Posted on 01-11-2019 06:46 AM
Hello,
Currently we have all Cisco Networking side, Cisco Umbrella & Merakis Full Stack (Wireless, Switches & Security Appliances). We are seeking some kind of software piece that lives on the end users computer and runs in the background.
We would like the computer, once malware is detected, to lock down any necessary features to inhibit the malware from executing anything Malicious so we in Tech can get on the computer, identify, analyze and remove.
We are an all Mac Shop using Mac Minis, Mac Trash Cans (Pros), Macbook Airs 2016, Macbook Pros 2016, 2017 & 2018. Operating Systems - 10.12, 10.13 & a group of 10.14 testing the fun of Mojave & all the new "Bells & Whistles"
What software are you using to accomplish this goal? How effective has it been & have you experienced the software doing its job allowing you to prevent the Malware/Ransomware from performing its malicious duties.
Posted on 01-11-2019 08:18 AM
We are using Cisco AMP for Endpoints. Although the Mac endpoint connector doesn't protect on macs for ransomware at this time.
Posted on 01-11-2019 09:30 AM
We use Sophos Cloud and it does (almost) everything you describe. Occasionally, Sophos can't clean up detected malware, but this is reflected in the Sophos Cloud console and you can call the machine in to take manual action (or go visit the machine).
Posted on 01-11-2019 09:55 AM
We use a combination of Cisco AMP, Cisco Umbrella, and Cisco ISE to achieve this. Usually what happens is that ISE will detect if the computer is infected and remove it from our network. This prompts a call, and we tell the user to run a full scan using AMP which deletes any malware. Once the malware is removed, the device can reconnect to the on campus network.
Posted on 01-11-2019 10:16 AM
Crowdstrike should be able to disconnect the network when virus is found
Posted on 01-13-2019 05:38 AM
Used to use McAfee, but that is not working fine in Macs, we were experiencing a lot of lags and beach balls. Now we are using Cylance, and that is working very well
Posted on 03-09-2021 05:35 AM
Ransomware has become a grave issue as of late. And knowing how to protect against ransomware should be essential to you.
Posted on 03-09-2021 06:14 AM
I use Jamf Protect.... and it does all the things your wanting your A/V Malware products to do.
Disconnects from network if a threat can't be cleaned
Removes Malware
Reports what Mac OS XProtect & Gatekeeper have found
Runs CIS bench marks against all my systems...
Plus a whole bunch of other stuff..
Posted on 03-11-2021 04:49 PM
We use Sophos Cloud and it does (almost) everything you describe. Occasionally, Sophos can't clean up detected malware, but this is reflected in the Sophos Cloud console and you can call the machine in to take manual action (or go visit the machine).
We've had a number of issues with Sophos, and they have a pretty frustrating issue with Big Sur at this time. I would highly recommend Jamf protect.