What routine Antivirus\security checks do you perform?

[Spooter]

Hi all

What routine Antivirus\security checks do you perform?

Basically I look after the Antivirus for 3000+ (McAfee ePo but soon to be FEP/SCCM) machines and I regulary run reports and get email alerts on detections etc so I can resolve any potential problems. However I would like write a checklist so I perform Routinely run themost important reports everyday and action them.

How do you monitor and protect your network.

 

[Skidilliplop]

Mostly my network looks after itself with automated responses in ePO. I get email alerts on "malware detected but not handled" events. But other than that i mostly just keep the dashboard open and check the various stats on total detections, which subnets/ machine groups detections are occurring in and the detection types to see any prolific infections.
It very much depends on your network setup. I have a single internet breakout which is heavily guarded with Anti-spam and general purpose firewalls both doing gateway AV before anything even gets near a hard disk, and removable storage is scanned before it's mounted. So infection rates are quite low. For a more branch office type topology with many internet breakouts you're likely to have a higher infection rate and suffer different infection trends. Thus the reports you'll want to see and their frequency will differ.

 

[smargh]

With a mandatory AV-scanning proxy & default-deny firewall, block .exe and .zip/.rar etc files by default. We do that, and desktops virtually never get malware on them, despite most having old Adobe Reader, Flash & Java, and having crappy but up-to-date CA Etrust AV. Every problem we have is with laptops, which use a split VPN and constantly have malware problems.

Combined with strict email filtering and extra software to manage removable media, you can have a very clean network with minimal day-to-day effort..... until the types of online threats change in the future, which will happen at some point. I can remember years ago everyone saying that PDFs were perfectly harmless.