Currently we have all Cisco Networking side, Cisco Umbrella & Merakis Full Stack (Wireless, Switches & Security Appliances). We are seeking some kind of software piece that lives on the end users computer and runs in the background.
We would like the computer, once malware is detected, to lock down any necessary features to inhibit the malware from executing anything Malicious so we in Tech can get on the computer, identify, analyze and remove.
We are an all Mac Shop using Mac Minis, Mac Trash Cans (Pros), Macbook Airs 2016, Macbook Pros 2016, 2017 & 2018. Operating Systems - 10.12, 10.13 & a group of 10.14 testing the fun of Mojave & all the new "Bells & Whistles"
What software are you using to accomplish this goal? How effective has it been & have you experienced the software doing its job allowing you to prevent the Malware/Ransomware from performing its malicious duties.
We use a combination of Cisco AMP, Cisco Umbrella, and Cisco ISE to achieve this. Usually what happens is that ISE will detect if the computer is infected and remove it from our network. This prompts a call, and we tell the user to run a full scan using AMP which deletes any malware. Once the malware is removed, the device can reconnect to the on campus network.
I use Jamf Protect.... and it does all the things your wanting your A/V Malware products to do.
Disconnects from network if a threat can't be cleaned
Reports what Mac OS XProtect & Gatekeeper have found
Runs CIS bench marks against all my systems...
Plus a whole bunch of other stuff..
We use Sophos Cloud and it does (almost) everything you describe. Occasionally, Sophos can't clean up detected malware, but this is reflected in the Sophos Cloud console and you can call the machine in to take manual action (or go visit the machine).
We've had a number of issues with Sophos, and they have a pretty frustrating issue with Big Sur at this time. I would highly recommend Jamf protect.