Just a quick question for you business anti-virus gurus. My company is looking into adding an on-demand scan for desktops and laptops. Desktops I'm not too concerned with because they are "always on" but laptops. How do you handle getting those scanned? I'm debating on telling users to leave there computer on at home one night or something along those lines, what do you guys do?
I've managed different AV environments in multiple enterprise environments and the schedules are usually very similar:
Desktops: ODS sometime during the work week at around 12:00am / 1:00am (Fridays may be best)
Laptops: ODS on Fridays starting at around the "normal" lunch hour - 11:30am / 12:00pm
*note* An exception client task configured for those who work through lunch to have it run close to the end of the day - 3:00pm / 4:00pm
Servers: ODS on various days throughout the week (server group A on Mondays, server group B on Tuesdays, etc.) at around 12:00am / 1:00am
We also offer the end-user the option to defer the scan one time, for 12 hours.
We scan all PC (workstation & laptops) regardless once a week during lunchbreak time.
This means the laptops are usually scanned on Thursdays more or less between 11:45AM and 2PM - local time.
We chose Thursdays because some people like to leave early or take a day off on Fridays. We chose lunchtime because we hope this will impact users the least. We hope that the machines will be scanned in less than an hour, but will stop the scan after 2.5h anyway to let people work a little .
For laptops I've been dreaming about setting up an ODS during the week-end as people often use them during the week-end.
We also do a very short (~2-3 minutes) scan of active processes and memory twice a day.
For servers we "talk" with the server managers/admins and let them define when they can scan the servers - it depends on the server type.
We haven't had too much complains about this so far.