1 / 12

AntiVirus Solutions Review and Discussion

AntiVirus Solutions Review and Discussion. February 19 th , 2013. Outline. What do you use? Vendors Comparisons Effectiveness/Features SEP 12.X Demo Web Filtering Post Infection Tools Questions. What Do You Use?. Strengths/Weaknesses Ease of Use (Management)

armina
Download Presentation

AntiVirus Solutions Review and Discussion

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. AntiVirus Solutions Review and Discussion February 19th, 2013

  2. Outline What do you use? Vendors Comparisons Effectiveness/Features SEP 12.X Demo Web Filtering Post Infection Tools Questions

  3. What Do You Use? Strengths/Weaknesses Ease of Use(Management) Reliability (Rate of Infections) Resource Intensive False Positives Overall Experience Good or Bad

  4. Vendors • Trend Micro • Symantec • McAfee • Microsoft Security Essentials • Kaspersky • ClamAV • AVG • Webroot

  5. Comparisons Effectiveness/Features http://chart.av-comparatives.org/chart1.php

  6. SEP 12.X Demo Symantec Endpoint Protection 12.x Demo

  7. Cloud vs. Traditional Comparison May not protect while disconnected from the internet Malware may cripple internet connection rendering Cloud AV useless Light weight Small disk footprint http://www.webroot.com/shared/pdf/Webroot_SecureAnywhere_vs_antivirus_competitors_19Sep2012.pdf

  8. Web/Email Filtering Barracuda McAfee SaaS Symantec Security.Cloud Cisco IronPort Cisco IPS Untangle

  9. Post Infection Tools Malwarebytes Symantec Power Eraser Norton Power Eraser McAfee Stinger McAfee Rootkit Combofix Kaspersky TDSSKiller UBCD/Ubuntu

  10. RKL Tips and Tricks • MalwareBytes • netstat–ano • Stop system restore • kill Explorer History • kill temp files • hosts • Regedit • hklm/sw/ms/win/current/run • hklm/sw/ms/winnt/current/winlogon/userinit • hkcu/sw/ms/win/current/run • hkcu/sw/ms/Win/Current/policies/Explorer/NoDriveTypeAutorunValue: FF • hku/[sid]/sw/ms/win/cv/run

  11. RKL Tips and Tricks • Hijackthis • Dates in windows and system32 and drivers (right click and clean with MB) • discache.sys in drivers directory • atapi.sys in drivers directory – verify there is a version number • other copies available in backup directory • updates • Symantec • combofix (will disconnect you twice if remote) • Temp file cleaner - This may disconnect you • Tweaking.com (ReimageRepair.exe on fob)

  12. Questions?

More Related