Jump to content

ChrisHaag

Members
  • Content Count

    13
  • Joined

  • Last visited

About ChrisHaag

  • Rank
    New Member
  1. As said, for us the #1 indicator MWB is not working on an endpoint is if there is nothing displayed when right clicking the MWB icon in the tray. We have de-installed, rebooted the PC and installed MWB again in such cases. Then it was working fine. You may also test whether the protection is working by opening iptest.malwarebytes.org. We have fooled ourselves in one case where the "Start threat scan" would not appear on the tray icon. It might take a minute or so after rebooting. Back to topic...does someone from Malwarebytes have a comment on what I initially posted? Do others feel the same as we do?
  2. Thanks for you help Kalrand. First, we try to avoid delaying the startup of any security measure as we have to train our users to wait before they start clicking. Protection should start with the system. Earlier means safer. Anyway, the purpose of my post was not primarily to find out what we can do against endpoints not being protected. In fact we would like to be aware of our overall level of security. Today we have "limited vision". Everything looks good, but the reality is that endpoints are not protected.
  3. We have repeatedly had the case that on several endpoints the protection was not working. We could not figure out why yet, but suspect a relation to updates of the engine from 3.1 to 3.3. But that is not the point of this post. Today we found out that 5 endpoints had no protection since several days. No protection means for us that in the MWB cloud console the indicator next to the endpoint is gray instead of green for an otherwise up and running endpoint. Schedules scan obviously do not run. If we open iptest.malwarebytes.org on such an unprotected PC, there is no blocking. One user today attempted to manually start a scan and there was no context menu. That is how we discover something is wrong. No context menu means no protection. We then looked at the list of users online in our internal chat system, looked up their corresponding AD computer names and compared that with the MWB cloud console. A boring and time consuming manual task… To be safe we would have to do such a check let’s say twice a day. Or we would have to ask our users to right click the MWB icon in the tray twice a day and check there is a context menu. It may be hard to display such issues in the MWB cloud console as the question is how to figure out if a PC is not switched on (“user on vacation” situation) or if there is an issue with MWB. Maybe there is another option... We have the MWB icon visible in the tray all the time so that users can see whether MWB has been loaded. It would really help us if the icon could be gray in case the protection is not working. That’s what our users here are used to from their home PCs protected with MWB consumer: gray means no full protection, blue means MWB is OK. We could instruct users to report to us if the MWB icon is gray in the tray. And if the MWB client would report that to the cloud (as long as the required communication component is still working) it would help even more. Currently we are in the situation of not knowing whether our company is well protected or not. We just do no know how many endpoints are unprotected. Would you consider implementing the “gray icon” feature?
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.