I've seen it miss some tools that it should have found when they were dropped onto the machine and not pick them up for a few days. Not good but at least no hacks were done or they were blocked if attempted.
Jon On Fri, Mar 26, 2010 at 8:47 AM, John Hornbuckle < john.hornbuc...@taylor.k12.fl.us> wrote: > I agree on all counts. Very easy to deploy and update via WSUS, and the > client software seems to work fine--doesn't overtax the workstations or > cause weirdness. The MOM console is, indeed, "a smidge complicated." I'd go > further than that and say that it's just plain badly-designed, and not at > all user-friendly. > > Roger mentioned false negatives. I've faced that with the "SecurityTools" > malware. Microsoft's argument is that whoever makes SecurityTools is > regularly modifying the executable just enough to make it undetectable with > FCS's definitions. So one version of the malware comes out, Microsoft > modifies defs to detect it, then another slightly different version comes > out. The malware always seems to be a step ahead of FCS. > > Now, I should mention that we run our machines tightly-locked. Not a single > one of our users runs with admin rights, and our students run with software > restriction policies on top of that. Plus, our e-mail antivirus is quite > effective, and our machines stay full-patched. So our layered approach to > security probably helps reduce our odds of being infected with malware > regardless of the AV product we use. And on those occasions where we did get > infected (i.e., with SecurityTools) there was no real damage and cleanup > took about 30 seconds. > > > > John Hornbuckle > MIS Department > Taylor County School District > www.taylor.k12.fl.us > > > > > > > -----Original Message----- > From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] > Sent: Thursday, March 25, 2010 7:53 PM > To: NT System Admin Issues > Subject: RE: Forefront Client Security > > I use it. > > Its trivial to deploy, choose an OU and it sets up the GPO's. > > It just runs:) The mom console is a smidge complicated, but I can tell you > I have never had an issue with false positives or blue screens or any bs > like that. It just runs, properly. > > -----Original Message----- > From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] > Sent: Thursday, March 25, 2010 5:10 PM > To: NT System Admin Issues > Subject: Forefront Client Security > > Anyone using this? I know some of you are using Forefront, but I was > wondering if anyone is using the Client Security to manage it. > > I've seen the console, and it's pretty barren. How is it to actually use, > and deploy to clients, etc? > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > NOTICE: Florida has a broad public records law. Most written communications > to or from this entity are public records that will be disclosed to the > public and the media upon request. E-mail communications may be subject to > public disclosure. > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~