Supported Antivirus Products
The latest version of the Advanced Monitoring Agent monitors the definition updates for the following products.
| Vendor | Product and version |
|---|---|
| Avast! | Avast! Antivirus |
| Avast! | |
| Avira | Avira AntiVir Professional |
| Avira AntiVir Server | |
| Bitdefender | Bitdefender Endpoint Security |
| Bitdefender Security for Exchange | |
| Bitdefender Security for Mail Servers | |
| Bitdefender | |
|
The Bitdefender Check does not support fast ring updates. |
|
| CA | CA eTrust Inoculan |
| CA eTrust inoculateIT | |
| CA Antivirus | |
| Eset | Eset Nod32 |
| F-Secure | F-Secure Antivirus |
| GData | GData Antivirus |
| Engine A (Bitdefender) | |
| Engine B (Avast) | |
| GData Antivirus Business and Enterprise Edition (Client) | |
| Engine A (Bitdefender) | |
| Engine B (Avast) | |
| GData Antivirus Enterprise (Client) | |
| Engine A (Bitdefender) | |
| Engine B (Avast) | |
| GData Antivirus Business (Client) | |
| Engine A (Bitdefender) | |
| Engine B (GData) | |
| GData Antivirus | |
| Engine A (Bitdefender) | |
| Engine B (GData) | |
| Grisoft | Grisoft AVG |
| Kaspersky | Kaspersky Antivirus |
| Kaspersky Anti-virus for Windows Servers Enterprise Edition | |
| Kaspersky Endpoint Security for Windows for Fileservers | |
| Kaspersky Endpoint Security for Windows Version | |
| Kaspersky Endpoint Security | |
| Kaspersky Enterprise Edition | |
| Kaspersky Security for Microsoft Exchange Server | |
| Kaspersky Security | |
| Kaspersky Small Business Edition | |
| Managed Antirvirus* | Bitdefender Engine |
| VIPRE Engine | |
| McAfee | McAfree Antivirus |
| McAfee Endpoint Security | |
| McAfee GroupShield | |
| McAfee NetShield | |
| McAfee Security Service for Exchange | |
| McAfee Total Protection | |
| McAfee VirusScan | |
| McAfee WebShield | |
| Microsoft | Microsoft Forefront Client Security |
| Microsoft Forefront EndPoint Protection | |
| Microsoft Security Center (workstations only)
For more information, see AV Check - Microsoft Security Center. |
|
| Microsoft System Center 2012 Endpoint Protection | |
| Microsoft Security Essentials (including V2) | |
| Windows Defender Antivirus (from Windows 8) | |
|
Security Intelligence Updates for Windows Defender Antivirus is delivered through Windows Update and handled by Patch Management for Windows where configured on the device.
|
|
| Windows Defender Antispyware (pre-Windows 8) | |
| Norton | Norton Antivirus Included as part of the Symantec Antivirus Update Check |
| Norman | Norman Antivirus |
| Norman Endpoint Protection | |
| Panda | Panda Security For Business |
| Panda Security For Business with Exchange | |
| Panda Security For Enterprise | |
| Panda Cloud Office Protection | |
| Sophos |
Sophos Antivirus Pass/fail criteria for newer versions of Sophos AV, such as Intercept X, is based on information gathered from the local endpoint and does not necessarily indicate that the virus definitions installed on the endpoint are the latest as published by Sophos. N-sight will indicate a failure where we determine various Sophos specific services are not running and the installed software indicates that it is not regularly updating. |
| Symantec | Symantec Antivirus |
| Symantec Antivirus IntelligentUpdate | |
| Symantec Antivirus LiveUpdate | |
| Symantec Antivirus RapidRelease | |
| Symantec Endpoint Protection | |
| Symantec Endpoint Protection Cloud | |
| Trend | Trend Antivirus |
| Trend Micro Antivirus | |
| Trend Officescan | |
| Conventional Scan | |
| Smart Scan | |
| Trend ScanMail | |
| Trend ServerProtect | |
| Trend Worry Free Business Security | |
| Conventional Scan | |
| Smart Scan | |
| Trend Worry-Free Business Security Services | |
| VIPRE | VIPRE Antivirus |
| VIPRE Antivirus Business | |
| VIPRE Antivirus Business Premium | |
| VIPRE Enterprise Agent | |
| VIPRE Internet Security | |
| VIPRE Premium | |
| Webroot | Webroot SecureAnywhere |
* Managed Antivirus Engine (Bitdefender)
Managed Antivirus automatically adds a dedicated 24x7 Managed Antivirus Update Check (Bitdefender) during installation.
