macOS Endpoint Protection

New Contributor III

We are currently evaluating new Anti-Virus options for our University. We are currently using McAfee with ePO. I have seen other discussions about this subject, but, many seem dated. I am curious about what other enterprise companies and higher ed schools are using for Anti-Virus and why.



Valued Contributor II

We currently use McAfee and ePO as well. Our decision is based on the fact we deploy it to 65K winPCs so we tack on the Mac versions to keep things reporting to a single pane.

New Contributor II

Crowdstrike and McAfee.

New Contributor II

We are using sophos endpoint protection

New Contributor III

We use MalwareBytes Endpoint Protection.

Valued Contributor

A mix of McAfee on ePO and Cisco AMP for Endpoints currently but will be moving whole Mac fleet to Cisco AMP this quarter.

Contributor II

McAfee Endpoint Protection for both Macs and PCs, and both support sides HATE it.

McAfee Mac support is pretty useless.

Heard Sophos is good.

New Contributor III

We are using Microsoft System Centre Endpoint protection , for both Mac and PC fleet . Only downside is that the Mac (and Linux) client is standalone and isn't manageable by SCCM.


We use Cisco AMP.

New Contributor II

We use Sophos endpoint protection.

Contributor III

Sophos Cloud, before that Sophos local (Cloud was affordable and one less server to maintain), before that Microsoft System Center Endpoint Protection (it missed too much), before that McAfee (some versions were frustratingly buggy, and SCEP was cheaper).

ClamX AV was also used on a case by case basis before AV clients were comprehensively deployed. MalwareBytes was considered and rejected for widespread deployment but is still sometimes used as an alternate cleanup method.


Microsoft System Center Endpoint Protection here. I wouldn't recommend it as new versions are not released until months after a new OS comes out, and central management leaves something to be desired.

Contributor III

Palo Alto Traps here

New Contributor II

CB Defense / Cisco Umbrella


We use Crowdstrike and haven't looked back

Valued Contributor

We use Sophos Cloud. Was OnPrem years ago, but Cloud became affordable. I've only seen a few issues with it on our fleet.

• one It's relatively low CPU overhead
• Clients keep themselves up-to-dates
• three Sophos has been more aggressive (recently) about detecting common Mac malware and Adware (MacKeeper, Geneio, etc.)

• I want a way to automate the cleanup of a Potentially Unwanted Applications (PUA). The way it's built now, I have to go into the Alerts log in Sophos Cloud and check a box to get Sophos to act on the cleanup
• If you don't stay on top of clearing your Alerts log -- acting on those Alerts -- then it quickly becomes unwieldy. And there are not great controls for sorting by Alert type, or multiple selecting all of one type of Alert (like "select all PUAs").
• Also, with a recent change in Sophos 9.7.x, the end-user can't act on an alert. Quarantine Manager is gone. So it appears that the only users who can trigger Sophos to clean up a PUA or malware is an Administrator of the Sophos Cloud console. Bleh.

New Contributor

Bitdefender have pretty nice Mac integration, but I haven't run it on very many Mac. Good feature set on Windows as well, and can integrate with Windows 10 Advanced Threat Protection, if you're using that for PCs.

Valued Contributor II

Cylance here. Works great! I prefer it over Sophos Cloud which is what we were using (Good product!). That said, I'm actually contemplating a real deep look at Malware Bytes, instead. Cylance is some really serious protection, but it, along with many of the major players are focused on non-mac stuff first. The things that get my users are generally silly browser plugins and the like. In my experience, Malware Bytes is a little more, mac centric.

New Contributor

Cylance ftw