Central Technology Demanding Vendor Testing Data On Letterhead Before Implementing Macafee Exceptions - Is This Standard
Posted on 2012-09-21
Hello friends -
We've got a couple of servers that we 'own' (mostly) that are hosted by a central technology office. Anyway, Macafee consistently sucks up 50%+ of the CPU on one of these machines, nearly every minute of the day. We've been talking to our central technology gurus who set the rules about getting some directories excluded; they have responded that:
(we will) "... allow exclusions to be entered into the McAfee antivirus if the vendor will provide documentation that show proper testing has been performed stating reasoning behind the require exclusion of executable\driver\files\folders\etc .."
My initial reaction is, this is crazy. We paid 10K plus for the software being throttled to death, near twice as much for the server to run it on (don't ask), and now I'm being told I need some letterhead based showing 'proper testing'; whatever that means. I think it is fair to say that there have been disagreements between our area and central IT over a variety of issues. So, maybe I'm not crazy; maybe this is something that happens all the time.
So, that all being said, is this type of a request / mandate normal, unusual, or completely unheard of out there in expert land? I don't know if there is a right answer or not; I'm just looking for opinions.