Educause Security Discussion mailing list archives
Re: endpoint security software
From: "McClenon, Brady" <Brady.McClenon () ONEONTA EDU>
Date: Tue, 8 Mar 2016 15:22:01 +0000
We run MS System Center Endpoint Protection on all clients. We recently transitioned from Sophos, and haven't seen an uptick in infections, nor any evidence, based on malware samples provided to us, that SCEP is better or worse than Sophos. We also have licenses to use Malwarebytes Anti-Malware Remediation Tool on College-owned employee machines in the case of suspected infection. For cost savings we didn't buy licenses for Lab machines. They can just be reimaged. We are evaluating Malwarebytes Anti-Exploit to give us another layer of protection against drive-by attacks, but no decision has been made on that. My thought process was that if it seemed effective and I can license it for less than we paid for Sophos, then we could add another layer of protection while still saving money. We could also look at EMET, but I've heard from many sources that EMET can be a bear to deploy and maintain. Also, not that our IPS (TippingPoint) offers us some level of malware protection as well. Brady McClenon Information Technology Security Administrator Information Technology Services - IT Security B237 Milne Library SUNY College at Oneonta 607-436-3203 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jeff Choo Sent: Tuesday, March 08, 2016 9:53 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] endpoint security software Hi Matt, We use Symantec endpoint for more than 10 years now. We offer the same software to all students and faculty for free. So far we found it pretty effective to detect and quarantine any malware (better than Microsoft), but not so in actually removing it in some cases. We then run Malwarebytes to remove whatever Symantec can't. Symantec charges us on employee FTE count and then penny on the dollar for student licenses. Hope this helps, Jeff Choo - Director, Information Technology | Information Security Officer William James College T - 617-327-6777 Ext. 1202 F - 617-477-2002 W - www.williamjames.edu<http://www.williamjames.edu> Jeff_Choo () williamjames edu<mailto:Jeff_Choo () williamjames edu> For support, please send your request to: Email: support () williamjames edu<mailto:support () williamjames edu> Web: http://support.williamjames.edu Phone: 617-327-6777 x1600 Meeting the Needs... Making a Difference From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Ashfield, Matt (NBCC) Sent: Tuesday, March 08, 2016 8:46 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] endpoint security software Good Morning Our institution, like a large percentage in higher ed are running the Microsoft security essentials on desktops, which is included in our licensing agreement with Microsoft. While that works ok for AV detection, I'm wondering if any institutions out there are doing running additional desktop security software (e.g. anti-malware software like MalwareBytes, or others) and if so, if you had related RFP/RFI for such a procurement. Any info you can provide is appreciated. Thanks, Matt NBCC This message may contain confidential information intended only for the individual named. If you received this message by mistake, please let the sender know by e-mail reply and delete it from your system. If you are not the intended recipient you are hereby notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
Current thread:
- endpoint security software Ashfield, Matt (NBCC) (Mar 08)
- Re: endpoint security software Jeff Choo (Mar 08)
- Re: endpoint security software McClenon, Brady (Mar 08)
- Re: endpoint security software Johnson, Matthew (Mar 08)
- Re: endpoint security software Kevin Wilcox (Mar 08)
- Re: endpoint security software Jeff Choo (Mar 08)