BitDefender default Best Practices
I am moving from Trend Micro over to Atera' s BitDefender and was wondering if anyone had a 'best practices' recommended settings to configure on top of what you get by default and customer specific exclusions.
With Trend, they had a fairly intensive guide of recommended settings to apply and/or configure. The BD best practices sections of their guides don't seem to cover everything.
Looking through the BD control panel, it seemed like a few things that should be turned on were not, such as Ransomware mitigation, hyper detect, scheduled scans as well as the email reporting for infections.
I think I did OK, but the control panel feels a bit confusing and non-intuitive to me and wanted to make sure I didn't miss anything I should be looking at.
Comments
-
I'm not a user of either Trend Micro or BitDefender, but wanted to provide some kind of feedback for you! I've been an ESET partner for a long time and their product configurations can get really into the weeds (which is good). My recommendation in taking on a new product like this is to dive into documentation (sounds like you already have), then review each and every setting available in whatever policy editor they have available. Go through each setting and try to match it to what you had configured with Trend Micro to make things as 1:1 as possible before branching out into the other things that BD has to offer.
On my endpoints, since ESET performs real-time analysis of everything that's opened or accessed, I actually disabled scheduled scans. I used to run them, but I would occasionally get complaints about slowness that lined up with the scan times. The complaints were few, but they did happen. Since the real-time protection is quite good and all of the threats are caught using that method, I decided to cancel the scheduled scans. The scheduled scans literally never found anything that the real-time engine hadn't already handled. This freed up some system resources for my clients.
1 -
I would have to agree with @dyoder. Switching platforms can be a tedious and daunting task especially when you know it has to exist for the new one some where, but it is named something different. If it wouldn't be such a security risk to share what options are our go to standard for security policies we use, I'd say share them. For myself, I use SentinelOne and am looking to layer my security with maybe CrowdStrike or Huntress. Do you use a layered Security posture in your environments? If so, what is the best combination you have found?
1
Topics
- All Topics
- 31 Getting started
- 20 Read before posting
- 7 Meet and greet
- 156 General
- 42 News and announcements
- 40 Resources
- 7 Knowledge Base
- 7 Webinars
- 1 Shared Script Library
- Blog
- 4 Pro Tips
- 21 Got an idea?
- 93 Remote Monitoring and Management
- 67 Remote Monitoring
- 18 Patch Management
- 64 Professional Services Automation
- 42 Helpdesk
- 7 Billing
- 14 Reporting
- 25 Integrations & add-ons
- 16 Integrations
- 6 Add-ons
- 69 Scripting and automations
- 43 Scripts
- 22 Automations