As the Managed Antivirus Update Check (Bitdefender) is a 24x7 Check it will not appear in the Daily or Weekly Reports.
Parallel installation of Mail Server Antivirus products with Managed Antivirus (VIPRE)
The following email server Antivirus products can be installed and monitored in parallel with Managed Antivirus (VIPRE)
-
Kaspersky Security for Microsoft Exchange Server
-
McAfee Security Service for Exchange
-
McAfee GroupShield
-
Trend ScanMail
Product and definition update notes
| Vendor | Product and notes |
|---|---|
CA |
CA eTrust |
| The Agent detects indicators for both CA eTrust definition file update mechanisms and adds Checks for both. As only one update mechanism is used, we recommend removing the inactive Check once the Agent uploads the results to the N-sight RMM All Devices view. | |
Microsoft |
Windows Defender Antivirus |
| From Windows 8 Windows Defender includes both an antivirus and antispyware component with the Windows Defender Antivirus Check monitoring both elements. Prior to the release of Windows 8 Windows Defender only contained an antispyware component, monitored by the Windows Defender Antispyware Check. Managed Antivirus can install alongside and deactivate Windows Defender using the technology included in the Competitor Antivirus Removal Tool (CART). CART must be enabled on the device to allow Managed Antivirus to install in parallel with Windows Defender.
Install Managed Antivirus alongside and deactivate Windows Defender using the technology included in the |
|
Symantec |
Symantec Endpoint Protection |
| Symantec does not automatically install Symantec Endpoint Protection Client on computers running Symantec Endpoint Protection's Management Console. It may be necessary to install the Client as well as the Management Console onto the computer for protection and monitoring. | |
Trend |
Trend OfficeScan and Trend Worry Free Antivirus |
| Both Trend Officescan and Trend Worry-Free Business Security have two scanning engines, Conventional Scan and Smart Scan with dedicated Checks for each engine per product, although only one may be active and returning data. We automatically add Checks for the default Conventional Scans: Trend Officescan Conventional Scan or Trend Worry-Free Business Security Smart Scan Check. To monitor the SmartScan engine, manually add the Smart Scans Checks:Trend Officescan Smart Scan Check or Trend Worry-Free Business Security Smart Scan Check |
|
Webroot |
Webroot SecureAnywhere |
| As there are no local signature definition updates for the Webroot SecureAnywhere Agent, the Advanced Monitoring Agent queries the update indicator of the local computer for the time of the last update. Where the update time is outside of the entered "Number of days out-of-date" threshold the Check is reports as failed. For this Check "Always when out-of-date" will trigger a failure where an update has not taken place in the preceding 24 hours.
The Check queries a time entry, rather than a local definition file indicator, and could potentially lead to a false positive where no updates have been released by Webroot and downloaded to the Webroot SecureAnywhere Agent during the monitored period. |
Unsupported Products
If we do not currently support your Antivirus product, add a daily Event Log Check or Script Check to monitor its status.
-
Add an Event Log Check if the backup product writes its status information to the Windows Event Log.
-
Author a script and add it as a Script Check where the Antivirus product writes its update status to other locations, for example native log files.
For workstations we have included a Security Center script. This queries the Windows Security Center for the Antivirus update status, there the product writes this information to the Windows Security Center.
Sentinel One Monitoring
Sentinel One uses process behavior to monitor multiple processes to recognize attacks as they develop and respond at machine speed. This is different to signature-based detection from traditional AV solutions, which monitors processes as they execute, and not the processes that can spawn from of it. As such there is no Antivirus Check available.
A custom Service / Script Check has been developed and can be utilized to monitor Sentinel One instead. Please see Sentinel One Monitoring for details.