Posted on 02-12-2019 10:29 AM
Hello
I wanted to know if anyone was using a MAC av that integrates with JAMF
As you know MS is dropping SEP; I'm looking to see what other people are integrating and using. Does JAMF have a AV or vendor that they fully support?
Could people share if the AV they use? I would also like to hear if anyone in higher ed is using JAMF and what AV they are using.
I have been looking into Avira due to the price and what you get but ran into this issue.
Please keep in mind that for Avira for MAC there is no management console available.
It is not possible to deploy Avira with JAMF, but it is possible to use brew
This is what the vendor has told me.
Let me know thanks
Posted on 02-12-2019 11:15 AM
What do you need in terms of "Integration"?
We typically run McAfee - I wouldn't say that it "integrates", but I can use Jamf for reporting, patching, etc. just fine.
My typical approach with Jamf isn't to find what "integrates" it is to use Extension Attributes, patch management, etc. to have Jamf manage what ever I need.
Why can you not deploy Avira with Jamf?
Posted on 02-12-2019 11:37 AM
That is the information I got back from the Vendor so I'm just relaying what was said
I think they mean like configurations and management tools can't be used to intergrate with JAMF
I'm still new to this so I was hoping to get some insight
Just as a note before we had JAMF
I have Deployed McAfee EPO before with both PC and MAC using it's own Management point
I would use MCafee Center Server to monitor and deploy; we want to use what we already have in place if we can.
I have horror stories with McAfee so it's not an option I want to look into.
Something simple that's why I'm asking.
Posted on 02-12-2019 11:49 AM
We already have a PC AV so I'm just shopping for a MAC av to be used with JAMF
Was looking to hear what others have and use with JAMF
Posted on 02-12-2019 12:11 PM
From my experience, most companies will try to mirror what is already in place on Windows machines, be it McAfee, Norton, etc.
Posted on 02-12-2019 01:12 PM
(BTW - "Mac", not "MAC". That's a specific networking term).
That being said... I don't see any reason that Avira couldn't be deployed with Jamf - looks like a standard .pkg - you may need to package up config. files if you want specific settings, etc.
What do you use for the PC? I'd start there. If you're looking at free/cheap solutions, McAfee probably isn't what you're looking for, but it works, works well, and is nicely cross-platform. It's on a few 10's of thousands of systems here and I have no major complaints.
Posted on 02-12-2019 01:45 PM
^^ We are using SCEP like i said; I'm looking for something for Mac :) Our PC security is place with SCCM. I'm looking to hear what the JAMF administrators around the world are using.
AS you already know I can't use SCEP as it's no longer supported for mac moving forward https://techcommunity.microsoft.com/t5/Configuration-Manager-Blog/End-of-Support-for-SCEP-for-Mac-and-SCEP-for-Linux-on-December/ba-p/286257
Posted on 02-12-2019 02:04 PM
I don't know that Jamf will manage any AV product. Depending on your product, Jamf can deployt it. Jamf can monitor it. But typically the management of AV is handled by the AV's admin dashboard.
In our case, we use Webroot.
We manage licenses, AV/malware policies, and organizations (we're an MSP) and such within Webroot's admin console.
Webroot's admin console also notifies/alerts us when problems are found on an endpoint.
We have scripts and policies set up in Jamf to deploy/install Webroot on the endpoints we manage.
We have extension attributes set up in Jamf that will tell us what version of Webroot is installed on each endpoint and the # of days since Webroot last scanned on each endpoint.
We had to write our own extension attributes in Jamf. We had to create our own configuration profiles to allow UAKEL and PPPC whitelisting.
I can't speak to what Avira's mechanisms are like, but I think your process will likely come down to the AV vendor's console for administration/policies/alerting. . .and Jamf for deployment, updates (if not automated from the vendor), and any monitoring you want in Jamf.
Posted on 02-13-2019 09:43 AM
Thanks Wildfrog this is the information I'm looking for
Also looking to hear from others.
Posted on 02-13-2019 10:53 AM
I've heard good things about Sophos AV for Mac, but I can't speak specifically about it since I haven't used it myself. I once worked in a McAfee shop and it was a terrible experience on the Mac (Windows too, but that's another story), so you're thinking straight to want to stay away from it on the macOS side.
As has been mentioned up thread, any AV product is typically managed via it's own console. If it's a good Mac citizen, Jamf Pro should be able to deploy it without too much hassle (products like McAfee notwithstanding, which is why I would avoid it). Jamf Pro should also be able to do some basic monitoring of the installation and possibly extract some settings of the product through the use of Extension Attributes in most cases. Outside of that, as long as it can be deployed by an enterprise management tool (read: push to devices, not needing to run around with an installation pkg on each machine manually), and doesn't make the machines into a brick because of heavy performance impact, then it should be ok to use.
Posted on 02-13-2019 10:59 AM
Just to be a bit of a contrarian.... ;)
McAfee used to be HORRIBLE on Macs. 10 years or so ago. Their current product (McAfee Endpoint Protection) is solid, runs fine on the Macs, and is easily managed from an enterprise standpoint. Also has the advantage that updates CAN be pushed from an ePO server itself, not even needing to involve Jamf at all if you don't want.
That being said, the OP is looking for cheap solutions, and while I don't know exactly what we pay for McAfee, I doubt it is cheap.
Posted on 02-13-2019 03:16 PM
^^ yes I have about 1000 Mac devices looking to secure them with the best bang for the buck out there. I have a very small budget so I'm looking around and thought to ask what others are using :)
Thanks for the information so far
Posted on 02-13-2019 03:40 PM
How about
https://www.clamxav.com
I used it years ago ... I think it's the fasted to get it's def's updated...not sure about how it stacks up again non def based AV.
C
Posted on 02-14-2019 05:38 AM
@gachowski
Can ClamXav be centrally managed?
And looking at their pricing, ClamXav for Business is almost double what we pay for the lowest pricing tier of Webroot (for means of comparrison).
Posted on 02-14-2019 09:28 AM
years ago when I was testing it you could remote launch it and script it's control...
C
Posted on 02-14-2019 10:11 AM
I'm getting quotes with CLamXav and webroot
Webroot offers educational discounts but only sells to vendors at good prices going to look into it