[THIN] Re: Trend Micro Office Scan 7.3 vs Server Protect
- From: "Euan Cooper" <euan.cooper@xxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Fri, 15 Jun 2007 09:20:01 +1200
I have installed Office Scan 8.0[1] on our test TS and there is no
pccntmon.exe process that I can see - there is a single system process
called ntrtscan.exe which looks like it does the real time scan. I
did try downloading eicar.zip from the trend site on my test box and
Office scan was all over it[2]. Early days of testing and I'm still a
way off committing to deployment on production servers but so far
looking good.
-Ec
1 I know the subject line says 7.3 but earlier in the week when
searching the trend
site for docs/guidelines for Office Scan on TS I found they had
released 8.0
2 like a donkey on a waffle
pccntmon.exe
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Jeremy Saunders
Sent: Friday, 15 June 2007 12:25 a.m.
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Trend Micro Office Scan 7.3 vs Server Protect
That's true Rick. I personally set a policy to remove the process from
the RUN key on all my deployments, but customers are not always
comfortable with that, because it means that you're disabling real-time
scanning. I guess you could then run a Scheduled Task an an
Administrative user to execute the PccNTMon.exe process. But I've not
tried that.
Cheers,
Jeremy.
"Rick Mack"
<ulrich.mack@gmai
l.com>
To
Sent by: thin@xxxxxxxxxxxxx
thin-bounce@freel
cc
ists.org
Subject
[THIN] Re: Trend Micro Office
Scan
14/06/2007 06:14 7.3 vs Server Protect
PM
Please respond to
thin@xxxxxxxxxxxx
g
Hi Jeremy,
But that's why we've got group policies.
In your TS server OU group policy under machine configuration > windows
settings > security settings > file system, and add file > pccntmon.exe.
Just set the ACL on pccntmon.exe to admin read/execute only and remove
users.
It's also a great way to get rid of stuff like the Altiris agent,
ctfmon.exe etc on your terminal servers.
regards,
Rick
--
Ulrich Mack
Commander Australia
On 6/14/07, Jeremy Saunders <jeremy.saunders@xxxxxxxxxxx> wrote:
I don't know about that. There were definitely some engine issues with
ServerProtect that caused some issues over the years, but it's a lot
less
intrusive than OfficeScan. OfficeScan runs the PccNTMon.exe process in
every session, which is its version of the real-time scan monitor. In
my
opinion OfficeScan uses more resources overall. I guess it depends on
your
particular environment as to whether or not this really matters.
Cheers.
Kind regards,
Jeremy Saunders
Senior Technical Specialist
SBC SITES ONLY GOOGLE SEARCH: http://www.F1U.com
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or set Digest or Vacation
mode use the below link:
//www.freelists.org/list/thin
************************************************
SBC SITES ONLY GOOGLE SEARCH: http://www.F1U.com
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************
Other related posts:
