|
The school that I'm working at has been hit by a few different malware infections in the last year and my boss is ready to reach through the phone and strangle someone at Sophos. I've looked into setting up Microsoft Endpoint, but it looks like the latest version is an extra module for InTune, which I doubt I can get approval for. What's the managed antivirus you're currently in love with? How's Nod32 these days? Is there a management console for Malwarebytes? If it's got a management dashboard I'll take a look at it, and if anyone knows of a good antivirus I can put through E-Rate I'll love you forever.
|
#
?
Feb 11, 2015 18:22
|
|
|
|
| # ? May 6, 2024 13:04 |
|
|
A case of really good scotch
|
|
#
?
Feb 11, 2015 19:16
|
|
|
Number19 posted:A case of really good scotch Pretty much. Nothing out there is going to stop everything, Sophos is one of the better managed A/V's out there. I would look into some sort of malware web filter if you don't have one in place. The number of Flash exploits out in the wild is mind boggling and nothing is going to catch them all. That's not even touching all the other crap you have to deal with as a school. Thumbdrives, stupid students downloading crap, etc.
|
|
#
?
Feb 11, 2015 20:02
|
|
|
I can tell you which one I hated dealing with, which was the antivirus built into LANDesk Management Suite. That fucker would just grind computers to a slow crawl. I think it must have originally been designed to grind hard drive platters into dust. EDIT: This was in 2011 though, I have no idea where they're at now.
|
|
#
?
Feb 11, 2015 20:34
|
|
|
Honestly you're attempting to pick the shiniest turd of the bunch and your turd is already pretty shiny, it's likely that your issue isn't as much with endpoint security, but somewhere before that, firewall/mail filtering etc oh you're at a school... ugh.. application and device control policies might need to be altered. MF_James fucked around with this message at 21:27 on Feb 11, 2015 |
|
#
?
Feb 11, 2015 20:55
|
|
|
We use NOD32 and are pretty happy with it.
|
|
#
?
Feb 11, 2015 21:16
|
|
|
Thanks for all the replies, people. I think the biggest problem is that the Sophos server was never really installed or configured correctly, so it throws a bunch of errors and just generally doesn't look like it does much. We also used to have a Sophos-branded proxy server we finally got rid of last year that everyone hated, so I doubt anything with the name will just be complained about until we get rid of it. Maybe I'll look into installation procedures and try to install Sophos correctly this time, with automatic updates to all the clients and fancy reporting an all that poo poo. If it's the best around it's the best around, even if it feels like a bit of a shitshow.
|
|
#
?
Feb 11, 2015 21:39
|
|
|
 Yeah, that might be a problem. The Sophos web proxy is a pretty nice piece of kit too. I have a couple of them deployed. Sophos isn't difficult to deploy properly, ya'll need to get your poo poo together.
|
|
#
?
Feb 11, 2015 21:53
|
|
|
Microsoft Endpoint should come with SCCM, unless things have changed drastically in the last couple years.
|
|
#
?
Feb 11, 2015 22:51
|
|
|
We use ESET Endpoint here (used to be called NOD32), and they just updated again to 6.0, haven't upgraded yet. I like the central console and visibility into user's machines, even when they are outside of the company, plus the reporting is useful as well.
|
|
#
?
Feb 11, 2015 23:23
|
|
|
We are getting away from Mcafee and looking into Kaspersky. I just had a demo that went pretty well. I am about to install the demo to try it out.
|
|
#
?
Feb 11, 2015 23:28
|
|
|
MF_James posted:Honestly you're attempting to pick the shiniest turd of the bunch and your turd is already pretty shiny, it's likely that your issue isn't as much with endpoint security, but somewhere before that, firewall/mail filtering etc Palo Alto supremacy
|
|
#
?
Feb 12, 2015 00:13
|
|
|
we use kaspersky for our endpoint protection, but you really need multiple vendors watching different points. I think we have sophos on our mail filtering and we have trend on our filers, both of which catch plenty of poo poo before it even gets to our endpoints.
|
|
#
?
Feb 12, 2015 01:40
|
|
|
|
| # ? May 6, 2024 13:04 |
|
|
adorai posted:we use kaspersky for our endpoint protection, but you really need multiple vendors watching different points. Yeah, we've got Barracuda spam filtering and Watchguard web filtering, and that combination seems to block most things before they hit the network. Orcs and Ostriches posted:Microsoft Endpoint should come with SCCM, unless things have changed drastically in the last couple years. Things have changed! To use the latest version of SCCM you need to be running Microsoft Intune or an Azure hypervisor (I think) for your virtual servers. I have neither, and I don't see us moving off the (old, out-of-date) VMWare install we have anytime soon. skipdogg posted:
The proxy we had was missing some pretty "minor" things like wildcard support for URLs. It may not have been the most updated version, but for the 20k or whatever we were paying per year it real should have. When I was hired though, I was told it was "going away soon" so I didn't have to worry about it. It's still sitting in a server room, plugged into power. It's gone real far guys! 
|
|
#
?
Feb 12, 2015 08:08
|
|