Forced AV usage?

Hi everyone, I am about to start at university this year, and reading through their IT use terms and conditions, they claim that if you do not use any of the AV's they list, then you will not be allowed access to their network. I have a years subscription to NOD and KAV. The university wants me to use Sophos.

From what I have heard, Sophos does not perform so well... any opinions? Because I dont think they are going to let me use Nod or KAV while I am connected to their network...

Has anyone else experienced having this level of control placed over their own machines? I, for one, am not comfortable being forced to use an inferior product...

They claim the only AVs they support are Sophos, Norton, McAfee, F-Secure, and AVG.

*shakes head*

 

thats crazy.
its also funny they allow f-secure but not kaspersky lol.
you really should ring up the university to comfirm.
lodore

 

I'd say just lie low and don't tell anyone about it. There is no way they would be able to detect a thing like that, and if worse comes to worse and they catch you, just explain everything, show them various tests online, and tell them that F-Secure is Kaspersky based. If they don't understand, then you can either comply or keep on doing as you are, but install one of the afore-mentioned avs and just disable every bit of them possible, while keeping your current one.

Cheers,

Alphalutra1

 

Your right, and that I shall as soon as I move in (all i have is an ext number for their helpdesk... And the last thing I want to do is get spoken down to and patronised by an IT support guy...)

With a little more digging I found that they do, in fact, allow Kaspersky users to connect. So it looks like im having to switch again... but at least this time it is out of necessity - not paranoia

For those who are interested, I have attached a screenshot showing the output from their "policy checker" *rolls eyes*

 

I am not really knowledgeable on this but if they monitor the network can they see that your AV would update through Kaspersky's servers? This is the only way I know how they could detect it.


EDIT: Never mind, that audit is similar to what our accounting software does, checking version of IE, Java, etc before loading.

 

Thats the problem, they can. My PC is required to pass an online audit (the same one i just posted a screenshot of) before I can connect to their network. I think I shall phone them up at some point... but i have a feeling im going to get a "we know best" response... Much like trying to get a place at uni in the first place

 

that is the most stupid thing ive ever seen.
having to go through that form to allow access to the network.
im surprised they allow avg.
that means they allow avg free......
when i was at a college trip the company i was at told us that the america offices are really paraniod and wont allow people to connect unless they have the lastest patches including the ones from symantec corp av....
if they are that paranoid why use symantec?
im glad my sister's university doesnt have that check.
lodore

 

Yes, they can force compliance to use their networks. As you discovered they can also check what you are running. The only real way around it is to install both and use Sophos while you are on their network. I am not sure about the compatibility between NOD and Sophos so I don't know if you will have any problems. Sophos has improved with their latest version and it is quite effective.

 

Hehe, tell me about it I do think it is a bit stupid, particularly considering I spent my own money on my licenses. But I guess it is paranoia on the part of the university...

I find it slightly insulting, however, that the computing department want so much control over my personal machine. No thanks... Ill connect via dial up and run a cable to the payphone down the corridor...

 

I have to agree with you, but I disagree with the policy on principle, especially as I have paid good money for my own license for a superior AV program. I guess at the end of it all im not going to have much choice - its their network, and their rules. They do allow Kaspersky to be used, so I guess I will just switch to that.

Has anyone else in addition to lodore experienced enforced software usage?

MODS - is there any way for me to attach that screenshot without the huge thumbnail? It has to be relatively high res to be readable, but I dont think the huge image is very 56k friendly. I cant work out how to do it...

 

It isn't so much a matter of paranoia, it is a matter of management, they have to administer a rather large network, by mandating the use of certain products they can ensure network stability. Think of having to manage 1000+ systems, making sure they are all up to date on patches(For the OS as well as other used applications), security software, as well as having to have an IT Dept familiar with the issues relating to 20-30 AV's and you will begin to understand why they are forcing compliance with their guidelines.

 

Actually that is a very good point. One that I did not think of before. However, couldnt they allow the use of other products, if it was made clear to the student that they could not be supported and would have to contact the vendor for assistance if anything went wrong with their machine? Or can the AV used on each workstation on a network have more of an impact other than perhaps stability/connectivity issues at the workstation itself?

 

As a side note, they should also offer at least one of their required choices free of charge.

 

They offer Sophos free. Its just irritating having bought personal licenses.

 

Not really, once they remove the check for one thing (Say AV for example) someone could then not use any AV and become infected with a worm or trojan, the entire network could then become compromised. The practice of network compliance is actually quite common in large corporations and universities. At least the smart ones anyway.

 

I see. I guess I have never experienced network management in a corporate/university setting before. At least I can use Kaspersky, which I know to be a great AV. Maybe it is because Eset/NOD32 are not a widely known brand, so they didnt think to code detection for it in their policy checker. I think I shall locate an e-mail address for them and find out what their official stand is on it.

 

That would be a good idea. Perhaps they could add NOD to the list. Usually though it comes down to a matter of cost(When purchasing for such a large network). Although Eset's Enterprise products aren't that much more expensive, they are a tad bit more.

 

Isn't Sophos a British product? I suppose that could have something to do with the mandatory Sophos usage...

 

Looking at the Sophos website I cant really tell. I think Sophos is just a popular software for businesses and higher education institutions.

 

Yes, they are a British Company which began in Abingdon, they have offices all over the world now though.

Sophos is a privately owned company with offices around the globe. We have subsidiaries in the UK, USA, Australia, Canada, France, Germany, Italy, Japan and Singapore.

 

from wikipedia;

http://en.wikipedia.org/wiki/Sophos

 

You might actually have a choice as to which AV you want to use. Just pay for your own internet connection or else use one of their av's such as McAfee, If they provide the av it is probably Mcafee corporate which is actually pretty good. And Sophos isn't really all that bad.

 

Yeah, they use eTrust in my company, and that's the only choice

 

That is not true. There are products out there that some universities use..as soon as a student attaches to a network..their machine is held on a separated network (an orange zone if you will)...until compliance is reached. The PC must have a certain minimum for Windows updates, and an approved antivirus installed. Only upon passing that sniff test...is it allowed onto the primary network.

Schools get to dictate the rules...you are using their networks as a privilege.