cancel
Showing results for 
Search instead for 
Did you mean: 

Artemis/GTI: What is your preference for On-Access and On-Demand?

Hi,

     We are considering increasing of current GTI sensitivity levels for our On-Access and On-Demand tasks and are curious what you have experienced in your travels. What do find as a comfortable level?

Thank you,

5 Replies
qgudex
Level 7
Report Inappropriate Content
Message 2 of 6

Re: Artemis/GTI: What is your preference for On-Access and On-Demand?

It really depends on your environment.  I'd suggest starting at the default level and adjusting from there.  In our environment, I learned I could run ours at "High" without issue.  I believe McAfee does not recommend "Very High" except in extremely high security environements; we've never tried it.

georgec
Level 13
Report Inappropriate Content
Message 3 of 6

Re: Artemis/GTI: What is your preference for On-Access and On-Demand?

I'm running low for OnAccess and High for OnDemand. You'll have to check and see how it impacts performance in your environment. Are you using the profiler in order to optimize resource usage through exceptions?

Reliable Contributor Nielsb
Reliable Contributor
Report Inappropriate Content
Message 4 of 6

Re: Artemis/GTI: What is your preference for On-Access and On-Demand?

We tested very low, low and right now medium. without any issues

Highlighted
pierce
Level 13
Report Inappropriate Content
Message 5 of 6

Re: Artemis/GTI: What is your preference for On-Access and On-Demand?

Both here set to Medium without any issues. Mostly it finds the random tools our helpdesk use that fall very much into a grey or 'what the hell do you have that for' bucket.

I had a email alert for every artemis detection when I moved from low/off to medium/medium and didnt have any false positives in 6 months of testing so disabled the alert, might be a good thing to test as you ramp up?

I also believe Medium is the recommended level that McAfee advise.

Re: Artemis/GTI: What is your preference for On-Access and On-Demand?

I have been running almost all our systems at high.   It is starting to account for a good percentage of our detections.   No false positives have been claimed by anyone or reported to me.   I think this is especially import for our "road warriors"   who may not be getting updated as often as I would like.   Gives us a cushion for those that fail to get the DAT updates.

Thanks

Herb

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community