Supported Antivirus Products

The latest version of the Advanced Monitoring Agent monitors the definition updates for the following products.

Vendor

Product and Version

Avast!

Avast! Antivirus

Avast!

Avira

Avira AntiVir Professional

Avira AntiVir Server

Bitdefender

 

Bitdefender Client Security

Bitdefender Cloud Security

Bitdefender GravityZone Security for Endpoints

Bitdefender Security for Exchange

Bitdefender Security for Mail Servers

Bitdefender

The Bitdefender Check does not support fast ring updates.

CA

CA eTrust Inoculan

CA eTrust inoculateIT

CA Antivirus

Eset

Eset Nod32

F-Secure

F-Secure Antivirus

GData

GData Antivirus

Engine A (Bitdefender)

Engine B (Avast)

GData Antivirus Business and Enterprise Edition (Client)

Engine A (Bitdefender)

Engine B (Avast)

GData Antivirus Enterprise (Client)

Engine A (Bitdefender)

Engine B (Avast)

GData Antivirus Business (Client)

Engine A (Bitdefender)

Engine B (GData)

GData Antivirus

Engine A (Bitdefender)

Engine B (GData)

Grisoft

Grisoft AVG

Kaspersky

Kaspersky Antivirus

Kaspersky Anti-virus for Windows Servers Enterprise Edition

Kaspersky Endpoint Security for Windows for Fileservers

Kaspersky Endpoint Security for Windows Version

Kaspersky Endpoint Security

Kaspersky Enterprise Edition

Kaspersky Security for Microsoft Exchange Server

Kaspersky Security

Kaspersky Small Business Edition

Managed Antivirus*


Bitdefender Engine

VIPRE Engine

McAfee

McAfree Antivirus

McAfee Endpoint Security

McAfee GroupShield

McAfee NetShield

McAfee Security Service for Exchange

McAfee Total Protection

McAfee VirusScan

McAfee WebShield

Microsoft

Microsoft Forefront Client Security

Microsoft Forefront EndPoint Protection

Microsoft System Center 2012 Endpoint Protection

Microsoft Security Essentials (including V2)

Windows Defender Antivirus (from Windows 8)

Security Intelligence Updates for Windows Defender Antivirus is delivered through Windows Update and handled by Patch Management for Windows where configured on the device.

To make sure computers receive these updates regardless of their severity classification, configure the Patch Policy Auto Approval settings for Microsoft to Approve for all severities and set the Installation Schedule to ensure the computers regularly receive these Security Intelligence Updates.

Please be aware that Security Intelligence Updates only deploy at the scheduled installation time configured in Patch Management. No updates will take place outside of this cycle. After configuring the Patch Management settings, we suggest changing the Antivirus Update Check Days to run to take account of the Patch installation schedule.

After configuring the Patch Management for Windows settings, we suggest changing the Antivirus Update Check Days to run to take account of the Patch installation schedule.

Windows Defender Antispyware (pre-Windows 8)

Norton

Norton Antivirus

Included as part of the Symantec Antivirus Update Check

Norman

Norman Antivirus

Norman Endpoint Protection

Panda

Panda Security For Business

Panda Security For Business with Exchange

Panda Security For Enterprise

Panda Cloud Office Protection

Sophos

Sophos Antivirus

Symantec

Symantec Antivirus

Symantec Antivirus IntelligentUpdate

Symantec Antivirus LiveUpdate

Symantec Antivirus RapidRelease

Symantec Endpoint Protection

Symantec Endpoint Protection Cloud

Trend

Trend Antivirus

Trend Micro Antivirus

Trend Officescan

Conventional Scan

Smart Scan

Trend ScanMail

Trend ServerProtect

Trend Worry Free Business Security

Conventional Scan

Smart Scan

Trend Worry-Free Business Security Services

VIPRE

VIPRE Antivirus

VIPRE Antivirus Business

VIPRE Antivirus Business Premium

VIPRE Enterprise Agent

VIPRE Internet Security

VIPRE Premium

Webroot

Webroot SecureAnywhere

* Managed Antivirus Engine (Bitdefender)

Managed Antivirus automatically adds a dedicated 24x7 Managed Antivirus Update Check (Bitdefender) during installation.

