I’d say you have your bases covered pretty well, if you are looking to go to FEP and already have app whitelisting in place. I’d like to look into the app whitelisting in the future as well. Are your users admins on their boxes?
Mark Kent (MCP) Sr. Desktop Systems Engineer Computing & Technology Services - SUNY Buffalo State From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Murray, Mike Sent: Thursday, August 08, 2013 10:27 AM To: mssms@lists.myitforum.com Subject: RE: [mssms] RE: Host intrusion We’re trying to avoid purchasing a product. We already have McAfee, moving to Endpoint Protection (hopefully). Never mind. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Tuomo Leppänen Sent: Thursday, August 08, 2013 6:25 AM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: Re: [mssms] RE: Host intrusion One word: F-Secure. Their current AV solution has device blocking (USB and other) built-in, also comes with 3rd party application patching solution. http://www.f-secure.com/en/web/business_global/products/business-suite/overview On 8.8.2013 15:40, Thomas Gonzalez wrote: Same, we aren't using hips, but we are implementing hdlp Sent from my Windows Phone ________________________________ From: Kent, Mark<mailto:ken...@buffalostate.edu> Sent: 8/8/2013 7:37 AM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] RE: Host intrusion I guess with locked down machines and patched OS’s/apps, it’s not as huge a concern for us. Perhaps if we had more time and staff, maybe it would be something we could investigate. We almost used HIPS but at the time I had heard grumblings about the time and effort to set it up properly. Mark Kent (MCP) Sr. Desktop Systems Engineer Computing & Technology Services - SUNY Buffalo State From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Murray, Mike Sent: Wednesday, August 07, 2013 7:34 PM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] RE: Host intrusion So, is host intrusion not a concern for anyone? Just curious what your thoughts are… From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Murray, Mike Sent: Wednesday, August 07, 2013 10:07 AM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] Host intrusion Posted this in the FEP group, not much response, so going for a wider audience. :) Curious about those of you who have moved to EP after using another product. We’re running the McAfee suite, which includes AV & HIPS. If we get rid of McAfee (the goal), we lose host intrusion prevention. Is anyone using another product, or is this even a concern for you? Best Regards, Mike Murray Desktop Management Coordinator - IT Support Services California State University, Chico 530.898.4357 mmur...@csuchico.edu<mailto:mmur...@csuchico.edu>