Educause Security Discussion mailing list archives
AV - Full scans or On Access Scans
From: "David A. Batastini" <DavidB () URI EDU>
Date: Wed, 9 Apr 2008 15:58:25 -0400
All,
I'm trying to get the pulse of what other educational
institutions are doing when it comes to managing AV scans on endpoints. Do
you schedule full system scans or do you rely on the "on Access" scans to
detect malware? If you run full system scans: how often, and what time are
they set to run? If you do not run full system scans, how do you mitigate
the security risk of new malware ( malware that AV did not detect during the
initial on access scan)?
As you can probably guess, I'm getting negative feedback on the intrusive
behavior of our complete system scans. In the past year, we've cut the
frequency in half (from weekly to bi weekly) and randomized the time to try
to lessen the impact. Anyone have any success stories they're willing to
share?
Thanks in advance,
David
--
David Batastini, GCIH
University of Rhode Island
Information Security
DavidB<at>uri.edu
015 Tyler Hall
p. (401) 874-2663
c. (401) 265-5515
f. (401) 874-7004
Current thread:
- AV - Full scans or On Access Scans David A. Batastini (Apr 09)
- <Possible follow-ups>
- Re: AV - Full scans or On Access Scans Ken De Cruyenaere (Apr 09)
- Re: AV - Full scans or On Access Scans I. W. Woodle (Apr 09)
- Re: AV - Full scans or On Access Scans Mike Hanson (Apr 09)
- Re: AV - Full scans or On Access Scans Jenkins, Matthew (Apr 09)
- Re: AV - Full scans or On Access Scans Basgen, Brian (Apr 09)
- Re: AV - Full scans or On Access Scans Charlie Prothero (Apr 09)
- Re: AV - Full scans or On Access Scans Halliday,Paul (Apr 09)
- Re: AV - Full scans or On Access Scans Eric Case (Apr 09)
- Re: AV - Full scans or On Access Scans Jenkins, Matthew (Apr 10)
- Re: AV - Full scans or On Access Scans Jenkins, Matthew (Apr 10)
(Thread continues...)