MSP N-central

Submitted by (@dylan.oblena)

AV notification exclusion for specific file/file types

We'd like to have the ability to exclude alert notifications for certain scanned file/file types. This is for instances where a file type that is just ignored (e.g. ost, html, cab) are still logged but wont notify as "Present" status repeatedly. The Global Exclusion excludes the file/file type from getting scanned but we would prefer to still see it on the audit trail, that way it would still be included on the reports ...more »

MSP N-central

Submitted by (@madelineoryx)

Schedule uninstall AV Defender maintenance window

We lost a client to another IT company and they want us to remove AV Defender at 12:00am.

Instead of me having to create the AV Defender uninstall rule or bulk removal of AVD (https://support.solarwindsmsp.com/kb/solarwinds_n-central/Uninstall-AV-Defender--via-bulk-edit?q=Uninstall-AV-Defender--via-bulk-edit) at midnight, I propose we have an uninstall maintenance window so that we can schedule the uninstall.

MSP N-central

Submitted by (@goretex)

Managed Antivirus Sandboxing

AV scanners have evolved as has bitdefender however we are not receiving the full power of the appliaction we are paying for and as such we have started evaluating Sonicwalls Capture Client so that we receive the ability to sandbox files Solarwinds have the license to include the sandboxing feature that Bitdefender provide but are relucatant to include it until it is voted upon despite the risk of loosing 5000+ AV licenses ...more »

MSP N-central

Submitted by (@barry.wheatley)

AV Defender MSIs for installation

It would be nice to have an .msi format installer for AV Defender installation - this would simplify deployment in some environments where partners wish to script the install or deploy via MDT. Currently the supplied .exe files require some additional work to script the installation when deployment via N-Central isn't possible or practical.

MSP N-central

Submitted by (@rodejoost)

Monitor installation of AV-defender

Right now, if you enable AV defender for an X number of devices, you will not get feedback if it is indeed succesfully installed.

you have to go trough each agent, or hover over the device to see if the version is installed or not. Also, you will not get notified if the existing anti-virus programm was uninstalled (if there was any).

MSP N-central

Submitted by (@brett401)

Ability To Run AV Updates & Upgrades On Next Startup

Some computers are not on during the maintenance window I have set for AV Defender updates and upgrades.

 

It would be awesome if similar to patch management there was an option that said "Install updates on next startup"

 

That way we can make sure even the devices not running during maintenance window are getting the needed updates.

MSP N-central

Submitted by (@brett401)

Add More Wildcards To AV Defender Exclusions

The list of available Windows Wildcards are nice but they seem to be lacking. It would be nice if more variants of the Windows wildcards were accepted when creating Glocal Exclusions for AV Defender. For example %HOMEDRIVE% (Points to drive where Windows is installed, normally C) In my testing I've noticed that this is not recognized by AV Defender and I'd like to cover all my bases in case a random machine has Windows ...more »

MSP N-central

Submitted by (@systemd.mfsen)

Hash detected threats in AV Defender Security Event Service FAIL

Getting MD5/SHA2 hashes of AV Defender detections would greatly aid our SOC team in threat correlation. As of right now we have no method to perform deeper analysis other than removing the relevant files. Other than implementing a centralized sandbox, getting hashes is the next best thing to help us connect the dots.