My financial services provider told me to install a antispyware, antivirus and firewall software package on my MacBook Air. What brand would you recommend that I install which would be compatible with a Mac product. Thanks in advance.

That might be their policy but it is really not needed on a Mac...if you do install, stay away from the commercial software from Norton Nd McAfee as they are huge sources of problems for Macs. The only consistently recommended anti-virus on here is the fee download ClamXAV from the Mac App Store.

Do they stipulate a particular product or products you must use? Or, is their requirement of just a general nature? If the latter, then use ClamXav. Note that OS X has built-in malware protection called XProtect. You can enable your built-in firewall using the Security & Privacy prererence panel of System Preferences.

Helpful Links Regarding Malware Protection

An excellent link to read is Tom Reed's Mac Malware Guide.

Also, visit The XLab FAQs and read Detecting and avoiding malware and spyware.

See these Apple articles:

Mac OS X Snow Leopard and malware detection

OS X Lion- Protect your Mac from malware

OS X Mountain Lion- Protect your Mac from malware

About file quarantine in OS X

That should have been the free download, not fee download :-)

You're welcome, and be sure to take a look at Thomas Reed's site, terrific material on there that can be a big help in keeping your system secure.

Actually, ClamAV is hugely supported in both the Mac and PC worlds. Updates are daily if you install that feature or do a daily check. Malware updating is very good, plus you have an AV product that does not weigh heavily on the OS like Sophos and others. My vote goes to ClamXAV if you must choose between the two, but my first vote is to use none.

Sophos is not free. There is a free or trial version of Sophos. But eventually you must pay for it.

If you do some searching of these discussions you will find complaints coming up recently about problems with SOPHOS. You would be far better off going with ClamXAV.

Y@uCgAujR453ad wrote:

The two big advantages to Sophos, to me, was that its virus definitions are updated daily and Sophos is a larger firm.

My recollection is that the Sophos app checks for updates once an hour, but I'd have to do some research to see how often updates are actually available.

Although ClamXav is a one person firm, the ClamAV® scan engine is backed by Sourcefire.

ClamXav on the other hand does not update malware definiltions as often

Currently, the ClamXav app will check daily, if you have that option turned on. It also updates when launched and on-demand with the touch of a button.

On the other hand, ClamAV® updates the malware definitions several times a day, whenever they have a batch ready to go. I just did a quick check of the last twelve days and there were 71 updates of over 50,000 definitions during that time, for an average of almost six updates and over 4,200 definitions a day. Obviously, most of those are Windows definitions, but I have a feeling that as far as frequency of updates is concerned, it's a wash.

ClamXav is a much smaller organization and probalbly has less resources.

As I mentioned before, that is a fact. To take it a step further, it's strictly a hobby for developer Mark Allan, but application updates aren't nearly as important as are the definitions, as you have hinted.

I have no idea how many employees Sophos employs to write definitions, so I'll simply guess that since they are a for profit company, it's adequate for what they need to do.

I don't have much information about the ClamAV® definitions team, but since they are part of the not-for-profit branch of Sourcefire, I'd guess that they are somewhat under-staffed. Judging from the names I see signing off on the definitions, it would appear that there are three main coders with a few others contributing as required (one of whom is the afore mentioned Mark Allan in his "spare" time). I'm also under the impression that they don't have anybody that actively seeks out malware samples, relying, instead on contributions from VirusTotal.com and users like me (and possibly you). What that amounts to is that most of the Commercial firms will be first on the street with updates when a new malware or variant pops up, but there have been a small number of documented first for the ClamAV® and they have usually matched Apple XProtect updates. In any case, I would give Sophos a solid edge in this area, but mostly for speed in getting new definitions out-the-door.

Having said all that, there is nothing wrong with having both applications installed, as long as only one of them is enabled for real-time / on-access hard drive watching.

Be sure to read Thomas Reed's Safe Mac information carefully, and also the user tip from Klaus1: https://discussions.apple.com/docs/DOC-2435 as both give great advice.

ClamXAV takes less system overhead, doesn't directly touch the operating system.

Find another financial service provider, bank. If they can inspect your system and demand you install anti anything on your system they have way to much access to your personal computer.

I personally would not stand for that. If for some reason I could not change the bank I do business with then I would stop using any online system they offered and walk into a branch every time I wanted to do anything with them. While I was looking for another bank to do business with.

Ridiculous.

Do you mean that ClamXav is more compatible with the Mac and does mot consume as much space as the other AV products?

Compatibility is a broad-meaning term, but I don't think ClamXAV is incompatible with OS X. It does not cause kernel panics nor does it create problems with other software. As for the space it consumes I really can't say because I've never made a comparison. However, that's not very relevant. I think ClamXAV is simply a lower overhead AV product that works well with OS X. Thomas Reed has run various tests on how well different AV products work on Macs. He gave pretty low scores to all of them.

As I've mentioned OS X has its own built-in anti-malware software that Apple updates automatically as needed. My personal, but educated, opinion is you don't need any third-party protection as of now, but if you must install something then install ClamXAV. It's as good as commercial products, maybe better, and seems to be less problematic. If that's a satisfactory definition of "compatibility," then ClamXAV is more compatible than other AV products.

Y@uCgAujR453ad wrote:

Kappy,

When you say "Malware updating is very good, plus you have an AV product that does not weigh heavily on the OS like Sophos and others" Do you mean that ClamXav is more compatible with the Mac and does mot consume as much space as the other AV products?

I haven't done any space comparisons either, primarily because hard drive space for anything is almost irevelavent these days, and RAM space isn't far behind. My guess is that ClamXav takes up somewhat less hard drive space, but RAM requirements are about the same. As Kappy indicated, the ClamXav app does not need to install any extensions or plug-ins to the OS at all. It only runs when you tell it to or if you set up a scheduled daily database update or scan, nothing in the background at all.

If you choose the web version of ClamXav (as opposed to the AppStore version) then you have an option to allow ClamXav Sentry to watch selected directories (folders) and check everything new that is deposited there. This does require resources. First, it needs to reset permissions on one file, one time, so that it will be notified of all new files in your watch area. It also loads the entire database into RAM as it starts up and it stays there as long as it's active, in order to speed up the scanning process. The app reloads the database each time you start a manual or scheduled scan.

Both the app and Sentry will use a significant amount of CPU cycles when actively scanning, but in my experience, no more than any other A-V software. On a slow Mac I work around this by never trying to do anything else during a manual / scheduled scan and by not trying to watch the entire hard drive with Sentry. Mac malware is almost always found in the same places, so watching one's home folder takes care of the majority of the entry points (download folder, e-mail, browser cache) as well as the favorite places to hide an installation without needing to alert the user with an admin password.