SCEP 2012 vs others – making my blood boil

We’ve had a number of customers recently move to SCEP 2012 from other solutions, particularly mcafee, but also some symantec, sophos etc.

These have generally been customers on an EA, with core cal already purchased and additionally , SCCM 2007 or 2012 already in place for deployment…. so for these enviornments, there is a cost saving with SCEP (as its part of the core cal) and since the SCCM infrastructure is already in place, the management overhead (when other products were in use) is reduced.

The biggest thing i see – and continue to hear from customers is the about the massive performance difference on the workstations after moving from something like Mcafee to SCEP…. Mcafee is a machine crippler, plain and simple. For those of you that have it…. build up two SOE machines, one with Mcafee, one with with SCEP and have a look at the performance difference for yourselves.

Anyhoo – a few days ago, a customer was telling me about independant reports which claim SCEP is quite bad (for various reasons) and how superior the administration of EPO is, the feature set etc etc…. so, i went looking for these independant reports.

This is the first one i found – http://www.mcafee.com/us/resources/demos/endpoint-protection-comparison/McAfee-EP-Microsoft-FEP.swf – and, well, as per the title of this post, my blood boiled.

This is flat out, religious style, mis-information, bullshit and quater truths trying to look legimate… some of the claims in the presentation are just ludicrous.

Now this slidehsow is based on FEP 2010 – but quite frankly, the majority of points have not changed between FEP 2010 and SCEP 2012 (but a couple have)

such as

Administration costs (slide 6) – These figures are just insane… where are these coming from ? 3 times as many new servers to deploy SCEP ? how? 1 server is required to deploy SCEP – and, if the organisation is already using SCCM (which isnt exactly uncommon!) – 0… none, nada, zilch new servers required to deploy. Even if geographically diverse orgs, if SCCM was only being used for SCEP – then 1 server is still only required, as BDP’S (SCCM 2007) or DP’s on a workstation (SCCM 2012) can be used for remote distribution (and this would depend on network speeds/topology etc)

The higher personell costs… well, intentionally vague because of what a ludicrous statement it is….. you need 1 (one!) automatic deployment rule to deploy updates… and in the client policy you set “deploy SCEP” to true…. now clearly this guy doesnt actually use the products he’s talking about, but think of the dumbest tech you possible can – even they could rollout and keep SCEP up to date, with a total admin effort of a few hours (a few mins for an SCCM experienced tech).

The comment about SCCM and forefront being “more complex to administer” – you’ve got to be fucking joking. EPO is definitely one of the better anti-virus administration tools out there – but it, as all software, has its own quirks and complexities too…. trying to clain that SCCM is more complex than EPO…. well ofcourse it is if you have used EPO for 5 years and never used SCCM! The same is true the other way around! Thats just a dodgey arguement.

License fee’s – well that all depends on if you are already licensed via an EA (which is very common in our market) – in which case its bundled in with your other CAL’s….. thats a very large and  important point to miss!

Licenisng for other OS’es – This is a fair point for FEP 2010, but as of SCEP 2012 SP1 (due Jan 2013-ish), SCEP supports MAC and Liunx

Admin and reporting (Slide 8)

EPO group membership is security orientated where-as SCCM collection membership is patch orientated…. just huh ? If i understood what he is getting at here, i could shoot it down…. but it just doesnt make any sense.

distributing updates faster – so… your saying you dont know how to configure SCCM ?

Reporting – No question, Mcafeee reporting is richer than SCEP reporting…. SCEP reporting will continue to get better over time (2012 is better than 2010, obviously)

Consoles (Slide 9)

Requires expertise in 6 different consoles! Thats just a flat out lie. SCEP requires you to know how to use the SCCM console, set policy, deploy software updates, view reports….. i.e. the normal things an SCCM admin already does. If you dont already use SCCM, then sure, you’ll have to learn SCCM, but again, the same is true for EPO!

Tampering and reboots (Slide 10)

“Barrage of windows updates, requiring many reboots” – so are we talking about general windows patching or antivirus here – you cant change topic when convienient. Sure windows updates require reboots, but this is completely seperate to antivirus – if you use mcafee, you still need to patch your machines, and those patches still will need reboots. What a disgusting twisting of the facts.

