Sysmantic I believe drills and wraps itself into the kernel of the O/S, thus when it has a problem, you have a greater change of it scrambling the O/S. Symantic believes they can do it better than MicroSoft, thus they change the way the O/S works, to make it work the way Symantic wants.
Unlike other product which just load on top of the O/S and work within how M/S designs the O/S to work... I gave up on Symantic years ago, and remove it as much as I can from any machine I buy. By the way, Symantic is so big because they give the software to OEM's to load on the computers they sell, a great marketing tool, it locks in Mom and Pop for ever, they just renew and upgrade to keep protected. Do yourself and your clients, use another product...

Neovo said...

Well, I am on a Vista system, which is mostly used as the Administration system for the Network.

It was allready installed by the Former Systems Engineer who left in 2008.

Now I am seriously hating Vista, and even more with the Symantec Endpoint Protection embedded...

I allso has found the teefer2 driver in my Network Cenntre, and disabled that one as soon I found out.
ow that was a preformance boost!!
Network traffic from and to my system is much faster, and more reliable without dropping shares.

Symantec is just over the Edge...
As I use to say, "It is like shooting a bacteria with a cannon"

Too resource intensive... Too intrusive... Too demanding... Too compulsory...

Neovo Geesink.

Anonymous said...

Oh man I feel ya. Their website is downright ridiculous!! They should be ashamed that their customers have such problem with the stupid thing.

I just had a computer on the network suddenly be denied access to the internet, was resolved by turning off the teefer2 function in network connections. Not sure if it will stick yet, but as soon as our term is up with symantec, i'm gonna get rid of this hog and try something else.

When it works it's great, but i'm spending far too long on issues with it, as well as it is a drain on system resources.


Anonymous said...

yeah, there are some frustrations with SEP. My biggest complaint is the new manager - way too slow and very different from the old mmc plugin.

I will say that SEP 11 seems to block and remove many new infections much better than SAVCE 10.2 does. It also shows you what it did to remove an infection (all the registry key stuff that you used to have to go to symantec's website for the instructions and do it manually). I have only installed it to individual machines, haven't replaced 10.2 at the server yet.

Anonymous said...

Beginning to hate Symantec? Welcome aboard, I've been here for years. :)

Anonymous said...

SEP still won't uninstall properly, and everytime I right click on a file it brings up 2 installation windows which fail. We are moving away from it entirely.

I was amused by their website which claims it speeds up computers when it is usually SEP slowing ours down.