Skip to main content
Question

Malware Protection, What are you using?

  • January 11, 2019
  • 8 replies
  • 52 views
Hugonaut
Forum|alt.badge.img+15

Hello,

Currently we have all Cisco Networking side, Cisco Umbrella & Merakis Full Stack (Wireless, Switches & Security Appliances). We are seeking some kind of software piece that lives on the end users computer and runs in the background.

We would like the computer, once malware is detected, to lock down any necessary features to inhibit the malware from executing anything Malicious so we in Tech can get on the computer, identify, analyze and remove.

We are an all Mac Shop using Mac Minis, Mac Trash Cans (Pros), Macbook Airs 2016, Macbook Pros 2016, 2017 & 2018. Operating Systems - 10.12, 10.13 & a group of 10.14 testing the fun of Mojave & all the new "Bells & Whistles"

What software are you using to accomplish this goal? How effective has it been & have you experienced the software doing its job allowing you to prevent the Malware/Ransomware from performing its malicious duties.

Looking for a Jamf Managed Service Provider? Look no further than Rocketman Tech! Virtual MacAdmins Monthly Meetup - First Friday, Every Month

      8 replies

      cvangorp
      Forum|alt.badge.img+12
      • cvangorp
      • Contributor
      • January 11, 2019

      We are using Cisco AMP for Endpoints. Although the Mac endpoint connector doesn't protect on macs for ransomware at this time.

      damienbarrett
      Forum|alt.badge.img+19
      • damienbarrett
      • Honored Contributor
      • January 11, 2019

      We use Sophos Cloud and it does (almost) everything you describe. Occasionally, Sophos can't clean up detected malware, but this is reflected in the Sophos Cloud console and you can call the machine in to take manual action (or go visit the machine).

      R
      Forum|alt.badge.img+7
      • rhoward
      • Contributor
      • January 11, 2019

      We use a combination of Cisco AMP, Cisco Umbrella, and Cisco ISE to achieve this. Usually what happens is that ISE will detect if the computer is infected and remove it from our network. This prompts a call, and we tell the user to run a full scan using AMP which deletes any malware. Once the malware is removed, the device can reconnect to the on campus network.

      C
      Forum|alt.badge.img+8

      Crowdstrike should be able to disconnect the network when virus is found

      H
      Forum|alt.badge.img+5
      • hedenstam
      • Contributor
      • January 13, 2019

      Used to use McAfee, but that is not working fine in Macs, we were experiencing a lot of lags and beach balls. Now we are using Cylance, and that is working very well

      A
      • Anonymous
      • March 9, 2021

      Ransomware has become a grave issue as of late. And knowing how to protect against ransomware should be essential to you.

      A
      Forum|alt.badge.img+12
      • alv2015591
      • Contributor
      • March 9, 2021

      I use Jamf Protect.... and it does all the things your wanting your A/V Malware products to do. Disconnects from network if a threat can't be cleaned
      Removes Malware
      Reports what Mac OS XProtect & Gatekeeper have found
      Runs CIS bench marks against all my systems...
      Plus a whole bunch of other stuff..

      C
      Forum|alt.badge.img+5
      • cradice
      • Contributor
      • March 12, 2021
      We use Sophos Cloud and it does (almost) everything you describe. Occasionally, Sophos can't clean up detected malware, but this is reflected in the Sophos Cloud console and you can call the machine in to take manual action (or go visit the machine).

      We've had a number of issues with Sophos, and they have a pretty frustrating issue with Big Sur at this time. I would highly recommend Jamf protect.

      Terms & ConditionsCookie settingsAccessibility statement