I put another vendor's agent on endpoints in addition to Falcon to clean some of that 'stuff' and provide a bit more defense in depth as well. However, there's a lot of, for lack of a better term, hygiene sort of 'stuff' that people get over time on machines (Chrome plug-ins/residue) that due to the behavioral nature and non-traditional scanning, Falcon doesn't care about. Only thing I'd say that didn't work as well for us is that, as mentioned above, Falcon is smart enough to know what's a real threat and what's not. doesn't work since Falcon is smart enough to know it's not a real threat. There is built-in test/detection functionality, but it was definitely a shift in the way I thought/approached things as EICAR, etc. If you're coming from a more traditional endpoint product, be prepared for it to be unsettlingly quiet. The small number of exemptions I've had to set up due to false positives have been very easy. Early on I was a bit paranoid about turning on certain settings and I ended up (in retrospect) unnecessarily setting up too many test groups for policies, etc. Implementation calls and follow-ups have been very helpful getting Best Practices and advice/tuning specific to our environment. Their documentation is (IMO) great - very easy to follow, clear, concise. One of, if not the easiest implementation I've done in recent memory. I rarely find an opportunity where I can give a product, service and support team a 5 star review across the board but with Sophos I have yet to have any experience that could detract for the rating. (And we continue to expand the list of Sophos Products in our tool kit) It goes without saying, based on the level of service and support received at that time and seeing the product function under a real time attack - we immediately elected to use Sophos for our EDR solution on a go forward basis. Over the course of the next week, we had constant contact with top tier technicians and support.
#ANTIVIRUS SYMANTEC ENDPOINT TRIAL#
I sent an email to the representatives we had been speaking to earlier in the day to inquire about launch a trial in an effort to protect systems not yet compromised and within 5 minutes we were back on the phone, launching a trial and engaging Sophos's Rapid Response Team. Unknown to us, the previous attacker still had a backdoor into our network, and a few hours after the call with Sales we experienced a major attack. Our introduction to Sophos was a collision course, we had engaged their sales team for an exploratory review after we had recently had a malware incident and wanted to part with our previous vendor.
#ANTIVIRUS SYMANTEC ENDPOINT SOFTWARE#
A further reason for switching to this product, we are required to obtain a more advanced and modern up-to-date security software that will be able to counter the recent and ever-changing technology attacks or threats to our employees. In my opinion, Symantec Endpoint Protection is performing a decent job in detecting traditional viruses and malware threats with a hybrid approach as compared to options for other products. It has unique intrusion, firewall, and anti-malware features and provides data loss, unapproved programs prevention from running, and applies its policies that stop bad network traffic if required. Our servers have got the strictest policies to keep them secure and the end-user policy focuses on the browser and USB lockdown. It has boosted our confidence to work in a safe and secure environment. It allows machines to be scanned automatically and provides weekly updates and reports. It is widely used as a primary malware and virus solution to protect the devices from malicious sites/code/applications globally. This product is being used by our entire organization, throughout various locations.
0 kommentar(er)
