I don't understand the point you're trying to get across - I was just saying that most enterprise AV does a lot more than just AV, and that I don't know any enterprise that uses the built-in AV (or MSE) because there's no management/reporting tools for it.
FWIW, most BYOD I've seen involves the user installing the company's end-point client (or agreeing that they have something similar installed), but then accessing all the company's apps through VDI or XenApp etc. Because the apps and data aren't on the end user's machine, end point protection and management becomes less of an issue. Cheers Ken From: [email protected] [mailto:[email protected]] On Behalf Of Scott Barnes Sent: Friday, 19 April 2013 2:45 PM To: ozDotNet Subject: Re: [OT] Surface RT or Surface Pro? I would have thought by now virus / security for mainstream issues has been streamlined given companies also are opting in for the "BYOD" scenarios? --- Regards, Scott Barnes http://www.riagenic.com On Fri, Apr 19, 2013 at 12:15 PM, Ken Schaefer <[email protected]<mailto:[email protected]>> wrote: No enterprise I've ever done work for uses the in-built Microsoft virus/malware tools because there are no central management tools for them (you have to go to Forefront Endpoint Protection/SCEP instead). The license for Microsoft Security Essentials (from memory) prohibits you from using it orgs with more than 10 users anyway. Secondly, most enterprise end point protection tools do FW, AV, HIPS, NAC etc in one tool, with one reporting console. That's why hardly anyone (to date) in big orgs uses the Microsoft stuff. Cheers Ken From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Scott Barnes Sent: Friday, 19 April 2013 11:46 AM To: ozDotNet Subject: Re: [OT] Surface RT or Surface Pro? Don't disagree i put all of that under the SOE readiness banner.. I have seen a few organisations that use AV as a blocking issue for migration as assuming you get all the other change management protocols under control if the slightest hint of "Your computers aren't protected" appears they in turn pounce on it. I've also seen a fight break out or two electronically over the merits of adopting a 3rd party virus scanner over the inbuilt one within Windows 8 given the total amount of "patterns" aren't int he 90's+ compared to the inbuilt one being in the 60s+... I think the end was that the Windows 8 didn't cover off all virus's given that most of the virus's that aren't being covered dont "exist" anymore or have not shown any signs of reappearing or rely on old ways to breach the OS ... --- Regards, Scott Barnes http://www.riagenic.com On Thu, Apr 18, 2013 at 2:49 PM, Ken Schaefer <[email protected]<mailto:[email protected]>> wrote: AV clients aren't a blocker for most enterprise client migrations. Usually the blocker is the huge cost involved, due to the large number of people involved in getting the release out - Need to go and gather requirements from many business units - Need to go and find out all the differences (e.g. new security settings/defaults) between the old platform and the new one, and then get the security group (and regulators etc.) to sign off on the new proposed standard - Need to do sociability testing of all the base infrastructure (including end-point protection, but also VPN clients, monitoring tools, deployment tools, asset tracking tools, provisioning tools, procurement tools) - Need to do sociability testing of business apps (e.g. a big bank will have hundreds of apps) - Need to create the necessary builds, scripts etc. and update deployment infrastructure to cater for the new platform. - Need to validate which hardware models the new build will actually work on, and work to retire the rest - Need to work out how to migrate existing user data during the upgrade process - Need to get all the necessary support in place (e.g. floor walkers), plus user guides / self-help training etc, negotiate roll out schedules with business units blah blah For really big orgs, with hundreds of thousands of seats, you never really finish one upgrade before you're already planning the next one. The end-point protection client is probably the least of the issues. Cheers Ken From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Scott Barnes Sent: Wednesday, 17 April 2013 6:05 PM To: ozDotNet Subject: Re: [OT] Surface RT or Surface Pro? The reality is most Enterprises that have moved to Windows 7 aren't likely to rush out again on Windows 8, they'll probably want the dust to settle and lot of time the stalling point for migration between Operating Systems isn't just SOE red-tape its often because Virus scanners themselves haven't gotten their act together to produce a solid build for the latest edition (i'm looking at you Symantec) ..... oh yes despite their being a built-in Virus scanner in Windows 8....
