Simpler, yes, but GPO has no way of reporting success and failures or allowing you to isolate outbreaks.
The idea behind integrating Forefront (now, just Endpoint Protection) with ConfigMgr is that a) it uses robust distribution technology for the client and all subsequent updates (a lot like WSUS), b) installation and update success and failures are tracked and monitored from a central point, c) virus detection can be monitored, hence, client security can be managed and a client can be isolated (using and integrated NAP environment) if there's an outbreak. There's other reasons and it will depend on your own environment. Granted.if you're managing a couple hundred PCs it's probably not for you unless the endpoints are located over a wide area. From: Paul Hutchings [mailto:[email protected]] Sent: Friday, November 11, 2011 7:57 AM To: NT System Admin Issues Subject: RE: Antivirus Recommendations? We used to use Trend. I quite liked it but we had "issues" with detection hence the switch. One thing I would quite like is something that can be deployed as an MSI via Group Policy as it just makes deployment so much simpler. From: James Rankin [mailto:[email protected]] Sent: 11 November 2011 12:36 To: NT System Admin Issues Subject: Re: Antivirus Recommendations? SCCM to deploy it? Didn't realise that. Nasty. I'm still a fan of Vipre, and Trend's offering isn't too bad, although the detection rates were not vastly impressive. I tend to look at things from a XenApp/RDS point of view though so I may dismissing some products that would be perfectly fine for you on a traditional fat client machine. On 11 November 2011 12:27, Paul Hutchings <[email protected]> wrote: We actually have Forefront licenses via an MS agreement, I just don't think I want to try and get my teeth into SCCM right now just to administer it (I appreciate that SCCM does all manner of things but YKWIM, it's a bit of a monster). We do all the defence in depth stuff regards perimiter scanning, URL blocking etc. From: James Rankin [mailto:[email protected]] Sent: 11 November 2011 12:20 To: NT System Admin Issues Subject: Re: Antivirus Recommendations? I haven't dealt much with AV over the last year, but I liked Vipre Enterprise last time I did. However we did move from Symantec so anything would probably have been a vast improvement. I notice a lot of people are fans of the MS offerings now (Forefront, Security Essentials, etc, don't know the exact current brand names). Truth be known is that no AV can provide 100% coverage, and the ones that provide advanced heuristic detection are usually the ones with the bigger footprints. I'm personally a fan of coupling up your reactive AV with something like AppLocker from MS, if you're an AD shop, and obviously some good event log monitoring procedures. Defense-in-depth is usually the only way to stay fairly safe. YMMV, etc. On 11 November 2011 12:11, Paul Hutchings <[email protected]> wrote: Our Avira Antivir license is up for renewal in a couple of months. Whilst we've had no significant issues, I want to look at a couple of other options so that even if we stay with Avira it's for the right technical reasons. We have around 550 PC's, a mix of Windows XP, Windows Vista, Windows 7, predominantly 32bit with some x64. I'd be looking for a mixture of good centralised management (this almost always seems to rule out many vendors) combined with low client footprint - and something that is totally "hands off" from the end user perspective and that "just works". Suggestions? Thanks, Paul _____ MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 100 1464 84 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." ***** IMPORTANT INFORMATION/DISCLAIMER ***** This document should be read only by those persons to whom it is addressed. If you have received this message it was obviously addressed to you and therefore you can read it, even it we didn't mean to send it to you. However, if the contents of this email make no sense whatsoever then you probably were not the intended recipient, or, alternatively, you are a mindless cretin; either way, you should immediately kill yourself and destroy your computer (not necessarily in that order). Once you have taken this action, please contact us.. no, sorry, you can't use your computer, because you just destroyed it, and possibly also committed suicide afterwards, but I am starting to digress...... The originator of this email is not liable for the transmission of the information contained in this communication. Or are they? Either way it's a pretty dull legal query and frankly one I'm not going to dwell on. But should you have nothing better to do, please feel free to ruminate on it, and please pass on any concrete conclusions should you find them. However, if you pass them on via email, be sure to include a disclaimer regarding liability for transmission. In the event that the originator did not send this email to you, then please return it to us and attach a scanned-in picture of your mother's brother's wife wearing nothing but a kangaroo suit, and we will immediately refund you exactly half of what you paid for the can of Whiskas you bought when you went to Pets At Home yesterday. We take no responsibility for non-receipt of this email because we are running Exchange 5.5 and everyone knows how glitchy that can be. In the event that you do get this message then please note that we take no responsibility for that either. Nor will we accept any liability, tacit or implied, for any damage you may or may not incur as a result of receiving, or not, as the case may be, from time to time, notwithstanding all liabilities implied or otherwise, ummm, hell, where was I...umm, no matter what happens, it is NOT, and NEVER WILL BE, OUR FAULT! The comments and opinions expressed herein are my own and NOT those of my employer, who, if he knew I was sending emails and surfing the seamier side of the Internet, would cut off my manhood and feed it to me for afternoon tea. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." ***** IMPORTANT INFORMATION/DISCLAIMER ***** This document should be read only by those persons to whom it is addressed. If you have received this message it was obviously addressed to you and therefore you can read it, even it we didn't mean to send it to you. However, if the contents of this email make no sense whatsoever then you probably were not the intended recipient, or, alternatively, you are a mindless cretin; either way, you should immediately kill yourself and destroy your computer (not necessarily in that order). Once you have taken this action, please contact us.. no, sorry, you can't use your computer, because you just destroyed it, and possibly also committed suicide afterwards, but I am starting to digress...... The originator of this email is not liable for the transmission of the information contained in this communication. Or are they? Either way it's a pretty dull legal query and frankly one I'm not going to dwell on. But should you have nothing better to do, please feel free to ruminate on it, and please pass on any concrete conclusions should you find them. However, if you pass them on via email, be sure to include a disclaimer regarding liability for transmission. In the event that the originator did not send this email to you, then please return it to us and attach a scanned-in picture of your mother's brother's wife wearing nothing but a kangaroo suit, and we will immediately refund you exactly half of what you paid for the can of Whiskas you bought when you went to Pets At Home yesterday. We take no responsibility for non-receipt of this email because we are running Exchange 5.5 and everyone knows how glitchy that can be. In the event that you do get this message then please note that we take no responsibility for that either. Nor will we accept any liability, tacit or implied, for any damage you may or may not incur as a result of receiving, or not, as the case may be, from time to time, notwithstanding all liabilities implied or otherwise, ummm, hell, where was I...umm, no matter what happens, it is NOT, and NEVER WILL BE, OUR FAULT! The comments and opinions expressed herein are my own and NOT those of my employer, who, if he knew I was sending emails and surfing the seamier side of the Internet, would cut off my manhood and feed it to me for afternoon tea. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
