Jump to content
Mewburn

Kaspersky - Fundamentally Flawed?

Recommended Posts

Having moved from Sophos to Kaspersky I now feel we've made a huge mistake....

 

Since attending Infosec 2013 and having been impressed with the vast array of Endpoint control settings and the AV protection options Kaspersky offered we've now got a product which is very poor in comparison to Sophos.

 

The installation of the Security Center was pretty straight forward and being able to pull Sophos off the endpoints using a task was great but that's where it ends. After deploying Kaspersky Endpoint Security 10 to the endpoints we've had nothing but problems. We've had to completely strip back the protection policy so the only things enabled are File Anti Virus and Web Anti Virus as everything else was killing our endpoints. We've had to resort to only pushing out updates during non working hours as this also seemed to kill our endpoints. We're now receiving the following "Error verifying application databases and modules" on 80 endpoints that now won't update. It seems that this product needs to be nannied on a daily basis and doesn't work as advertised.

 

Roll on renewal....

 

Share this post


Link to post

We too noticed this in our test lab before migration. We're successfully running most clients on Endpoint 8 except the Windows 8 ones that require Endpoint 10.

 

Kaspersky has proven to be better than Sophos however the policies do need to be finely tuned.

 

 

Share this post


Link to post

Hi Brian,

 

Thanks for your response.

 

It has to be said that Kaspersky has been better at finding viruses but the administration and stability is awful.

Share this post


Link to post
Hi Brian,

 

Thanks for your response.

 

It has to be said that Kaspersky has been better at finding viruses but the administration and stability is awful.

Detection rates seems to be better than competitors, however, this is moot if/when the product is not working.

 

It's a horribly buggy product since v.6. Coupled with lack of support (we've had critical tickets open for months without resolution. We had one critical issue that was open for a year. It has been a never-ending PITA.

Share this post


Link to post

j-gray do you mind me asking if you're able to benefit from support directly from Kaspersky or do you like us have to go through a reseller?

Share this post


Link to post

I have to agree that so far the Kaspersky Security Center application has been nothing but buggy and total PITA. The deployment was the smoothest part and even that had many hiccups. Since then there have been some major issues with boot times on each endpoint, information accuracy about endpoints, and connections back to the server. We have had multiple machines that show up as unavailable when I am able to ping and remote desktop in straight from KSC. Also many display as not scanned in a long time when the log itself shows they were scanned that morning or even more recently. Basically all of this makes me wonder if I can trust any of the information KSC displays. Their corporate support has also been less than helpful.

 

I am continuing to work with support and read documentation to fine tune our system as best I can, but I am very disappointed that the application has never actually performed properly. I would expect basic functionality to work out of the box but that has not been the case.

Share this post


Link to post
j-gray do you mind me asking if you're able to benefit from support directly from Kaspersky or do you like us have to go through a reseller?

We have direct support, if you can call it that. We've submitted multiple support requests for critical issues and they've all languished for months, and one issue which is only partially resolved was open for a year.

 

We did contact our reseller to try to get some leverage in escalating our issues. They put us in touch with various Channel Account Managers, then escalated to Account Manager Director, then Senior Key Account Manager for North America. Almost a year and a half later, we still have a non-functional product. The account managers are no longer responding/assisting with our issues. It's clear that they do not stand behind their product.

 

I believe the lower levels of support truly try to assist, but get little response/assistance from their HQ which undercuts their ability to provide support.

Share this post


Link to post
We have direct support, if you can call it that. We've submitted multiple support requests for critical issues and they've all languished for months, and one issue which is only partially resolved was open for a year.

 

We did contact our reseller to try to get some leverage in escalating our issues. They put us in touch with various Channel Account Managers, then escalated to Account Manager Director, then Senior Key Account Manager for North America. Almost a year and a half later, we still have a non-functional product. The account managers are no longer responding/assisting with our issues. It's clear that they do not stand behind their product.

