Endpoint AV recomendations

mberger
New Contributor II

I know everyone will have a different opinion but any recommendations on MacOS endpoint AV? I have talked to several vendors but none really stand out as better than the other.

I'm mainly just looking for something thats easy to push out, easy to manage, and is light on system resources. Any advice would be greatly appreciated.

6 REPLIES 6

iJake
Valued Contributor

We use our own product, Cisco AMP for Endpoints. Obviously I'm a bit biased but much easier to deploy than our previous McAfee Endpint stuff.

rpayne
Contributor II

We handle endpoint threats with SentinelOne

hepvd
New Contributor III

We are using Symantec EP, but tbh it's garbage, from nonsense notifications, hard to repackage, and loads a lot a stuff (10 LaunchDeamons !)

Its also hard on CPU processing, I'm also looking for alternatives since an EP is mandatory in our company.

jefff
Contributor II

We're using ESET Endpoint Antivirus and currently shopping for a new solution when the license runs out. I've never noticed ESET causing a performance hit. Crowdstrike looks like a strong candidate and a super lightweight client that monitors behavior rather than doing scheduled scans, but it's pricey.

pbenware1
Contributor

+1 for ESET. Been using it successfully for about 11 years now, along with the Remote management console. No major issues, and much better than what we used to deal with with Symantec.

I'll also add that my University also requires Crowdstrike to be deployed across all devices on all campuses. The challenge we have is that Crowdstrike does not have any kind of repair utility (At least not that my support group has been made aware of). If Crowdstrike reports an issue, we still need to use user facing tools to address the issue. Unfortunately, re-imaging a computer every single time we get a Crowdstrike alert (which are often false alarms, or occur on devices we can't identify) is just not something that is possible for us. We depend on tools like ESET, Malware Bytes and others to identify and remediate the problems we can. Only int he very worst situations do we re-image the computer.

hepvd
New Contributor III

Thanks for the feedback !