How do you audit for Anti-Virus agents installed?
Created: 13 Feb 2012 | 10 comments
Questions for the community.
How do you audit hosts on the network has Symantec Endpoint Protection agent installed? What kind of scanning solutions do you deploy?
I found a possible tool from Sycom to do this auditing. Is anyone using this? Are there any alternatives besides this tool?
http://79.170.44.203/sycomconsulting.com/security/...
Discussion Filed Under:
Comments
does not SEP computer status
does not SEP computer status report help on the list of clients installed?
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
We are looking at rouge hosts
We are looking at rouge hosts that are not part of our domain. Typically these hosts won't show up on the SEPM console.
does using the unmanaged
does using the unmanaged detector helps?
Cheers!
Pete
Help Link: http://www.symantec.com/business/support/overview.jsp?pid=54619
hi
Use unamanged detector feature
http://www.symantec.com/connect/forums/what-unmanaged-detector
Please don't forget to mark your thread solved with whatever answer helped you : ) Rafeeq
Hi, Can you please try find
Hi,
Can you please try find unmanaged computer on Client tab
We use nessus, the SEP
We use nessus, the SEP console is unreliable.
Hi Hugh, I saw that Nessus
Hi Hugh,
I saw that Nessus has the plugin to scan for Anti-Virus agent status. In their website, I saw Symantec Anti-Virus agent being mentioned but not Symantec Endpoint Protection.
Are you able to confirm if Nessus can detect SEP agents status?
Yes, it absolutley does. We
Yes, it absolutley does. We get much more accurate results from nessus than the SEP console can provide. The actual plugin name is Symantec Antivirus Detection (Corporate Edition). It's staggering how much more accurate the information Nessus provides is than what is in the Symantec console. Our desktop techs validate the information and have confirmed that the SEP console is way, way off.
After reading a Symantec tech doc that advises that you have to truncate the SQL transaction log to get accurate reports we realized we had to pursue a 3rd party solution for a few reasons.
Network Admission Control
Network Admission Control will do this by basically allowing to check a client before gaining full network access
Excellent to hear Nessus is
Excellent to hear Nessus is able to work on SEP agents. Huges, thanks for your feedback.
Besides Nessus, anyone knows if there are other tools can achieve the same objective?
Would you like to reply?
Login or Register to post your comment.