Endpoint Security

TechTico
New Contributor II

I'm just wondering what endpoint security you all have on the Macs in your environment. With a lot more people working from home we have iMacs and MacBooks checked out all over. Some are working from their local computers, others VPN, and others use apps like LogMeIn or Anydesk to replicate their office workstations.

We have been contemplating in getting a workstation antivirus. With ransomware in mind, we are open to different solutions.

I'm just poking around and seeing what others in the industry are using.

We are a warehouse/distribution company. We have 100-150 workstations in use, flexible based on how many laptops are checked out. We have OS X 10.10 - 10.14 on premise. All need to be supported, especially the 10.10.x computers.

7 REPLIES 7

macbrun
New Contributor III

My college runs Symantec Endpoint Protection for our Macs and PCs. We've used Mcafee and Sophos and Symantec is by far the best (not perfect, just best) so far. There's even a built-in process to create a MDM-deployable installation package. ("Tools -> Create remote deployment package", upload in Jamf Admin. Done.)

TechTico
New Contributor II

@macbrun Thanks for the input. We have a total of 3 Windows PCs and they are covered with Sophos. Not my fav, but we had the licenses. I tend to not be a fan of Symantec for MANY reasons over the years. I've been burnt by them handedly when I was Windows Admin. I personally use ESET on my Macs, but I don't know too much about their enterprise solutions side. Others I've looked into were Kaspersky, Sophos (on my S-List), BitDefender, F-Secure, and Malwarebytes.

Hugonaut
Valued Contributor II

Don't get symantec, go with something else, symantec doesn't have day zero releases for new operating systems & the list goes on, im not going to go on a diatribe here, look for something other than symantec though

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________


Virtual MacAdmins Monthly Meetup - First Friday, Every Month

pbenware1
Release Candidate Programs Tester

Using ESET Business here for about 12 years or so. Have had reasonably good luck with it. We had Symantec years ago (both AV and encryption) and had many issues with it, including the aforementioned day zero releases the tut us into really tough spots.

marena
New Contributor

We've got Microsoft Defender. It's pretty good and they have a Linux verson in Beta (and of course a Windows version) with Android and IOS versions in development. The only bad thing is that the pricing model for Defender is based around Microsoft 365/Windows licenses, i.e. you need an E5 license to get it and we're a Gsuite shop. Trying to see what Jamf Protect is like and how it's priced. Our ideal situation is end point tool + all other logs into a cloud based SIEM (Google's Backstory or Azure Sentinel).

Chris_Hafner
Valued Contributor II

I'm personally a fan of Cylance. I had success in the past with Sophos but that was not on their current generation of products. Happy to answer questions.

gachowski
Valued Contributor II

So we just did a bake off, of some of the top players and I had real access to their web portals and support forums. My conclusion is that right approach is best breed for each OS platform. A few big vendors their Mac client was clearing doing no more than the built in Apple security. A few vendors said they did more but key features didn't work like remediation making them worse than the Gatekeeper.

While I am not security expert I did get to "play one" for a few weeks, it was very clear to me that Jamf Protect was seeing real security threats that the other are missing.

C

PS Also it's with the changes coming to 10.16 the sensor approach is the only real choice ...