Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
BCM
User Panel
aim
CA
Hit
palmetto
magpul
brownells
GS
geissele
skd
JRH
springfield
jt
troy
VP
vortex
fightlite
bravocompany
RS
delton
silencerShop
SDS
laRue
primaryArms
midwest

SAS
primaryArms
cmmg
silencerShop
dsa
fightlite
Pro2A
palmetto
JRH
bravocompany
Faxxon
RS
blackhills
ar15com
gray
CA
LAPG
brownells
THBRD
geissele
jt
springfield
LAPG
bravocompany
cmmg
tnvc
trijicon
troy
Users Online4486 Online
bravocompany missing Hydra
Page General » Urban Commandos
Archived [ARCHIVED THREAD] - spybot / malwarebytes in enterprise environment
Posted: 12/13/2014 8:42:39 AM EDT
does anyone deloy/ use either of these products in an enterprise environment.

does one work better than the other.

any significant downgrade of system performace?

any input would be greatly appreciated

EDIT:   i kinda figured i wouldn't get any responses

Link Posted: 12/15/2014 1:04:36 AM EDT
[#1]
Enterprise environments don't really "clean" machines, they just get re-imaged.  Which is why most enterprise security efforts are focused on automated interdiction, and IDS/IPS.  It's far more appropriate to detect that a machine is compromise and then automatically remove it from the network for kick it into a VLAN that's not trusted.
Link Posted: 12/15/2014 4:01:54 PM EDT
[#2]
At the last places I was working, we'd attempt cleanup, but if it was truly borked up, we'd reimage.  The workstations would have enterprise versions of Symantec or McAfee, otherwise any viral or malware detection would be done by observing network traffic.

Anti-malware products suffer the same problems AV programs do, in that they don't detect everything.  Once a machine is observed exhibiting abnormal traffic, it's either moved to a separate vlan as Enigma stated, or the port is shut off.  From there we would install a couple of anti-malware programs after the fact and attempt to clean it.

Link Posted: 12/19/2014 2:16:08 PM EDT
[#3]
Discussion ForumsJump to Quoted PostQuote History
Quoted:
Enterprise environments don't really "clean" machines, they just get re-imaged.  Which is why most enterprise security efforts are focused on automated interdiction, and IDS/IPS.  It's far more appropriate to detect that a machine is compromise and then automatically remove it from the network for kick it into a VLAN that's not trusted.
View Quote


This.

Why spend an hour and a half running scans when the PC can be replaced with one that has a fresh image in under 30 minutes.

Link Posted: 12/19/2014 2:56:41 PM EDT
[#4]
Intrusion protection system blocks a lot of shit before it can do damage.  I use Sonicwall.
Archived [ARCHIVED THREAD] - spybot / malwarebytes in enterprise environment
Page General » Urban Commandos
Close Join Our Mail List to Stay Up To Date! Win a FREE Membership!

Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!

You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.


By signing up you agree to our User Agreement. *Must have a registered ARFCOM account to win.
Pro2A
jt
brownells
THBRD
LAPG
RS
primaryArms
gray
blackhills
springfield
geissele
LAPG
dsa
silencerShop
bravocompany
Faxxon
CA
SAS
fightlite
JRH
palmetto
ar15com
cmmg
missing
AR-15 AK-47 Handgun Precision Rifles Armory Training Competitive Shooting General Outdoors Archery Hometown Industry

About AR15.COM

Become an AR15.COM Team Member

AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.

From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.

Stay Connected

AR15.COM Facebook AR15.COM Twitter AR15.COM YouTube AR15.COM Instagram
Pepperjam Verification

Newsletter

Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.

Contact Us

Advertising
[email protected]
General
[email protected]

Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.

AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.

Advertising Memberships ARFCOM Shop Gear Deals Virtual Weapon Build Discussion Forums Help Privacy DMCA About Your Privacy Choices California Consumer Privacy Act (CCPA) Opt-Out Icon   Goat Signal
** When you click on links to various merchants on this site and make a purchase, this can result in this site earning a commission. Affiliate programs include, but are not limited to, the eBay Partner Network and Amazon.
Top Top