We are currently evaluating new Anti-Virus options for our University. We are currently using McAfee with ePO. I have seen other discussions about this subject, but, many seem dated. I am curious about what other enterprise companies and higher ed schools are using for Anti-Virus and why.
Sophos Cloud, before that Sophos local (Cloud was affordable and one less server to maintain), before that Microsoft System Center Endpoint Protection (it missed too much), before that McAfee (some versions were frustratingly buggy, and SCEP was cheaper).
ClamX AV was also used on a case by case basis before AV clients were comprehensively deployed. MalwareBytes was considered and rejected for widespread deployment but is still sometimes used as an alternate cleanup method.
We use Sophos Cloud. Was OnPrem years ago, but Cloud became affordable. I've only seen a few issues with it on our fleet.
• one It's relatively low CPU overhead
• Clients keep themselves up-to-dates
• three Sophos has been more aggressive (recently) about detecting common Mac malware and Adware (MacKeeper, Geneio, etc.)
• I want a way to automate the cleanup of a Potentially Unwanted Applications (PUA). The way it's built now, I have to go into the Alerts log in Sophos Cloud and check a box to get Sophos to act on the cleanup
• If you don't stay on top of clearing your Alerts log -- acting on those Alerts -- then it quickly becomes unwieldy. And there are not great controls for sorting by Alert type, or multiple selecting all of one type of Alert (like "select all PUAs").
• Also, with a recent change in Sophos 9.7.x, the end-user can't act on an alert. Quarantine Manager is gone. So it appears that the only users who can trigger Sophos to clean up a PUA or malware is an Administrator of the Sophos Cloud console. Bleh.
Cylance here. Works great! I prefer it over Sophos Cloud which is what we were using (Good product!). That said, I'm actually contemplating a real deep look at Malware Bytes, instead. Cylance is some really serious protection, but it, along with many of the major players are focused on non-mac stuff first. The things that get my users are generally silly browser plugins and the like. In my experience, Malware Bytes is a little more, mac centric.