 

I believe the lower levels of support truly try to assist, but get little response/assistance from their HQ which undercuts their ability to provide support.

hi

 

Can you Explian the issue point wise you are facing with kaspersky

 

Share this post


Link to post
We've had to completely strip back the protection policy so the only things enabled are File Anti Virus and Web Anti Virus as everything else was killing our endpoints. We've had to resort to only pushing out updates during non working hours as this also seemed to kill our endpoints. We're now receiving the following "Error verifying application databases and modules" on 80 endpoints that now won't update.

 

Are there any other changes you made to the configuration beyond this?

Examples to look at:

- Disabling the scanning of network drives under file anti virus

- Adding recommended exclusions for Microsoft programs

- trusting programs that utilise a large amount of system resources.

- Configuring update agents manually rather than automatically (administration server - properties- settings)

- Creating a larger randomisation frequency on your update schedules

 

 

Share this post


Link to post

We to are exepericing issues with KSC10/KES10.

 

Tasks that run on the wrong days

Processes that kill CPU and make the computer unusable

Update Agents that update themselves, but send out corrupted data to my servers

no support windows 2012 with the FSEE product (made to support servers...just not current releases of windows server)

 

We have a TAM with kaspersky, but it doesn't do much good. Once support leaves the States and goes to the Dev team it might as well have gone into a black hole. I feel like I'm playing with high school programmers who believe thier code can have no bugs.....We dont need a test environement, our coding is perfect, roll it straight into production!

 

After moving my company from Symantec to Kaspersky version 10 I later find out that even Kaspersky hasn't installed this version of thier product yet, guess what guys, we get to be beta testers, and it only cost us X thousands of dollars for the pleasure of finding the bugs so thay can roll a product to the home users without bugs. :angry:

 

Are there any other changes you made to the configuration beyond this?

Examples to look at:

- Disabling the scanning of network drives under file anti virus - Did this

- Adding recommended exclusions for Microsoft programs - Did this

- trusting programs that utilise a large amount of system resources. - Did this for known applications

- Configuring update agents manually rather than automatically (administration server - properties- settings) - Did this

- Creating a larger randomisation frequency on your update schedules - Did this

 

Had our Kaspersky TAM side by side with me while we did the install, he configured it according to best practices, this crap doesn't work as advertised.

 

 

Share this post


Link to post

Hi Michael.

I'm sure most of that can be corrected, but you're TAM would be able to chase cases for you.

 

Some of the things I mentioned will work for the majority, however some systems will need further troubleshooting. Then it's best to contact your local support team.

Share this post


Link to post

ChrisD, I wish I had your optimisum. I do not. Going through my TAM is not an issue, hes great for tracking down issues, managing data between our company and HQ....its HQ that I have serious issues with. They are slow as hell to respond, and everytime I've had contact with them its been a 'Prove that our software isn't working' rather than a 'how can we help in getting this corrected' mentality that i've dealt with.

 

Honestly, I really wish we had gone with a more stable release of Kaspersky....KSC10/KES10 is just not ready for prime time.

Share this post


Link to post
hi

 

Can you Explian the issue point wise you are facing with kaspersky

The issue is 1) we paid for a product (750 licenses) over a year ago and it has not functioned from the beginning. We've had support tickets open for the duration that clearly demonstrates this. 2) Kaspersky refuses to refund our money, despite knowing the product is not functional. 3) Though the senior staff for North America is aware of this they are unable/unwilling to push this issue through to resolution. 4) We are essentially paying money to be beta testers.

Share this post


Link to post

KES10 is a nice product, if it works. Unfortunately we're also having issues with stability/management making the product require very high maintenance.

We're now using it for 1.5 years, started with v8 and migrated to v10 about half a year ago. We're still having a license for another 1.5 years which I don't think we'll extend unless the product improves a lot.

Edited by BramV

Share this post


Link to post
4) We are essentially paying money to be beta testers.

 

So glad I'm not the only one who feels this way....I'm sitting on 7,000 clients and I feel like I'm beta testing this.

