We'd like to have the ability to exclude alert notifications for certain scanned file/file types. This is for instances where a file type that is just ignored (e.g. ost, html, cab) are still logged but wont notify as "Present" status repeatedly. The Global Exclusion excludes the file/file type from getting scanned but we would prefer to still see it on the audit trail, that way it would still be included on the reports ...more »
Currently the security event only shows the process name. This is useless when it is cmd.exe, pwoershell.exe, cscript.exe
We need to know the argument being passed ie the command being carried out or script being run.
In Task Manager or Direct Support Tools, this is known as "Command Line"
Under Configuration-Security Manager->Quarantine Management you have the list of files quarantined and you can choose to delete or restore the files.
It would be very helpful if you could "restore and add to exclusion" in one shot. A pop-up comes up and provides the option to add it to process, file or folder, or network path etc.
AV scanners have evolved as has bitdefender however we are not receiving the full power of the appliaction we are paying for and as such we have started evaluating Sonicwalls Capture Client so that we receive the ability to sandbox files Solarwinds have the license to include the sandboxing feature that Bitdefender provide but are relucatant to include it until it is voted upon despite the risk of loosing 5000+ AV licenses ...more »
For some reason it was decided that when AV Defender protection was disabled, it would still show that it was protected on the end-user device in the notiication area icon and the overall status shown in product. This decision was made so that all end-users wouldn't call your helpdesk to inform you that AV protection was disabled. I'm not aware of any other AV product that will knowingly "lie" to an end-user, and this ...more »
Right now, if you enable AV defender for an X number of devices, you will not get feedback if it is indeed succesfully installed.
you have to go trough each agent, or hover over the device to see if the version is installed or not. Also, you will not get notified if the existing anti-virus programm was uninstalled (if there was any).
The current setup will automatically release the AV Defender license for a deleted agent after 15 days.
With the ever changing customer environment, we have to hold an all time +5% AV-Defender licenses in stock, to deal with this massive delay, and that is a major cost!
We can accept a maximum of a one hour delay, from deletion to release. Not 15 days!!
It would be great to be able to pull a report for all devices at a client showing their scan dates like you can for windows machines in RMM. It would make it a lot easier to see the status of AV scans for clients with macs instead of individually going in and looking at each one's devices logs on the MAC-MSP Site.
would be nice if MSP RMM supported the Securepoint Antivirus Pro and provide the associated checks.
I've noticed that some of our clients' devices have not been getting AV Defender agent updates. Our maintenance windows are usually set on the weekends or late at night, so I suspect that the users are turning off their PCs despite us telling them otherwise. For Windows updates, there's an option to have the updates installed the next time the machine boots up. It would be great if there was a similar option for AV Defender. ...more »
Currently the AV Status service does not recognize AMP for Endpoints (with Tetra enabled) as a valid AV solution and doesn't report on it even when Windows itself recognizes AMP for Endpoints.
Please add AMP for Endpoints compatibility into the AV Status service.
At present, you can see malware, phishing events etc in n-central.
but there is no way to export them at the so level; to sort out duplicates, what needs to be whitelisted, what users need cautioning, etc.
Why event details can't be included in the SO level report, I don't know.