1 Reply Latest reply on Feb 25, 2011 8:59 AM by joeleisenlipz

    Version 8.8 question

      Hey all,

       

      We are currently running epo 3.6.1 with a combination of versions 8.5 and 8.7 of enterprise anti-virus on the clients.  We're going to be looking at upgrading to epo 4.5 and anti-virus 8.8 across the board.  I seem to recall back when 8.7 was released that there was a stink about it automatically sending copies of contaminated files back to McAfee.  does that happen in 8.8?  If so, can it be turned off?

       

      Thx.

        • 1. Version 8.8 question
          joeleisenlipz

          I think you might be referring to what is labeled within the VSE console as "Hueristic network check for susuicious files" otherwise known as either Artemis, or more recently GTI file reputation.

           

          This can be set from "Very Low" to "Very High", or "Disabled". Because this can be disabled through policy, or customizing the installer (for unmanaged systems), this should not influence your decision to upgrade.

           

          The information sent is essentially a hash based on attributes of the suspicious data, not the file itself. GTI comes in flavors for file, email, spam, and URLs and augments the traditional signature-based detection paradigm. It is already a built-in option for most of the products in the McAfee line-up.

           

          For more information please check-out the info online. This is a decent starting place.

           

          Sorry, if this sounds like a sales pitch, I promise it isn't.