Educause Security Discussion mailing list archives
Re: Centralized Antivirus Recommendation
From: Eme Ejike <eejike () ODU EDU>
Date: Mon, 3 May 2010 16:53:23 -0400
We utilize the Mcafee E-policy Orchestrator. Mcafee enterprise 8.7 + antispyware module seems to have made an improvement on client memory and background processor usage. In addition, some contracts allow for student and faculty use I had deployed this out in 2007 as one of my preliminary centralization efforts. We still use this with updates and patches of course. The logging is quite verbose. we have leveraged the logs in our security operations manager. it provides outbreak management. Dat update management with provisions for a local repository --which we use--. AD domain deployment --- not so pretty because we do not allow SMB across subnets (exceptions were created for deployment). It however allows for custom frame package installs and switches. Those still on Novell can use snapshots for deployment. Some of the log information comes to play in daily monitoring reports. i) Anti virus shut down events --- Relevancy? first attempted normally before root kit installations i) Last check in ------ Something is wrong ii) Non updated clients iii) Unresolvable files (per host with whitelist and exceptions ) iv) Outbreak monitoring v) Identifying Notorious web surfers (where do you keep going to get this junk ? ---> AUP comes into play) Eme Ejike University Systems Security Officer Old Dominion University Norfolk, VA, 23508
Current thread:
- Centralized Antivirus Recommendation Sabourin, Justin (May 03)
- <Possible follow-ups>
- Re: Centralized Antivirus Recommendation Mike Hanson (May 03)
- Re: Centralized Antivirus Recommendation Mark Rogowski (May 03)
- Re: Centralized Antivirus Recommendation Eme Ejike (May 03)
- Re: Centralized Antivirus Recommendation Alex Keller (May 03)
- Re: Centralized Antivirus Recommendation Dexter Caldwell (May 03)
- Re: Centralized Antivirus Recommendation Valdis Kletnieks (May 03)
- Re: Centralized Antivirus Recommendation Lanham, Sean (May 03)
- Re: Centralized Antivirus Recommendation King, Ronald A. (May 03)
- Re: Centralized Antivirus Recommendation Jay Fowler (May 03)
- Re: Centralized Antivirus Recommendation Eric Case (May 03)
- Re: Centralized Antivirus Recommendation Schoenefeld, Keith (May 04)
- Re: Centralized Antivirus Recommendation Dexter Caldwell (May 04)