As the Managed Antivirus Update Check (Bitdefender) is a 24x7 Check it will not appear in the Daily or Weekly Reports.

Parallel installation of Mail Server Antivirus products with Managed Antivirus (VIPRE)

The following email server Antivirus products can be installed and monitored in parallel with Managed Antivirus (VIPRE)

  • Kaspersky Security for Microsoft Exchange Server

  • McAfee Security Service for Exchange

  • McAfee GroupShield

  • Trend ScanMail

 

Product and Definition Update Notes

Product

Products and Notes

CA

CA eTrust

The Agent detects indicators for both CA eTrust definition file update mechanisms and adds Checks for both. As only one update mechanism is used, we recommend removing the inactive Check once the Agent uploads the results to the Dashboard.

Microsoft

Windows Defender Antivirus

From Windows 8 Windows Defender includes both an antivirus and antispyware component with the Windows Defender Antivirus Check monitoring both elements.

Prior to the release of Windows 8 Windows Defender only contained an antispyware component, monitored by the Windows Defender Antispyware Check.

Managed Antivirus can install alongside and deactivate Windows Defender using the technology included in the Competitor Antivirus Removal Tool (CART). CART must be enabled on the device to allow Managed Antivirus to install in parallel with Windows Defender.

Install Managed Antivirusalongside and deactivate Windows Defender using the technology included in the
Competitor Antivirus Removal Tool (CART). CART must be enabled on the device to allow to install in parallel with Windows Defender.

Symantec

Symantec Endpoint Protection

Symantec does not automatically install Symantec Endpoint Protection Client on computers running Symantec Endpoint Protection's Management Console. It may be necessary to install the Client as well as the Management Console onto the computer for protection and monitoring.

Trend

Trend OfficeScan and Trend Worry Free Antivirus

Both Trend Officescan and Trend Worry-Free Business Security have two scanning engines, Conventional Scan and Smart Scan with dedicated Checks for each engine per product, although only one may be active and returning data.

We automatically add Checks for the default Conventional Scans: Trend Officescan Conventional Scan or Trend Worry-Free Business Security Smart Scan Check.

To monitor the SmartScan engine, manually add the Smart Scans Checks:Trend Officescan Smart Scan Check or Trend Worry-Free Business Security Smart Scan Check

Webroot

Webroot SecureAnywhere

As there are no local signature definition updates for the Webroot SecureAnywhere Agent, the Advanced Monitoring Agent queries the update indicator of the local computer for the time of the last update.

Where the update time is outside of the entered "Number of days out-of-date" threshold the Check is reports as failed. For this Check "Always when out-of-date" will trigger a failure where an update has not taken place in the preceding 24 hours.

The Check queries a time entry, rather than a local definition file indicator, and could potentially lead to a false positive where no updates have been released by Webroot and downloaded to the Webroot SecureAnywhere Agent during the monitored period.

Unsupported Products

If we do not currently support your Antivirus product, add a daily Event Log Check or Script Check to monitor its status.

  • Add an Event Log Check if the backup product writes its status information to the Windows Event Log.

  • Author a script and add it as a Script Check where the Antivirus product writes its update status to other locations, for example native log files.

    For workstations we have included a Security Center script. This queries the Windows Security Center for the Antivirus update status, there the product writes this information to the Windows Security Center.

Sentinel One Monitoring

Sentinel One uses process behavior to monitor multiple processes to recognize attacks as they develop and respond at machine speed. This is different to signature-based detection from traditional AV solutions, which monitors processes as they execute, and not the processes that can spawn from of it. As such there is no Antivirus Check available.

A custom Service / Script Check has been developed and can be utilized to monitor Sentinel One instead. Please see Sentinel One Monitoring for details.