A few weeks ago I have started evaluating the impact of Artemis detection with near 500 nodes. I was trying to quantify the utilization of network resources and services, in this case DNS, so that I can have an idea how Artemis might impact on 20.000 - 30.000 nodes.
While using a 'Very Low' sensitivity levels, I was able to get a few detections per day (~10), along with some detection spikes (~400) on some nodes, mostly caused by files that are locked by the OS and therefore require a reboot. Mostly detections where from malware that wasn't detected by the DAT to that date.
My doubts started when I tried to understand what the sensitivity levels mean and how they impact on large environments. I have search about in the KB, oppened partner tickets, and no one was able to tell me how sensitivity levels differ from each other.
There's no sense in keeping this information secret, and give custmers Sensitivity Levels that affect a new technology that is totally dependent on network infrastructure, that belongs to the customer by the way. Does McAfee guarantee that 30.000 nodes won't DDoS the internal DNS infrastructure?
Its nice to see VSE with extended malware detection, but the *total* lack of information regarding on how this technology operates, makes it totally useless on large enterprises.