Hi
I’d like to comment on a few detractions of version 7.
Firstly version 7 arrived out the blue on my work PC just because I was working on the Internet - it upgraded itself from version 6 with no prior authorization from the central server. It would be good to prevent this behaviour before releasing version 8.
Secondly there is no way we can get working to roll out version 7 clients or definitions using alternative mechanisms. This is particularly frustrating as we only just fixed version 7 after it stopped working for 9 days! (Mirror bug caused this). Free version users can at least download the latest VPS defs and manually update but it is incompatible with the Endpoint business version. We need to package and deploy via MS SCCM. We can dynamically package new versions but right now the package builds are all broken except if the server does the deployment itself. If there are any issues requiring a manual install can’t do it.
Thirdly Secondary mirror seems like a good idea on our large network with slow links but it seems largely undocumented how to get it to work and point clients to it. Be nice to have a deployment guide.
Fourthly the reports are great but deployment coverage reports give wildly erroneous information
Fifthly it would be great to have Organizational unit discovery inclusions/exclusions on AD discovery and also exclude disabled objects - I keep getting computers that are disabled / decommed or I don’t want to install Avast on (some vendors specify they will not support all AVs so we also run McAfee for a limited number of systems, others don’t want AV at all e.g. TMG firewall - but you can delete them they will just come back)
Six - Auxiliary tasks seem great - but can we please have an aux task to do a computer reboot - that way we can schedule a reboot of computers in a collection showing reboot required at a convenient maintenance window.
Seven - Nowhere on the admin console can you see what the latest VPS is in the mirror - there is no monitor if the mirror is out of date - e.g. 3 days old and also you are just assuming that there is an update daily when you look at reports and working out what is out of date. Same goes for program version - how do I know I got the latest program - especially seeing as my home computer updated a few days ago I think there may be a new version but I am just assuming it is not released yet on business version - it would be good to know.
Eight - back to discovery - why can’t discovery determine from computer properties which group to put an object into? All workstations and servers just go into root node and have to get sorted out.
Nine - license lock and update - we bought a new license and it would not load - needed to get the update from tech support - thanks guys! However it seems that license updates does not work too well. Needs a rethink - bottom line is if we buy a company we need to buy a supplementary license for the new workstations and servers and load it without issues. Related to which, because discovery rediscovers old non-existant stuff out of AD and there is a random computer lockout facility its just a lucky dip which computers get locked out and which ones don’t. It would be great to have a mechanism (maybe a special non-client group?) to put in the computers you really want to lock out so the license can be released for valid use. You can even go ahead and test those objects for Avast program presence so license violation is not possible.
Ten - installation packages - would be nice to have an option to do a program only package so that installation can be phased to utilize bandwidth better. Typically we only uninstall the legacy AV once its all confirmed working so going “unprotected” for a day or two is less of an issue than the impact of parralel deployment down small lines. (Yes we do tweak down the parallelism of the deployment task which is nice, but the size of the package also slows down the deployment.
Eleven - Reporting - how nice it would be to be able to do some LDAP discovery of computer object properties like the OU, the item manager and possibly user specified properties in order to create our own dynamic groups and produce reports restricted to groups - this would give us all the flexibility to report to different departments on their sysems, rather than having to put in a lot of manual effort.
Our impression is that the new version seems to be based on an older version console, so some of the strengths of the old version are back but version 6 did have some better things too and this was also just thrown out. On the whole version 7 is an improvement, but I know I have around 9 months before I have to show my CIO we now have something significatly closer to what I described above or we will move to another product. I am personally a great believer in Avast but do have the frustration that the personal product seems to be significantly better and more under control than the corporate offering.
