nondisputandum wrote:
> On Sat, 9 Jul 2005 00:45:10 -0400, "KH" <kjhutto1189@cox.net> wrote:
>
>
>>Yep, Norton is only for computers with large amounts of RAM, I suggest only
>>for computers with 2 gigs or more to run Norton
>>
>
>
> Ran the Norton AV & firewall on P4, 3 GHz HT (running at 3.6 - 960 MHz
> fsb) with 2 Gig ram (400 Mhz)
>
> It slowed down the system... not even with that power, it is a good
> idea. Perhaps the hunger of Norton has not all to do with the raw
> power of the system. Some old P3 systems run it with little
> problems,... but those are white ravens. Pitty, cos Norton has all the
> potential and a huge history of trustwothyness. (Remember good old
> Commander)
>

I hear these complaint about Norton. I am not familiar with the retail
product as for several years I have used the Corporate edition available
through the workplace. I will not argue about it having a heavy hand on
the system and that it does not uninstall well.

We have the Symantec, McAfee and MicroTrend products available for free
for employee home use though the workplace. During my initial testing a
couple of years ago, the Symantec product blocked more varieties of
"known" viruses, more reliably, than the other two other products I
tested. Additionally the firewall product blocked more attack vectors
against the firewall of the system when services were exposed, was less
susceptible to tunneling and was more stable than the McAfee and ZA
product tested at the time. None of the products tested were 100%, but
at that time, the Symantec product stopped more threat vectors. This was
primarily related to port 80 filtering capabilities with the Symantec
firewall. Previously I had been using the ZA firewall however in testing
there were several attack vectors that were effective against it that
could not be easily closed by the user. Additionally it did not have
the finite web filtering control(I was using promoxitron at the time for
this) that the Symantec product offered.

The time line between threat discovery and threat mitigation with the AV
product is important. I have seen statistics on the web that compared
this mitigation Window and Symantecs response time is top of the list.

I have been running the CE edition on a AMD 1700 512 MB RAM with no
performance issues. Of course I am not running the latest edition of
DOOM on that box but performs adequately well for routine web and VM
operations. I have a 2.8 ghz Intel as a game box that works adequately
for Internet gaming (though I still get my arse kicked but the kids
don't seem to have the same issues..lol) I have noted a performance hit
on that system of about 10% against raw processing of SETI packet data
with NAV over having nothing on the box. This can be mitigated by
having Symantec ignore file changes in those applications directories.
If maximum raw performance is your highest priority, then you may want
to use a different product, or turn off real time file protection all
together.

Product cost was not a factor in my testing. I understand the
MicroTrend product and the McAfee product have both had significant
improvements since I tested, however so has NAV. Additionally I was
testing the corporate products instead of the retail versions. Due to
the time involved in testing I have not re-tested current versions. I
love the changes in the latest Corporate edition, which has significant
improvements in identifying, preventing and removing various malware pests.

Performance hit on game play can be mitigated under NAV by tweaking
various NAV parameters to ignore disk writes for a specified directory
and firewall precedence rules set moved up for net game servers. I don't
play a lot of Net based games however I have found that if you want to
improve the game performance you have to tweak the communications to the
top of the firewall rule set (not the bottom which is the default when
you create the rules). Additionally minimizing logging on game ports
significantly improves performance. NAV by default logs numerous
activities and this must be reduced for game communications or the
performance hit is significant. I have noted that graphic cards that
use system RAM for graphic memory also impact performance. I believe
this is related to the real time protection features.

The default settings in NAV is for protection not performance. These
behaviors can be changed to optimize performance for certain activities
if desired, but it does require product familiarity. The help files do
not go into detail, on how to do this, as it does reduce protections and
this is beyond the understanding of many users. There are several files
you should set NAV real time protection to ignore activity for optimal
performance. Help files for the Symantec product is designed for home
users and does not address advanced configuration capabilities. It can
be figured out, but it would be "nice" to have some features documented
as it can require manual tweaks to registry or configuration files,
though a lot of the information is available at the SARC site.

The key is finding a product that meets your requirements, practice safe
computing, and almost any AV/firewall product will work if properly
configured. Like any other tool, the one that fits your needs, and is
kept current is best. I have a machine where I used McAfee (Linux box)
and other boxes where I use nothing at all on the system with no issue.
What product is best, depends on the threat exposure and the usage of
the system.

Winged