Thursday 4 September 2008

Trend Micro Worry Free Security is not so worry free?

Folks, please keep in mind that this post is coming out of a ongoing frustration with a couple of situations we are having with Trend's WFBS ... this being the key one:

One of our clients, going on ten years in our business relationship, has been entirely virus free. To date, we were running Symantec's Enterprise A/V product through its various versions up to 10.2 which is just prior to their new EndPoint product.

We may have our beefs with Symantec as a business and with its business practices, but at least the product worked.

With our client's recent hardware and software refresh, we opted for Trend Micro's SMB product which is now Worry Free Business Security.

We have all seen the plethora of ZIP files attached to emails about air flight plans and the like that have been filling our Spam or Junk folders.

Well, one of the principles of said client absentmindedly clicked on one of those zip files because they just happened to have made their flight plans with the Subject's airline.

Now, in the past, Symantec's A/V would have popped up a window stating that there was a virus embedded in the ZIP file, blocked access, and deleted or quarantined the file.

For whatever reason, the Trend product did not do this. So, after essentially 10 years of being virus free, we now have a laptop that we needed to quarantine, pull off the network, and rebuild after pulling essential data off of it. We do not like Trojans - all infected systems get flattened.

We checked, and double checked the Trend Management Console on the server and it clearly indicated that it was directing the clients to scan ZIP archives. In fact, we went through all of the settings in the console to make sure that things were as they should be for client settings and they were.

On the infected client, we tested a number of different scenarios and the Trend A/V client never even considered there to be a problem.

And yes, our server and clients were up to date with the current A/V definitions.

This situation has left a very sour taste in our mouth. For now, we will be holding off any further Trend installs.

BTW, this situation was the impetus for us to sign up with Vlad and OWN to begin looking at implementing Exchange Defender at our client sites.

Philip Elder
Microsoft Small Business Specialists

*All Mac on SBS posts are posted on our in-house iMac via the Safari Web browser.


Vlad Mazek said...

Tshirt is on it's way!


Philip Elder Cluster MVP said...

Thanks for that Vlad! :D


Anonymous said...

in all fairness to Trend, and I've had my fair share of troubles with them (which is why i'm here now), this issue could have to do with the program not being correctly configured. It usually takes me about an hour to fully configure a new install.