 

Kaspersky, before you push a product out, make sure you are willing to force every one of your own internal users onto it....next time my sales guy or his tech rep shows up and doesn't have KES10 on his laptop I am not going to be kind to him.

Share this post


Link to post

Couldn't agree more with everything said in this thread. It seems like every feature of KSC 10 has been a nightmare to get working properly, if I can even get it to work at all. Support has been terrible this entire time. No matter what your problem is they ask for the same log files, and the instructions they send to you often are extremely vague and assume you know way more than you do. I wish I didn't have to deal with this product. Nothing ever works the way it should.

Share this post


Link to post

I'm getting frustrated with Kaspersky support as well. Once it goes to their Escalation team, it might as well be going to Russia.

 

Oh. wait.. it IS going to russia.

 

3 days to get a response of "Did you try this?" when I clearly stated I had already tried it. This was upgrading from version 6 to version 10. (We tried version 8 when it came out and it did not go well. I should have known to not try version 10).

 

sigh.

 

and now I see they're pushing that the product does MDM, and OS deployment, and a slew of other stuff. If I can't trust it to work right as an antivirus program, how do you expect me to trust it as an OS Deployment solution?!?

 

Thanks for letting me vent.

Share this post


Link to post

Dear all,

 

Most of the issues are currently being investigated by our developers or already have been fixed and resolution will be included into our next Maintenance Release or Private Fixes. Each issue has to be investigated individually as its cause can be different. Could you please provide us with your case submitted regarding the mentioned issues and we will try to provide you with an update on it?

Share this post


Link to post
Dear all,

 

Most of the issues are currently being investigated by our developers or already have been fixed and resolution will be included into our next Maintenance Release or Private Fixes. Each issue has to be investigated individually as its cause can be different. Could you please provide us with your case submitted regarding the mentioned issues and we will try to provide you with an update on it?

 

No offense, but that's the problem; all our issues are "currently being investigated". This is the response we receive whenever asking for a status update.

 

INC000001877677: Case opened June 26 2013, waiting for update

INC000001896891: Case opened July 2 2013, still waiting for fix

 

INC000000695089 was open for almost a year. We were issued a private fix, but nobody can tell us if the fix will be incorporated in a future release of KSC 9. Nobody can tell us if the bug/issue is present in KSC 10. These leaves us unable to upgrade any version or CF, as we don't know whether or not it will break our clients again.

Share this post


Link to post

Hello!

 

We are very sorry for the delay. Your incident INC000001896891 has been updated and the private fix for this problem was issued. Please check your Company Account.

 

As for upgrades, you are free to migrate to newer versions of Kaspersky Security Center 9 and even to Kaspersky Security Center 10, but please re-apply your private fix and everything will work fine.

 

Unfortunately we are unable to provide you the information about this fix being incorporated into next release of KES4MAC just yet.

 

 

 

 

Share this post


Link to post

I don't know what issues your seeing with version 9, but I can tell you version 10 is its own brand of hell....

Share this post


Link to post

We were on v6.xxx and everything worked fabulously.

 

I appreciate that Kaspersky is striving to be the end all solution for ALL of our needs...

 

All I want is an AV and centralized monitoring for our users.

 

Norton followed the same path and look where they are now.

 

I've already spent hours trying to get this thing to work and am ready to shelve it. May end up downgrading back to 6... my reseller tells me my license keys will work.

Share this post


Link to post
We were on v6.xxx and everything worked fabulously.

 

I appreciate that Kaspersky is striving to be the end all solution for ALL of our needs...

 

All I want is an AV and centralized monitoring for our users.

 

Norton followed the same path and look where they are now.

 

I've already spent hours trying to get this thing to work and am ready to shelve it. May end up downgrading back to 6... my reseller tells me my license keys will work.

Dear all,

 

Most of the issues are currently being investigated by our developers or already have been fixed and resolution will be included into our next Maintenance Release or Private Fixes. Each issue has to be investigated individually as its cause can be different. Could you please provide us with your case submitted regarding the mentioned issues and we will try to provide you with an update on it?

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.