Re: [mssms] RE: Host intrusion
One word: F-Secure. Their current AV solution has device blocking (USB and other) built-in, also comes with 3rd party application patching solution. http://www.f-secure.com/en/web/business_global/products/business-suite/overview On 8.8.2013 15:40, Thomas Gonzalez wrote: Same, we aren't using hips, but we are implementing hdlp Sent from my Windows Phone From: Kent, Mark mailto:ken...@buffalostate.edu Sent: 8/8/2013 7:37 AM To: mssms@lists.myitforum.com mailto:mssms@lists.myitforum.com Subject: [mssms] RE: Host intrusion I guess with locked down machines and patched OS’s/apps, it’s not as huge a concern for us. Perhaps if we had more time and staff, maybe it would be something we could investigate. We almost used HIPS but at the time I had heard grumblings about the time and effort to set it up properly. Mark Kent (MCP) Sr. Desktop Systems Engineer Computing Technology Services - SUNY Buffalo State *From:* listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] *On Behalf Of *Murray, Mike *Sent:* Wednesday, August 07, 2013 7:34 PM *To:* mssms@lists.myitforum.com *Subject:* [mssms] RE: Host intrusion So, is host intrusion not a concern for anyone? Just curious what your thoughts are… *From:* listsad...@lists.myitforum.com mailto:listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] *On Behalf Of *Murray, Mike *Sent:* Wednesday, August 07, 2013 10:07 AM *To:* mssms@lists.myitforum.com mailto:mssms@lists.myitforum.com *Subject:* [mssms] Host intrusion Posted this in the FEP group, not much response, so going for a wider audience. :) Curious about those of you who have moved to EP after using another product. We’re running the McAfee suite, which includes AV HIPS. If we get rid of McAfee (the goal), we lose host intrusion prevention. Is anyone using another product, or is this even a concern for you? Best Regards, Mike Murray Desktop Management Coordinator - IT Support Services California State University, Chico 530.898.4357 mmur...@csuchico.edu mailto:mmur...@csuchico.edu
[mssms] RE: Host intrusion
Isn't HIPS a royal PITA to set up and maintain? Mark Kent (MCP) Sr. Desktop Systems Engineer Computing Technology Services - SUNY Buffalo State From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Murray, Mike Sent: Wednesday, August 07, 2013 1:07 PM To: mssms@lists.myitforum.com Subject: [mssms] Host intrusion Posted this in the FEP group, not much response, so going for a wider audience. :) Curious about those of you who have moved to EP after using another product. We're running the McAfee suite, which includes AV HIPS. If we get rid of McAfee (the goal), we lose host intrusion prevention. Is anyone using another product, or is this even a concern for you? Best Regards, Mike Murray Desktop Management Coordinator - IT Support Services California State University, Chico 530.898.4357 mmur...@csuchico.edumailto:mmur...@csuchico.edu
[mssms] RE: Host intrusion
McAfee's product isn't. We essentially use their defaults. We have had to make some exceptions here and there, but that's no different from AV. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kent, Mark Sent: Wednesday, August 07, 2013 10:14 AM To: mssms@lists.myitforum.com Subject: [mssms] RE: Host intrusion Isn't HIPS a royal PITA to set up and maintain? Mark Kent (MCP) Sr. Desktop Systems Engineer Computing Technology Services - SUNY Buffalo State From: listsad...@lists.myitforum.commailto:listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Murray, Mike Sent: Wednesday, August 07, 2013 1:07 PM To: mssms@lists.myitforum.commailto:mssms@lists.myitforum.com Subject: [mssms] Host intrusion Posted this in the FEP group, not much response, so going for a wider audience. :) Curious about those of you who have moved to EP after using another product. We're running the McAfee suite, which includes AV HIPS. If we get rid of McAfee (the goal), we lose host intrusion prevention. Is anyone using another product, or is this even a concern for you? Best Regards, Mike Murray Desktop Management Coordinator - IT Support Services California State University, Chico 530.898.4357 mmur...@csuchico.edumailto:mmur...@csuchico.edu
[mssms] RE: Host intrusion
What about using app whitelisting built into Windows 7? Mark Kent (MCP) Sr. Desktop Systems Engineer Computing Technology Services - SUNY Buffalo State From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Murray, Mike Sent: Wednesday, August 07, 2013 1:25 PM To: mssms@lists.myitforum.com Subject: [mssms] RE: Host intrusion McAfee's product isn't. We essentially use their defaults. We have had to make some exceptions here and there, but that's no different from AV. From: listsad...@lists.myitforum.commailto:listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kent, Mark Sent: Wednesday, August 07, 2013 10:14 AM To: mssms@lists.myitforum.commailto:mssms@lists.myitforum.com Subject: [mssms] RE: Host intrusion Isn't HIPS a royal PITA to set up and maintain? Mark Kent (MCP) Sr. Desktop Systems Engineer Computing Technology Services - SUNY Buffalo State From: listsad...@lists.myitforum.commailto:listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Murray, Mike Sent: Wednesday, August 07, 2013 1:07 PM To: mssms@lists.myitforum.commailto:mssms@lists.myitforum.com Subject: [mssms] Host intrusion Posted this in the FEP group, not much response, so going for a wider audience. :) Curious about those of you who have moved to EP after using another product. We're running the McAfee suite, which includes AV HIPS. If we get rid of McAfee (the goal), we lose host intrusion prevention. Is anyone using another product, or is this even a concern for you? Best Regards, Mike Murray Desktop Management Coordinator - IT Support Services California State University, Chico 530.898.4357 mmur...@csuchico.edumailto:mmur...@csuchico.edu
[mssms] RE: Host intrusion
So, is host intrusion not a concern for anyone? Just curious what your thoughts are... From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Murray, Mike Sent: Wednesday, August 07, 2013 10:07 AM To: mssms@lists.myitforum.com Subject: [mssms] Host intrusion Posted this in the FEP group, not much response, so going for a wider audience. :) Curious about those of you who have moved to EP after using another product. We're running the McAfee suite, which includes AV HIPS. If we get rid of McAfee (the goal), we lose host intrusion prevention. Is anyone using another product, or is this even a concern for you? Best Regards, Mike Murray Desktop Management Coordinator - IT Support Services California State University, Chico 530.898.4357 mmur...@csuchico.edumailto:mmur...@csuchico.edu