Calgarypuck Forums - The Unofficial Calgary Flames Fan Community - View Single Post

Rathji · 03-10-2014, 10:00 PM

MSE is only licensed for up to 10 users and not suitable at all for a business environment. Microsoft even stated when Windows 8 came out that it should not be your first line of defense for AV.

You need a centrally managed AV solution. I have experience with Trend Micro, AVG and Symantec Endpoint Protection and all work. Something that alerts you when there is an infection, so you can perform additional scans and target hardening as required. The cost for such a solution is typically similar to non-managed options, especially considering the time involved in updating and deplying the software is reduced..

You also need a second layer of defense. Your AV appliance should be handling this but is over taxed so moving that load to the PC or the cloud would be a good plan. Your Umbrella solution might be a good one - I don't have any experience with it, personally, but it should work similar to MBAM's malicious website blocking, which I quite like. MBAM would be an option I would consider for sure, and CryptoPrevent, which was designed to prevent Cryptolocker also can prevent lots of other infections as well.

Another cloud option would be aggressive spam filtering, through a service like Intel's MXLogic.

Ensuring that no user is running with administrative privileges will likely eliminate almost all web browser attacks and most other vectors, and locking down scripting in the browser except for required websites.

You could also take steps to eliminate USB infection by disabling devices, but I find that it is more trouble than it is worth.

03-10-2014, 10:00 PM	#3
Rathji Franchise Player Join Date: Nov 2006 Location: Supporting Urban Sprawl Exp:	MSE is only licensed for up to 10 users and not suitable at all for a business environment. Microsoft even stated when Windows 8 came out that it should not be your first line of defense for AV. You need a centrally managed AV solution. I have experience with Trend Micro, AVG and Symantec Endpoint Protection and all work. Something that alerts you when there is an infection, so you can perform additional scans and target hardening as required. The cost for such a solution is typically similar to non-managed options, especially considering the time involved in updating and deplying the software is reduced.. You also need a second layer of defense. Your AV appliance should be handling this but is over taxed so moving that load to the PC or the cloud would be a good plan. Your Umbrella solution might be a good one - I don't have any experience with it, personally, but it should work similar to MBAM's malicious website blocking, which I quite like. MBAM would be an option I would consider for sure, and CryptoPrevent, which was designed to prevent Cryptolocker also can prevent lots of other infections as well. Another cloud option would be aggressive spam filtering, through a service like Intel's MXLogic. Ensuring that no user is running with administrative privileges will likely eliminate almost all web browser attacks and most other vectors, and locking down scripting in the browser except for required websites. You could also take steps to eliminate USB infection by disabling devices, but I find that it is more trouble than it is worth. __________________ "Wake up, Luigi! The only time plumbers sleep on the job is when we're working by the hour." Last edited by Rathji; 03-10-2014 at 10:09 PM. Reason: fixed formatting from typing on phone