Hello everyone, We have a small business (less than 100 employees) and all users have individual computers or laptops, and all of these are connected to a common server, and this server has a number of virtual machines created within it. All computers run versions of windows (from XP to 😎 and the server runs Windows server 2012. I would not like to download an individual product for each device, so is their any device which, for example, I can install on the server and it distributes security to all the other users, or something like that? I'm looking for multiple options so post anything that fulfills this purpose.
Help is appreciated and thank you for your time.
If this description sounds vague, I mean that I want to know if their is ONE large solution I can use for ALL devices on the network, because these antivirus software are intensive on computers and I want to reduce them as much as possible to save Ram. Thanks again
The bad news: no, agentless endpoint security doesn't really exist. You'll need to push point products down to the individual virtual machines. However....
The good news: McAfee ePolicy Orchestrator server combined with McAfee Agent -- that ecosystem is designed to minimize the pain of this task and do it for you from one central console. Once agent is installed on each endpoint as part of your build process (make sure to strip out the Agent GUID from the registry if you deploy from an image), then on the ePO console you load packages like VirusScan Enterprise, Host Intrusion Detection, or Host Data Loss Prevention, device control to control removable storage use, Anti-spam, can all be pushed down just by definiting product deployment tasks in the ePO and defining policies for them in one place in the ePO. Reporting of threats come up automagically to the ePO, and all that good stuff.
It's not all duckies and bunnies of course, as sometimes you encounter agent issues, but a well planned deployment on that relatively small number of machines should be relatively straightforward with some experienced guidance. http://www.mcafee.com/us/resources/data-sheets/ds-endpoint-protection-advanced-suite.pdf is one suite for the endpoints you can get that includes the HIPS product which folks seem to like. If you have mobile laptops, you can deploy an agent handler out in your DMZ to receive events from machines that are out and about, outside of your network, and fun things like that.
McAfee does a pretty good job at this management piece and having a single place to manage a wide variety of endpoint products. Competitors don't do as well.
If all you're interested in is anti-virus, there are easier solutions (Microsoft Forefront), but given how impotent anti-virus is against today's threats, if you want comprehensive endpoint security... McAfee actually does quite a good job here.
In the VM space particularly, you'll want to look at their MOVE-AV product to lighten the footprint on each individual virtual server. http://www.mcafee.com/us/products/move-anti-virus.aspxon 2/4/14 8:48:35 AM CST