Events for all Levels and InterestsStay
Jump Start Your Career GrowthStay
Get on the Higher Ed IT MapStay
Uncommon Thinking for the Common Good™Stay
RFI--Forefront and Alureon
Lansing Community College implemented Forefront in Summer 2011. Starting in 2011 Q4 Forefront was detecting and reporting Alureon infections. Forefront was not able to quarantine nor remove the malware. Currently our solution is to use a couple of anti-malware products in tandem to completely remove Alureon (certain variants).
· Forefront client, server, and reporting server are 2010.
· Clients are configured via AD/GP for daily, quick scans and weekly, full scans.
· Signatures are updated before all scans.
· The College has a large laptop footprint. Qualitatively, we feel the malware is getting on the system when outside our network (user’s home network).
· HIPS is not installed.
We are curious if other HEs are seeing this with their Forefront environments.
If common, I have a route to bring a “larger” issue to Microsoft.
Please feel free to contact me off-line if preferred. firstname.lastname@example.org
Quentin L. McCallum, CISSP
Information Security Analyst
Lansing Community College