Jamf Nation Community

timmw · ‎05-12-2017

Any recommendations on an Enterprise OS X Anti Virus solutions, preferably cloud based. Thanks.

Kaltsas · ‎05-12-2017

Flextivity is the cloud/business offering from the Intego folks. At a minimum I trust them to not accidentally completely mess up a mac, but really they do good work. They have some talented researchers working for them.

iJake · ‎05-12-2017

:Puts on sales hat:

Cisco AMP for Endpoints is a cloud-based malware solution for all platforms.

Chris_Hafner · ‎05-15-2017

We're having a good time with Cylance. While is does have it's "cloud" connection, it's far less dependent on "Library" updates from the company and is, at least in practice, very good at picking up new and undefined exploits... so far.

Emmert · ‎05-15-2017

Those options are all going to give me sticker shock, aren't they?

Chris_Hafner · ‎05-15-2017

If you've never purchased enterprise AV before... yes.

jasonmeyer · ‎05-15-2017

Chris, what did you like about Cylance?

Chris_Hafner · ‎05-15-2017

There are several things I like. In short (vs Sophos our previous AV solution) Cylance provides:

• A far better rate of capturing Mac malware/trojans • The ability to stop apps pre-execution. So, Application control
• Very small performance footprint (Not checking for updates every hour either)
• Super easy to use management console with its own patch management, version control and ability to set automated testing environments.

I'd bet that you have far deeper questions than that and I'd be happy to give them a shot.

rob_hernandez · ‎05-15-2017

We use Kaspersky. When it works, it works really well (better than Sophos during our testing). But when it breaks, holy deity is Kaspersky a giant pain in the neck to get working right.

We've also (lightly) tested Cisco AMP and found it to be too aggressive in its default configuration. (Blocking network traffic from HipChat, completely destroying Kaspersky, etc.)

These are my completely anecdotal experiences though. YMMV.

jasonmeyer · ‎05-15-2017

That's a lot of the things I like about it as well. How many OSX clients do you have? Windows clients?

Chris_Hafner · ‎05-15-2017

@jasonmeyer On our end we average about 630 macOS clients at a time, There are a few dozen Windows and Linux servers, but we're 99.999% macOS on the client side. (Yes, I live in the land of Oz and it's wonderful!)

jasonmeyer · ‎05-15-2017

@Chris_Hafner OK. We run about 2500 Macs(school district). We have had sophos and are currently running kaspersky.

Chris_Hafner · ‎05-16-2017

I don't think the scale is going to get you... and you should ask about Education pricing. I've been pushing them to have an open EDU policy and they might have sorted that by now! If you get hung up on this I'll be very interested to know. When I began working with them they had no concept that EDUs had a completely different set of AV cost expectations given the prices offered by: Sophos, Kaspersky, ESET, etc...

That said, they've got a nice email claiming complete victory over this past week's ransomware attacks across all platforms.

jasonmeyer · ‎05-16-2017

I have had some brief conversations with Cylance, but not much about pricing. Our Kaspersky agreement doesn't run out until next March. There is some talk of using AVG or Avast from the Mac desktop support guys, or even nothing at all, which I am not a fan of. I've never heard good things about AVG and Avast is free for EDU but its the un-managed consumer client which really turns me off. I did take a peek at @iJakes suggestion as well. Seems a similar method to Cylance.