SEP Deception: Uses lures and baits for proactive security to expose and delay attackers. Symantec is the only endpoint protection platform vendor offering deception. I didn't dig deeper about that functionality at the time. Symantec Endpoint Protection and Symantec Managed Security Services customers benefit from 24x7 real-time SEP Deception monitoring and response by a global team of experts.
More than once compliance checklist weasel-words this by saying "antivirus software is required.on all operating systems where anti-virus software is normally used".Ī recent experience with ClamAV scanning non-executable data files is that it turned up a lot of positives on PDFs that would generally go into the class of "false positives" because they were detecting some kind of macro functionality that's been used by hostile malware in the past. Compliance is all about proving that you're thorough and proving it in writing for the record, not about jumping through hoops that don't apply to your situation. Remember that for all compliance, there are always ways to document that you've handled the needs with an exception to the guidelines. Case Western Reserve Universitys Acceptable Use Policy requires computers on the Universitys network to have antivirus software. 5% of the time it's about scanning non-Linux fileshares or file repositories. I haven't run SEP on anything, but my inclination is to strenuously avoid "beyond" ClamAV out of your distro repos.ĩ5% of the time, antivirus on Linux is about unthinking compliance check-off.
0 kommentar(er)