Tamper proof – “users can tamper with and disable forefront” ? really? So you haven’t configured SCEP to lock down the settings (the same as you need to in EPO) and then your complaining that users can change the settings you havent locked down?

 

There is no question Mcafee (and others) have been around longer, are more mature in some ways (reporting in particular) and have more “features”. I argue, and always will, that the additonal features (such as firewalls, execution prevetion etc) are a pain in the arse for most of our clients…. but sure there are some clients that have valid reasons for using them. The biggest doiwnside to these additional features is the crippling performance impact of mcafee (and others) – and important point which seems to have been left out completely. A number of these features are also already available within the OS and can be configured via group policy… sure its a different tool…. but show me one enterprise IT admin that doesnt know how to use group policy.

If you are a Microsoft-based IT enviornment already – chances are the licenses for SCEP are included in the licensing you already have – if you also already use SCCM for deployment, then you already have the infrastructure and skills to deploy SCEP very quickly and keep it easily updated. So its a very compelling case to look seriously at SCEP at save a big wad of cash….. if your not already licensed (which is unlikley if your an MS based enviornment) and dont have SCCM,  by all means, evaluate the different antivirus solutions for your company to see which ones meet your needs, but do not ever, use an “independent” report such as this one as a justification or to form part of your reasoning…. it is one of the most disgracefully, intentionally inaccurate pieces of “independent” advice I have ever seen.

Current day SPAM

SPAM is an unfortunate fact of life… whether or not it be random religious whack jobs, penis enlargements or nigerian bank managers who have found an error which will end up in me getting $50 million, all they need is a little good faith money – its all as annoying as each other. Fortunately when it comes to email SPAM – there are many cheap and effective ways to dealing with this so only the smallest amount gets through.

Stupid stuff – but managable – and really, apart from the stupid amounts of bandwidth it consumes – not much of an issue anymore. (although i still believe in all for the death penalty for spammers)

However, as per usual, local sales people also seem to think that were not already bombarded by enough mindless bullshit and want to get in on the act…. so after i purchased a new car… the car dealership decided to send me advertisements for new cars …. a quick call to dealership explaining that if they ever want my business again, you wont send me any shit ever… problem kinda solved (one still gets through ever 6 months or so)

The we have the real-estate agent who tried to sell our house – apparently i need a market update along with a letter about what he did over xmas….. when did i ask for this shit ?

Then we have the best of the lot – the hospital research foundation home lottery – which i purchased a ticket in years ago, thinking “hey, i could win something, and if i dont, im supporting medical research – im good with that”…. apparently what i really said was “take my details and constantly send me letters and text messages telling me that another lottery is on or that one is about to close, or that the early bird is about to expire etc…. even if you unsubscribe multiple times, we wont listen and will just continue to bombard you with our crap”

my point:

If your in SA, do not ever buy a ticket or provide your details to the hospital research foundation home lottery

Marketing and salespeople who think adding someone to your mailing list without permission is acceptable…. go find a short length of rope, and appropriate beam that will hold your weight and do the world a favour

IT Terminolgy for “we dont to do anything – ever”

Ive had dealing s with a customer lately who has come out with the following gems:

Comment :             “We’re a very risk adverse organisation” 

Real meaning:       “We’re scared of everything and live in conatsnt fear of anything and everything – so dont do anything, ever! I still get paid right.. ?”

 

Comment:              “there are 1000 ways of doing this – the way Hayes is suggesting is just one of many”

Real meaning:       “we dont want to do anything because we have no technical knowledge and were scared of everything! I work in government, so im still getting paid, no matter how ineffective i am or stupid my decisions are”

 

I have no issue with being risk adverse…. but if your network does not meet the business needs of the users on the network – whats the fucking point of the network? There is always a balance between security and functionality – but quite frankly if you want your network to be completely secure, go unplug the network cables from the servers…. there we go – secure! If you think complexity equals security, your a fucking moron.

As far as the “1000 different ways to do things” – bullshit! Absolute fucking bullshit! If you want to setup your Microsoft infrastructure in a way that is supportable, flexible and efficient you have, in most cases, 2 or 3 different ways you can go…. for some products a few more… but far less than 1000!  Every network we have ever dealt with that runs well has massive amounts in common with other networks that run well – irrelevant of the industry or size of organisation.

