What's the name of the "sleeping" AV component? This thread is of particular interest since I'm plannning to pilot a VDI deployment and a few engineers have mentioned the need to not have local AV protection any longer. I tend to err on the side of caution, but it's a persuading assertion; either from a cost and technical perspective.
On Sunday, October 9, 2011, <kz2...@googlemail.com> wrote: > Reactive AV is being phased out of our XenApp systems next week. We are going > to maintain a "sleeping" AV component and do a deep scan once a week. > Realtime monitoring is being turned off and we will rely entirely on the > application management suite. We are not doing this blithely - currently app > management stops about thirty or forty pieces of malware executing per week, > and our AV catches precisely zero. In this environment, AV is just a waste of > resources. > > Sent from my POS BlackBerry wireless device, which may wipe itself at any > moment > > -----Original Message----- > From: Alex Eckelberry <alex.eckelbe...@gfi.com> > Date: Sun, 9 Oct 2011 17:55:58 > To: NT System Admin Issues<ntsysadmin@lyris.sunbelt-software.com> > Reply-To: "NT System Admin Issues" > <ntsysadmin@lyris.sunbelt-software.com>Subject: RE: AV and malware protection? > > Hmmm.... Take a look at the Wildlist, which is the list of currently > verified viruses. There's still a lot of nasty stuff out there. > > http://www.wildlist.org/WildList/201108.txt > > We see plenty of viruses out there, and relying on a product like > Malwarebytes as your only line of defense is a serious mistake, IMHO. It's > an excellent product (remember we partner with them and are very close to > them, so this is not a slight in the least on their technology) but you > really, really need an AV product as a complement. > > Alex > > > -----Original Message----- > From: Ben Scott [mailto:mailvor...@gmail.com] > Sent: Sunday, October 09, 2011 1:27 PM > To: NT System Admin Issue > Subject: Re: AV and malware protection? > > On Sun, Oct 9, 2011 at 12:23 PM, Alex Eckelberry <alex.eckelbe...@gfi.com> > wrote: >> It's worth noting that MalwareBytes is not an antivirus product. >> It is, however, an excellent protecter/cleaner against modern Trojans >> and rogue antivirus products. > > And the difference between these two things is...? > > Viruses are largely obsolete anyway. Between ubiquitous network > connectivity and autorun, nobody needs to bother. Today's injection vectors > are exploitable vulnerabilities in networked software and social engineering. > An attacker crafting malware to piggy-back on benign executables exchanged > via sneakernet is like worrying about how to attach a team of horses to your > car. > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > DISCLAIMER The information contained in this electronic mail may be > confidential or legally privileged. It is for the intended recipient(s) only. > Should you receive this message in error, please notify the sender by > replying to this mail. Please do not read, copy, forward or store this > message unless you are an intended recipient of it - unauthorized use of > contents is strictly prohibited. Unless expressly stated, opinions in this > message are those of the individual sender and not of GFI. While all care has > been taken, GFI is not responsible for the integrity or the contents of this > electronic mail and any attachments included within. (GFI2011) > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin