Lumension Endpoint Management and Security Suite Enterprise

Discussion in 'other anti-virus software' started by hutchingsp, Jan 8, 2015.

  1. hutchingsp

    hutchingsp Registered Member

    Joined:
    Aug 2, 2007
    Posts:
    174
    Does anyone have any experience of Lumension please?

    We have and environment of several hundred endpoints and currently use Avira, which is a great product but is just antivirus and we're starting to require things like device control and possibly application whitelisting etc.

    Looking at their Endpoint Management and Security Suite Enterprise which seems to do just about everything imaginable in terms of antivirus, device control, and logging data transferred to/from computers.

    I'm asking very broadly for now to see if anyone has any knowledge and if so I guess we'll go from there.
     
  2. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I've never heard of this suite, and we manage 33,000 machines.. But I wanted to suggest: for this you may want to consider installing a hardware appliance. This would offer Device Control, Application Control, Antivirus/Malware, ATP, URL Scanning, and Intrusion Protection.

    Depending on company size, a lower cost Fortigate 80D would do what you want, and cost $1000 or less in some cases, with a small yearly subscription renewal.
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
  4. hutchingsp

    hutchingsp Registered Member

    Joined:
    Aug 2, 2007
    Posts:
    174
    We have a webinar early next week on it.

    My main concern at this point is that I believe their antivirus component uses the Norman engine and I didn't think that has the best of reputations?

    That said, I just looked on the Normal website and it looks like AVG have bought them!
     
  5. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
  6. hutchingsp

    hutchingsp Registered Member

    Joined:
    Aug 2, 2007
    Posts:
    174
    OK so a little feedback. I've setup a VM to run their management server and I've been exploring it.

    Antivirus is the Norman engine - it isn't especially configurable and tbh I'm struggling a little with how to test it in real world use because I wouldn't say we have a massive issue where Avira helps us out - we tend to rely on our email filter catching anything executable and WildFire to flag zero-day stuff whilst it's sat in quarantine.

    Device Control is what it says - you can assign access based on user, group, computer, device type, model, unique device ID and you can assign read, write, shadowing of file info of stuff read/written so that looks handy.

    Application Control - again lets you specify whitelists/blacklists by user/group/computer as well as (I think) being able to quickly search for files be name/hash and immediately allow/deny them running.

    Nice thing with the device and application control is you can have different policies based on criteria i.e. if a machine is on the LAN you can have a set of policies that change when it's disconnected i.e. someone takes a laptop offsite and it could automatically go into "lockdown" mode.

    Quite impressed so far.
     
Loading...