I want to disable mcafee Enterprise 8.8 any kind of Artemis detection, no matter how serious the thread is.
How do I do that ? but I want it to detect all other threads like malware, spyware, torjan, other any type of viruses, just not ARTEMIS.
Moved to VSE for a wider audience.
you can disable it from epo. Modify the"On Access general policies".
Under the general tab you'll find Artemis (Heuristic network check for suspicious files): switch it to disabled. make sure to do this for servers and workstations. In the top left corner it's an option that says Settings for: Workstation/Server
but be carefully , dont forget the "right Click" Scan ist still default, and would allways use the Artemis !!!!
Why on Earth would you want to do this? You will be seriously reducing your level of protection. I'd highly recommend not doing this.
just one question !
Do you got your own QA for the DAT FIles ?
We build up own QA for the DAT Files, so I can guarantee that the DAT files would not produce false positve to our Environment.
But the Artemis detection go directly to the "big cloud" so i can not controll what happens on our Systems
Statistically speaking GTI has a lower false rate than the DAT files (@Medium). And we also know that you will get 20-25% MORE infections as a result of turning it off. I'd highly recommend against turning it off. You are doing your organization a grave disservice if you turn it off. This technology is almost 5 years old now. It isn't some half-baked thing we've thrown out there.
GTI detection is not really integrated in to VSE. you don't have possibility to manage what should happens with detection -> just reporting, clean, delete and so on.
the thing what you you can turn the Artemis detection in the policy off, but if you make a right click scan, the Artemis detection is still active - show us how good the integration is.
And again... if I activate GTI, an there would be a false positive in our system (because there is no way to check it in our DAT QA) would McAfee take all the costs to fix the false positive Problem ?
You write "You are doing your organization a grave disservice if you turn it off"
I try to protect my organization from the false positives that the vse and GTI is producing....
If I can take the GTI Cloud inside our organization, and integrate it in the DAT QA , this would be a grate feature.