I've received an update this morning from mcafee.
Artemis level has been changed in a recent SecurityCenter update and we are now at level 2 by default (and all endpoints will get this via policy update automatically). In Q2 we will provide admins the ability to change the level of Artemis sensitivity based.
Im encouraged that there does seem to be a response to public concern.
It is important to remember the effectiveness of the artemis level, as outlined in articles such as the following from a (presently) reputable source on AV comparisons. It varies from nothing, via helpful, to unhelpful (many false positives). Historically McAfee has not always scored well without Artemis, considering their position in the market.. Generally scan times have not been favourable and this still seems to be the case as evidenced by my own experience and independent reporting.
However, the ability to change artemis level from effectively nothing to one of our own chosing is welcomed on face value.
Now can we have run scan immediately at login if your last scan failed to complete functionality? Or if there is a zero day outbreak?
And a security centre record of whether a scan finished or failed to complete per node?
Message was edited by: argint on 23/03/10 20:54:27 GMT+01:00Message was edited by: argint on 23/03/10 21:00:33 GMT+01:00
argint, personally I think the product you need is EPO with the antivirus and antispyware Enterprise in your environment. That provides you with everything and more that you need...and you could manage your existing TPS clients with the EPO.
Remember the target market for TPS - the smb company with no internal IT and limited management. This product is no where near the level of EPO, and nor should it be since it will become too complex for the small business owner.
When you take into consideration the features and basic management features, it works just fine for the sub 25 user companies with no IT.
Even those of us using it as a management portal for multiple clients are stretching it...although the partner portal does help give us an aggregate view of each clients portal, but they are meant to be managed and maintained seperately.
You are right about the EPO and ToPS comparison but then again EPO is a gem of a product however on teh flip side, It does require the users to do their homework about its usage.
With what we have been observing, I think ToPS is big on the McAfee's future agenda because of its ability to give the remote access to the info the Admin requires and I am sure they will do their best in revving it up.
Lets wait and watch !
epo for a 40 person company without an IT infrastructure thats supports it hardly fits the profile of our company.......or the whole suggested purpose of this product.
ie we are the exact target audience for TOPs as advertised, i dont feel any unrealistic requests have been made to mcafee
im happy to listen to any counterarguments.......
NB although i dont have screen captures, the original marketing for ToPS varied well up to the hundreds, not sub 25.
Message was edited by: argint on 23/03/10 22:34:57 GMT+01:00
Message was edited by: argint on 23/03/10 22:37:22 GMT+01:00Message was edited by: argint on 23/03/10 23:06:53 GMT+01:00
That was a nice read .
Good job with the post. Yeah, I do agree with you about the risk of false alarms. But then again, I really do not agree with the report, With all due respect to AV - Comparatives. I mean, I have been using McAfeee's software ( All versions. The Home, Small Business and Enterrpise ) from years now and all of them set to Very High level of Artemis since its introduction.
I do agree there are false alarms but not as many as indicated in the report. My McAfee doesnot give me a string of detections where it butchers innocent apps and programs. It is smart with its detections and I am a firm believer of the fact that McAfee is actually working on reducing the false positives.