Fuck i hate bullshit artists that become IT managers…. (and the guy who sprouted this shit i had previously stood up for when another mate was bagging him for this type of rubbish…. that’ll teach me!)

Free speech

The west – particularly the yanks, are always banging on about free speech.

Why is it that free speech only applies when “freely” discussing certain things?

http://www.abc.net.au/news/stories/2011/06/20/3248665.htm

Why when extremists (and they are extremists) decide that something offends them, can it not be discussed? Isn’t that  most sane people’s issue with religion ? That discussion on the topic is closed down because its not allowed…. because its just not…. because we may offend someone who believes in a fiary tale and thinks they deserve tax free status because of it ?

Society can never evolve while topics remain off the table for discussion….

Scams….

Ahhh the world we live in…. if you have no useful skills in any area of life, you have the option of becoming a politician, going to work for HP or ringing people, telling them your from Microsoft and that you have detected a virus on their machine and that for a $300+ charge you will fix it for them.

I have had a few friends and family members ring me lately and ask about this…. and it just makes my blood boil…. for two reasons i spose…

1) That there are people around that do this type of thing

2) The reason there people around that do this type of thing is because people fall for this type of thing!

Lets photoshop out some women…

Another major-ish news story going around at the moment (apart from the Australian federal governments terrible budget – but thats localised) is the jewish newspaper that photoshopped out the two women in the situation room during the “obama gets osama” mission.

Huh? What? Why?

There’s been apologies/statements/rubbish released about respect of women and blah blah blah…. what about factual correctness ? Its a fucking newspaper, its meant to be reporting facts! Because your biggoted fruit-cake religion  doesn’t even apparently recognise the very existance of women – its ok to remove them? What about the simple fact that they were there !?

If something is insane, stupid and defies common sense… saying “its my religious belief” does not make it any less insane or stupid.

Mortal Kombat – refused classification in Aus

http://www.abc.net.au/news/stories/2011/02/26/3149628.htm

No great surprise here – i think my views on the topic have been expressed clearly before – but just to get it off my chest….

Freedom of choice is one of the most basic, core human rights that any person has a right to feel pissed off about losing. It is completely irrelevant if the freedom of choice is in regards to playing a violent video game, choosing to get married to a same sex partner, or to choose to ends one life peacefully through euthanasia… they are all personal choices – any anyone, being the Australian classification board, religious zealots or any other group who tries to impose their will on others are fundamentally fucking evil.

Free Speech

Australia is a free nation, free to think what we want, say what want, do what we want… as long as we dont choose to use that freedom to think or say things deemed as “bad” by someone, somewhere…

http://www.abc.net.au/news/stories/2010/09/10/3008863.htm

Just as well we have freedom… our federal politicans are a bunch of spineless evil arse-clowns.

Euthanasia, not only is it illegal to die with dignity, its apparently illegal to discuss it and advertise promoting discussion about it.

So even though the over-whelming majority of Australians believe *in concept* that its a good idea, trying to raise awareness of it isn’t allowed?

Yet an organisation such as the catholic church that protects child molestors, promotes creating mythical beings in order to financially and intellectually destroy its followers is allowed to advertise as much as it wants.

We live in a sick and depraved society.

Internet eh….

The bane of many people in Aus has been tring to get reasonable internet access for many years.

I recently swapped over to a naked DSL connection – to rid myself of the telstra menace – and performance has been average to say the least. (My previous service was non-naked on a different line into the house)

As of last friday, constant drop outs, when it was up, the speed was terrible etc on my DSL service. Since my ISP chose not to respond to my email, i rang them tonight… “nothing we can do, its telstra’s issue”….. but i pay you for a service, your not delivering that service, you fix it… “we cant, its telstras problem”…. log a line fault then “Telstra only garuntee line speeds of up to 1.5mb, they wont do anything”…. good service guys.

So even when you dont use telstra, they still manage to fuck you.

While i reliase that this countries ISP’s are in a bind because of the way governments over the years have let telstra absolutely rape the Australian consumer – and the infrastructure ownership issues caused by MP’s not having the balls to strcutually split telstra (which should have happened in the 80’s)  – the fact still remains, im paying you for the service – not the brainless “cant implement a billing system” bottom feeders at telstra…. dealing with telstra is a fucking nightmare – hence why im paying you for the service… so you can deal with them…. which bit of this concept is not clear!?!?