Jump to content

SaraVN

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

1,629 profile views
  1. @djacobson Why should I have to create something to monitor an individual software, when I have a system in place that monitors the other 100+ software packages we use? SCCM isn't rare in enterprise situations, in fact it's just the opposite, very common. While your product does a good job with malware detection, I just don't think it's enterprise grade yet. Also, since I can't trust the uninstall to remove the MSI Signature in the registry, why would I trust that it removes these registry entries?
  2. I'm so frustrated with MalwareBytes ever since the issues during the last weekend in January. I have hundreds of clients that say that haven't been scanned since January 28th, I run the quick scan on them, it shows them running the scan, and then they pop back on the list of devices that haven't been scanned in over 30 days. I removed my connection to AD so that I could remove all the clients from the console. They are quickly repopulating, and so far it appears more of them are reporting back that they have been scanned recently, but I'm still not convinced that they are all correctly completing the scans. Adding this to my issue with not being able to report which computers have and don't have MalwareBytes installed through SCCM, and my boss isn't happy.
  3. How should SCCM detect that Anti-Malware is installed? We used the default setting to look for the MSI Product code, but found that devices that have had the client uninstalled, still have that code. So they don't get the program reinstalled. What is the preferred way to detect that Malware Bytes is not installed?
  4. I have been deleting the logs as instructed above every day this week. Multiple times a day. Now my servers hard drive is full, the databases are currently 0, but growing quickly. We've cleaned up most of our clients -but there are four that are still reporting the "bad" database version, even after following the directions. We are now in the process of removing the client from those machines. How do I clean up my server so that it is functional again? the SCDB database is showing as 16GB on the disk, with the scdb_log as 4.85 GB. I don't know if that's the problem or if it's something else, but I need to get the Console to be stable. Anyone else seeing this?
  5. We are having come clients getting the updated policy from our server, turning off protection. Rebooting the computer seems like it might help get the policy update. Once that's done, that should allow the update to roll-out. We won't be turning protection back on until the update is on all the computers.
  6. It's blocking all local traffic too. We turned off Protection Mode on the policy and are waiting for it to push out to clients. The ones that have gotten the new policy are working, but obviously not longer have protection. Watching for updates here.
  7. I'm on version 1.4.2.2351 They did make sure I had the most current version and had me sent a ton of log files. I've had a ticket open since the middle of November.
  8. After having worked with MalwareBytes Anti-Malware for Business for 10 months I have a few requests/suggestions/ideas: - Workstation Tracking: Allow the Console to track workstations by MAC address and/or Computer Name instead of IP address. I understand that MAC address doesn't work for some organizations, but for others it is the most stable way of tracking computers. Computer Names also tend to be less volatile than IP Addresses, especially for organizations with laptops and/or mobile workers. - Report details: Allow Exports of reports with more specific details. Examples: List computers without updated policy or without client software (or with outdated client software). List computers that have been infected within the past period of time. List of duplicate computer names or MAC Addresses. - Bonus Feature: One bonus I have found with MalwareBytes Management Console, is that it helps me to track my workstations by letting me know who has been logging onto which computers, what IP addresses computers are using (telling me where they are located) and how long they have been offline. If the console could be more reliable in workstation tracking (see first item), this would be a nice feature to promote! Yes there are other ways to track this information, but since you are installing MalwareBytes - there is no need to install additional software on each workstation. Plus I find the information is updated quicker than software that is specifically used for tracking. And, finally - I find it's easier to use. What are other features you would like to see? or features that you have been surprised by?
  9. Jim, were they able to find you a solution? Worked with support and found that the issue is caused by the console tracking by IP address instead of something less volatile like Computer name - or static like MAC address. They were unable to resolve this for me. I'm hoping someone else found a solution or work around! Thank you!
  10. And additional problem to note: MalwareBytes Console tracks computers by IP address, not name, and not MAC address. Therefore, you won't have accurate records unless computers never use the same IP address. We have the problem that our VPN server only assigns a small group of addresses, so those computers keep showing up as duplicates because they have a different IP each time they connect - plus records of threats are comingled with other computers that have used the same IP address (which can be 10 or more computers per day!). I have contacted support about this. They believe that IP address is the best way to identify and track a computer - I have asked them to use something that is more stable - such as MAC address, however it does not seem like this is something that is on the horizon anytime soon.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.