Can admin of Enterprise edition define their own "virus"

Discussion in 'NOD32 version 2 Forum' started by mgshn, Aug 20, 2007.

Thread Status:
Not open for further replies.
  1. mgshn

    mgshn Registered Member

    Joined:
    Aug 20, 2007
    Posts:
    2
    Is it possible for the administrator to use NOD32 Enterprise edition to block access to a specific program throughout the enterprise?
     
  2. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    I'd take the group policy approach..disallowrun
     
  3. mgshn

    mgshn Registered Member

    Joined:
    Aug 20, 2007
    Posts:
    2
    Thanks for the reply. Our experience is the using group policies is not responsive enough to shutdown programs quickly. Take for example the skype incident last week. We used our current enterprise-managed desktop firewall to disable it throughout our enterprise in a matter of minutes.

    I am wondering if NOD32 could provide the same capabilites (with considerably lower overhead).
     
  4. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    Hmmm...enterprise firewall...that's a start. Dunno what the SkyPE incident is, but as far as antivirus goes, I don't imagine there's a way for you to be able to go in and change the behavior of an antivirus program, as to telling it to detect other additional things other than what it's programmed for by Eset as far as heuristics and defs. I've never seen an AV product that allows users to go in and specify additional programs.

    Perhaps when ESS comes out in Enterprise Version..with the software firewall.

    IMO, your best control of end users is through active directory, group policy, managed workstations firewalls, and control of web access through proxy such as ISA or other 3rd party ones like Websense or Sonicwall, etc.
     
Thread Status:
Not open for further replies.