Greetings, fellow Landesk admins!
My employer has Landesk 8.8 SP3 and we have started to enforce regular spyware scans. I would like to share my settings and user feedback to solicit comments/advice from my Landesk admin peers in this forum.
The Landesk population in my company are largely composed of laptops which frequently moves in and out of my internal network. So, policy-based tasks and ldbroker configuration have been utilized. I have created a specific scan and repair setting for spyware type and enabled autofix. A security scan is created using this spyware scan-repair with a push-policy deployment method (with required and periodic settings). I've allowed a generous amount of snoozes to allow users to delay the scan towards the end of the day. Reboots can also be snoozed for a few more hours. Missed snooze requests are automatically snoozed. At the end of the snooze limit, scans/reboots automatically execute.
I have also updated my Landesk clients to the latest service pack as well as the latest hotifx/patch for spyware scanner version (as well as some beta patches to address scanning failures).
Here are some of the user feedback that I've collected as a result of the recently enforced spyware scanning.
Do you run regular spyware scans? How have you configured your spyware scan such that user acceptance is better than my description?
Thank you in advance for the comments and advice.
This is a very good configuration and gives some work around's that I'm going to steal when talking to other customers. It really shows the flexibility of our product when in the hands of a determined user.
A suggestion would add is on the Snooze screen I would add a comment that they need to let the scan run its course. This scan does a Full system scan so it's going to take up allot of the system resources.
Also you might look at how often you have the periodic interval that you have set. If you have the Realtime Ppyware enabled, this is definitely something that you don't need to have running everyday. I would do once a week, that will keep your definitions up to date. and will catch anything that somehow made it past the realtime scan. Of course this is dependant on your environment, the nature of the business and your end users computer usage might require the scan running everyday.
Our configuration is not nearly as complex as yours. We simply setup a full disk scan for Saturday evenings. As you can imagine, some users have their workstations turned off or laptops are unavailable for the scheduled task to run. We try and target those users during departmental meetings or other times when their machines are forced to remain on due to other maintenance.
I would like to see more features and control provided for the malware configuration in future versions.