Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

← UTM (Formerly ASG) Feature Requests

AstaroOS: Antivirus Logging and Engine Details

It would be great if we could have a antivirus log as well the ability to view the current definitions loaded for both engines as well the ability to start/stop them

40 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Forgot password?
    Create a password
    I agree to the terms of service
    Signed in as (Sign out)
    Close
    Close
    You have left! (?) (thinking…)
    wingmanwingman shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    wingmanwingman shared a merged idea: Notifications: More Specific AV Up2Date Information  ·   · 

    7 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Forgot password?
      Create a password
      I agree to the terms of service
      Signed in as (Sign out)
      Close
      Close
      Submitting...
      • Adrian BaxterAdrian Baxter commented  ·   ·  Flag as inappropriate

        This seems like something that should already be available. Antivirus can and will have false positives and block legitimate files; a temporary exception could be made to allow anything important that's getting blocked and would allow the administrator to report the false positive to the antivirus provider.

        Knowing which client was trying to download the file would also allow the administrator to spot high-risk users, see legitimate or necessary sites/files that require exceptions, and generally fine tune protection.

        I would also say that there should be notifications. If a user starts downloading hack tools, for example, then it's likely that they will find something that doesn't get blocked and a notification would allow the administrator to take action.

        These are just a few examples. The important thing is that it would give the administrator a vital tool to help spot patterns, misbehaving users, and issues with false positives.

      • mhollenbeckmhollenbeck commented  ·   ·  Flag as inappropriate

        Sounds like a great idea. It would give me just a little more information when trying to provide a secure environment.

      • Matthias NeesMatthias Nees commented  ·   ·  Flag as inappropriate

        More Information about installed Patter are very useful. Size of the pattern and used signatures are good information.

      • napuzknapuzk commented  ·   ·  Flag as inappropriate

        I think its a good idea. It might also tell you if a machine is continually trying to download an unknown payload....

        napuzk aka. sm0ke

      • wingmanwingman commented  ·   ·  Flag as inappropriate

        Hi Bob

        Well for a start having a antivirus log under the logging tab can provide information such as:
        -which site was infected by spyware/phising etc

        Having the ability to check the current definitions for each engine allows the user to search within the antivirus's website for specific information (pattern x.x.x.x includes y.x signature). At the moment definition number 7545 is not useful at all.(no info are provided with regards to current signatures)

        You are right maybe start/stop functionality is a lot of work but I don't think that the rest are difficult to implement

      • Bob AlfsonBob Alfson commented  ·   ·  Flag as inappropriate

        Wingman, that sounds like a full-time job! What problem would that solve?

      UTM (Formerly ASG) Feature Requests: Usability/GUI

      Feedback and Knowledge Base

      (thinking…)
      © 2012 by Astaro GmbH & Co. KG - a Sophos company