Educause Security Discussion mailing list archives
Re: Microsoft antivirus
From: Tim Doty <tdoty () MST EDU>
Date: Mon, 11 Mar 2013 14:54:15 -0500
On 03/11/2013 02:24 PM, Ed Zawacki wrote:
I just wanted to say that I appreciate all of the comments I've received on this topic to both me directly and to the list. One interesting observation is that of the people who responded, it seems that nearly everyone that switched to MS FEP seems happy with it. A few weeks ago, I was looking at Gartner's magic quadrant for endpoint protection as well as a report they did on FEP a year or so ago and they seemed to be underwhelmed. Odd.
Here's another University of Missouri response. Although all campuses are on FEP (I believe) there are five member institutions so situations vary.
I can say that how well you will like it depends on how it is deployed and managed. For example, I don't have any access to the SCCM so there is no visibility or reporting. And, those that do have access to it here don't take advantage of it.
From an effectiveness stand point it hasn't seemed particularly effective. It has happy to allow an old virus (financial data stealer) to continue operating (the system had been infected before the change to FEP) and in general web-based infections seem to occur without a hitch. Maybe it stops some of them, but as I have no visibility into the SCCM I can't tell.
However, it isn't like the previous product (McAfee) was doing any better from an effectiveness standpoint and we didn't have visibility into its activity/alerting either. For me, the major difference has been submitting samples and in that respect Microsoft seems better now than it was a year ago, though it does vary significantly. Time from submission to update has ranged from very fast (may have been less than a day, I don't remember for sure) to well over a week.
Tim Doty System Security Analyst Missouri S&T
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Microsoft antivirus Ed Zawacki (Mar 11)
- Re: Microsoft antivirus Rickard, Josh A. (Mar 11)
- Re: Microsoft antivirus Drew Perry (Mar 11)
- Re: Microsoft antivirus Dexter Caldwell (Mar 11)
- Re: Microsoft antivirus Drew Perry (Mar 11)
- Re: Microsoft antivirus David Opitz (Mar 11)
- Re: Microsoft antivirus Jim Stasik (Mar 11)
- Re: Microsoft antivirus Rick Baker (Mar 11)
- Re: Microsoft antivirus Fisher, Matthew C (Mar 11)
- Re: Microsoft antivirus Ed Zawacki (Mar 11)
- Re: Microsoft antivirus Tim Doty (Mar 11)
- Re: Microsoft antivirus Santabarbara, Angelo (Mar 11)
- Re: Microsoft antivirus Jason Gates (Mar 11)
- Re: Microsoft antivirus Jeff Kell (Mar 11)
- Re: Microsoft antivirus Barros, Jacob (Mar 12)
- Re: Microsoft antivirus Jason Gates (Mar 12)
- Re: Microsoft antivirus Tim Doty (Mar 12)
- Re: Microsoft antivirus Ed Zawacki (Mar 11)
- Re: Microsoft antivirus Rickard, Josh A. (Mar 11)
- Re: Microsoft antivirus Santabarbara, Angelo (Mar 11)
- <Possible follow-ups>
- Re: Microsoft antivirus Rick Baker (Mar 11)