Antivirus software options

30 views
Skip to first unread message

jamiean...@gmail.com

unread,
Dec 31, 2021, 12:35:29 PM12/31/21
to Digital Curation
Hello all,

My institution's IT recently switched from McAfee to CrowdStrike for antivirus software. McAfee had the capability of doing local scans, so that was the tool we generally used for pre-ingest virus scans on new digital transfers. IT claims that CrowdStrike has On-Write capability so that any files added to a device are scanned as they are downloaded. They basically are saying that with CrowdStrike's monitoring, the local scan is no longer necessary.

I'm now gathering information and researching other options. I have used ClamAV a handful of times but ran into the file size limit with some very large AV files even with the --max-scansize and --max-filesize options. I would appreciate any other antivirus scanner recommendations, workarounds with ClamAV and large files, and thoughts about relying on IT's antivirus scanning. Thank you and happy holidays!

Jamie Patrick-Burns
State Archives of North Carolina

Matthew Adair

unread,
Jan 3, 2022, 12:00:09 PM1/3/22
to digital-...@googlegroups.com
Jamie, 
I'm on the periphery of the security community here at UofM, but based on the information I have seen, Crowdstrike is an excellent decision on the part of your IT department. That said, we had the same concerns about whether or not we could run any sort of on demand virus scans. Below is what our university IT shared with me. It may or may not work for you depending on how your IT has your systems configured.

--
Sometimes support staff need the ability to run an on-demand or targeted scan for malware. CrowdStrike Falcon lacks on-demand scanning functionality, but IT staff can still use Windows Defender to perform an on-demand scan. To perform an on-demand malware scan, follow the steps below:
  1. Launch Settings from the Windows Start Menu
  2. In the Windows Settings screen select Update & Security and then select Windows Security
  3. In the Windows Security screen select Virus & threat protection
  4. In Virus & threat protection, click Scan options (you may have to toggle periodic scanning on in order to see scanning options)
  5. Four types of scans are available:
    1. Quick Scan
    2. Full Scan
    3. Custom Scan (allows you to select a file or folder location)
    4. Windows Defender Offline scan (requires a restart and may be used to clean difficult to remove malware)
  6. Select and run the scan that is most appropriate to your use case.
--

Best regards and Happy New Year!

Matt

----
Matthew Adair
Lead Archivist for Digital Imaging and Infrastructure
[Due to working remotely, email is the best method to reach me.]


Bentley Historical Library
1150 Beal Avenue
Ann Arbor, Michigan 48109-2113
734-647-3537
http://bentley.umich.edu
@UmichBentley

The Bentley Historical Library acknowledges that coerced cessions of land by the Anishnaabeg and Wyandot made the University of Michigan possible, and we seek to reaffirm the ancestral and contemporary ties of these peoples to the lands where the University now stands.


--
You received this message because you are subscribed to the Google Groups "Digital Curation" group.
To unsubscribe from this group and stop receiving emails from it, send an email to digital-curati...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/digital-curation/f128216f-941e-4560-9974-544bc1ec2ec5n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages