Re: endpoint security software

["McClenon, Brady" <Brady.McClenon () ONEONTA EDU>]

We run MS System Center Endpoint Protection on all clients.  We recently transitioned from Sophos, and haven't seen an 
uptick in infections, nor any evidence, based on malware samples provided to us, that SCEP is better or worse than 
Sophos.  We also have licenses to use Malwarebytes Anti-Malware Remediation Tool on College-owned employee machines in 
the case of suspected infection.  For cost savings we didn't buy licenses for Lab machines. They can just be reimaged.

We are evaluating Malwarebytes Anti-Exploit to give us another layer of protection against drive-by attacks, but no 
decision has been made on that.  My thought process was that if it seemed effective and I can license it for less than 
we paid for Sophos, then we could add another layer of protection while still saving money.  We could also look at 
EMET, but I've heard from many sources that EMET can be a bear to deploy and maintain.

Also, not that our IPS (TippingPoint) offers us some level of malware protection as well.


Brady McClenon
Information Technology Security Administrator
Information Technology Services - IT Security
B237 Milne Library
SUNY College at Oneonta
607-436-3203








From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jeff Choo
Sent: Tuesday, March 08, 2016 9:53 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] endpoint security software

Hi Matt,

We use Symantec endpoint for more than 10 years now.  We offer the same software to all students and faculty for free.  
So far we found it pretty effective to detect and quarantine any malware (better than Microsoft), but not so in 
actually removing it in some cases.  We then run Malwarebytes to remove whatever Symantec can't.  Symantec charges us 
on employee FTE count and then penny on the dollar for student licenses.

Hope this helps,


Jeff Choo - Director, Information Technology | Information Security Officer
William James College
T - 617-327-6777 Ext. 1202
F - 617-477-2002
W - www.williamjames.edu<http://www.williamjames.edu>
Jeff_Choo () williamjames edu<mailto:Jeff_Choo () williamjames edu>

For support, please send your request to:
Email: support () williamjames edu<mailto:support () williamjames edu>
Web: http://support.williamjames.edu
Phone: 617-327-6777 x1600

Meeting the Needs... Making a Difference



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Ashfield, Matt (NBCC)
Sent: Tuesday, March 08, 2016 8:46 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] endpoint security software

Good Morning

Our institution, like a large percentage in higher ed are running the Microsoft security essentials on desktops, which 
is included in our licensing agreement with Microsoft. While that works ok for AV detection, I'm wondering if any 
institutions out there are doing running additional desktop security software (e.g. anti-malware software like 
MalwareBytes, or others) and if so, if you had related RFP/RFI for such a procurement. Any info you can provide is 
appreciated.

Thanks,

Matt
NBCC


This message may contain confidential information intended only for the individual named. If you received this message 
by mistake, please let the sender know by e-mail reply and delete it from your system. If you are not the intended 
recipient you are hereby notified that disclosing, copying, distributing or taking any action in reliance on the 
contents of this information is strictly prohibited.