Educause Security Discussion mailing list archives

Re: Anti-Virus/Malware Enterprise Options

From: Kyle Szuta <kszuta () ITHACA EDU>
Date: Wed, 8 Jun 2016 16:16:44 +0000

Hi Doug,

We made the switch from McAfee to SCEP on both or Windows and Mac endpoints. In the year before we made the switch, we 
were not very impressed with McAfee’s detection and removal performance, so I would hesitantly give SCEP the edge 
there. We have also added Microsoft’s offline SCEP program to our endpoint field techs’ toolboxes.

Echoing Brian’s point on SCCM. The reporting and central control here are useful. For example, I get an email anytime 
multiple assets are infected with the same signature. This helps with triaging our responses. One exception here is 
that currently the Mac SCEP client does not report anything back to SCCM. So we can not get alerts for those assets.

--
Kyle Szuta
Information Security Engineer
Ithaca College

From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Brian Griffith 
<griffibw () WHITMAN EDU>
Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Wednesday, June 8, 2016 at 11:42 AM
To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Anti-Virus/Malware Enterprise Options

Hey Doug. We recently made the switch from McAfee to SCEP. In our somewhat limited testing, they performed similarly. I 
feel slightly better about McAfee (leftover bias against Defender from the early days, perhaps?), but not enough to 
justify the cost. We feel like the central administration of SCEP is better/easier (IF you already have SCCM up and 
running), and you get prettier reports out of the box. I'm also excited about the MS APT product as we transition to 
Windows 10.

Brian Griffith
Information Security Officer
Whitman College



On Jun 8, 2016, at 8:32 AM, Doug Brooks <dbrooks () PARKLAND EDU<mailto:dbrooks () parkland edu>> wrote:
We are currently using McAfee as our AV solution but are evaluating other options.  We are upgrading to the latest 
McAfee Endpoint Security version for our enterprise but also want to consider other products including Microsoft’s 
System Center Endpoint Protection/Defender platform.  The latter would save us money but I’m not yet confident that it 
is a viable enterprise solution.

I’d appreciate any feedback on McAfee, Microsoft or other enterprise-grade solutions that you are using.

Thanks,

Doug
Parkland College
dbrooks () parkland edu<mailto:dbrooks () parkland edu>

________________________________
Email to or from Parkland College employees may be subject to disclosure under the Illinois Freedom of Information Act. 
This communication is the property of Parkland College and is intended only for use by the recipient identified. If you 
have received this communication in error, please immediately notify the sender and delete the original communication. 
Any distribution or copying of this message without the College’s prior consent is prohibited.

Current thread:

Anti-Virus/Malware Enterprise Options Doug Brooks (Jun 08)
- Re: Anti-Virus/Malware Enterprise Options Brian Griffith (Jun 08)
  - Re: Anti-Virus/Malware Enterprise Options Garmon, Joel (Jun 08)
    - Re: Anti-Virus/Malware Enterprise Options Burke, Ian R. (Jun 08)
    - Re: Anti-Virus/Malware Enterprise Options Livio Ricciulli (Jun 08)
    - Re: Anti-Virus/Malware Enterprise Options McClenon, Brady (Jun 09)
    - Re: Anti-Virus/Malware Enterprise Options Eric Lukens (Jun 09)
  - Re: Anti-Virus/Malware Enterprise Options Kyle Szuta (Jun 08)
- Re: Anti-Virus/Malware Enterprise Options Ric Getter (Jun 09)