AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
They're based on intelligence algorithms. And so it still relied on things like a database of virus signatures that would need to get downloaded and then files would be checked for those signatures. It never really caught on to the new trends and antivirus protection. Symantec was very highly rated at one point in its life. Norton Antivirus was one of the very first antiviruses to come out in the 1980s. Symantec Endpoint Protection was one of those legacy products that have been around forever. Most organizations are choosing a next-gen antivirus, one that's based on artificial intelligence. It wasn't a very good solution overall, which is why we ended up replacing it. There was no way to lock that node down immediately when you see something out of the ordinary. It immediately tried to find other machines on that network segment with the same vulnerability to infect that particular node. Case in point, we had an issue where we had a machine that was affected. We can use that information to beef up the firewall rules. For example, if it's trying to call home to a specific IP or domain. It'll also help if they give us more of an explanation of what the malware tries to do once it's on the network. You can usually do that with a policy setting. Then it can't probably get onto another node. It would be really good if they had a proactive feature to isolate the node with the agent on the endpoint when it sees some type of erroneous behavior and knock it off the network. Still, there's no way to actually determine a workflow of how it actually came in, how it was executed, and how it was distributed within the enterprise if indeed it did migrate or propagate through. You're just notified if there is an instance. The platform itself can be improved as there's no way to track how infections get into the organization.
0 Comments
Read More
Leave a Reply. |