SEPM - Are built-in Antivirus and Antispyware Policies any good?
Posted on 2009-04-04
There are 3 built-in Antivirus and Antispyware Policies in SEPM 11. I find them rather quirky in many respects. Here are my questions about them in general:
1. Is once a week admin scan enough? I am used to doing them daily during lunch hour.
2. Is there need to scan files inside compressed files -- to 3 levels? I rather have no scaning within zipped files.
3. Warn when virus definitions are outdated by 30 days? Is that not too long? How about 3 days?
4. Why should we ask passwords for mapped drive? Why make scanning so interactive? If a drive is mapped, logged on user must have authenticated.
5. Why just log, and not clean, when boot virus is detected?
6. Why Auto-protect is not set to Enable itself, after say 5 minutes of disable state, by default?
7. What is Windows Security center mentioned in Misc. tab of SEP AV policies?
And two other, but similar, questions about SEPM:
A. Is "Admin > Client Install package" feature most useful to upgrade and modify installation on computers which are already in a client group in SEPM? (See related question below.) Otherwise Migration and Deployment Wizard would be redundant?
B. What is the buzz on AD sync feature? Our deployment is working OK without it. Is it worth bothering with? Probably it will make Deployment Wizard unnecessary, right?
Thanks for sharing your knowledge.