Educause Security Discussion mailing list archives
Re: Anti-Virus/Malware Enterprise Options
From: Kyle Szuta <kszuta () ITHACA EDU>
Date: Wed, 8 Jun 2016 16:16:44 +0000
Hi Doug, We made the switch from McAfee to SCEP on both or Windows and Mac endpoints. In the year before we made the switch, we were not very impressed with McAfee’s detection and removal performance, so I would hesitantly give SCEP the edge there. We have also added Microsoft’s offline SCEP program to our endpoint field techs’ toolboxes. Echoing Brian’s point on SCCM. The reporting and central control here are useful. For example, I get an email anytime multiple assets are infected with the same signature. This helps with triaging our responses. One exception here is that currently the Mac SCEP client does not report anything back to SCCM. So we can not get alerts for those assets. -- Kyle Szuta Information Security Engineer Ithaca College From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Brian Griffith <griffibw () WHITMAN EDU> Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> Date: Wednesday, June 8, 2016 at 11:42 AM To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Anti-Virus/Malware Enterprise Options Hey Doug. We recently made the switch from McAfee to SCEP. In our somewhat limited testing, they performed similarly. I feel slightly better about McAfee (leftover bias against Defender from the early days, perhaps?), but not enough to justify the cost. We feel like the central administration of SCEP is better/easier (IF you already have SCCM up and running), and you get prettier reports out of the box. I'm also excited about the MS APT product as we transition to Windows 10. Brian Griffith Information Security Officer Whitman College On Jun 8, 2016, at 8:32 AM, Doug Brooks <dbrooks () PARKLAND EDU<mailto:dbrooks () parkland edu>> wrote: We are currently using McAfee as our AV solution but are evaluating other options. We are upgrading to the latest McAfee Endpoint Security version for our enterprise but also want to consider other products including Microsoft’s System Center Endpoint Protection/Defender platform. The latter would save us money but I’m not yet confident that it is a viable enterprise solution. I’d appreciate any feedback on McAfee, Microsoft or other enterprise-grade solutions that you are using. Thanks, Doug Parkland College dbrooks () parkland edu<mailto:dbrooks () parkland edu> ________________________________ Email to or from Parkland College employees may be subject to disclosure under the Illinois Freedom of Information Act. This communication is the property of Parkland College and is intended only for use by the recipient identified. If you have received this communication in error, please immediately notify the sender and delete the original communication. Any distribution or copying of this message without the College’s prior consent is prohibited.
Current thread:
- Anti-Virus/Malware Enterprise Options Doug Brooks (Jun 08)
- Re: Anti-Virus/Malware Enterprise Options Brian Griffith (Jun 08)
- Re: Anti-Virus/Malware Enterprise Options Garmon, Joel (Jun 08)
- Re: Anti-Virus/Malware Enterprise Options Burke, Ian R. (Jun 08)
- Re: Anti-Virus/Malware Enterprise Options Livio Ricciulli (Jun 08)
- Re: Anti-Virus/Malware Enterprise Options McClenon, Brady (Jun 09)
- Re: Anti-Virus/Malware Enterprise Options Eric Lukens (Jun 09)
- Re: Anti-Virus/Malware Enterprise Options Garmon, Joel (Jun 08)
- Re: Anti-Virus/Malware Enterprise Options Brian Griffith (Jun 08)