Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Other security for Windows, Mac, Linux
Best solution for PC-prebuilts at bigger scale?
Message
<blockquote data-quote="AXYZE" data-source="post: 975756" data-attributes="member: 85827"><p>Hey. I don't know if this category is okay for this thread, if not then please move it. </p><p></p><p>I’m behind pre-built PC brand and we’re about to refresh our line of computers.</p><p></p><p>Instead of going with trial Norton/Avast etc like a lot of others are doing (for money obv) we are trying to make our pc’s fast, secure and <strong>without any annoyances</strong>.</p><p>After experiments we settled on Microsoft Defender + ASR Rules + Cloud security on high + Windows Firewall with blocked obvious lolbins (not all of them, as we found some old obscure software that uses these EXEs in legit way). Also disabled old samba protocol. It created the best balance, no conflicts, no calls from customers. No infections too, which was happening before before we implemented these things (infected people called us before, but not after these changes).</p><p></p><p>We experimented a lot and for example - High+ cloud security level decreased performance esp. when installing programs, Network Protection caused a lot of conflicts (for example iperf3 didnt show proper results). Script blocking ASR rule also "doesn't work", as many people play Minecraft on unofficial Java launchers and many of them are using obfuscated scripts that are 100% legit...</p><p></p><p>We sold thousands of PC’s and found that our current config doesn't create any problems for our customers, but I would love to improve it even further.</p><p>I’m posting here because I’m interested in your opinion – what more we could do while maintaining „fast & secure and without annoyances” principles?</p><p>What are your experiences with malware-blocking DNS like Cloudflare 1.1.1.2? Does it ever kick in? People are installing their own browsers like Opera GX so I'm thinking that instead of extension like TrafficLight maybe could do similar thing at DNS-level? Which DNS has the best phishing blocking? In my tests I found out that Norton is blocking Facebook ad-##### like super ultra iPhone giveaways the quickest, but we can't rely on extensions and don't want to include trial AV... I'm testing 1.1.1.2 for some time (half a year?) and NEVER saw it kickin in so idk... What about Quad9 and others? Share your experiences!</p><p></p><p>„<strong>Without annoyances</strong>” is very important, some people even try to disable UAC because its already too much for them, so for example we cant make default user w/o admin rights. </p><p>We are transparent and informing users about changes compared to "default Windows" btw if someone here is worried that we are making some "unofficial" changes.</p><p>We are selling 99% of our PC's to polish customers (mainly gamers), 1% is other countries in Europe (Germany, UK etc.) so our experiences can be different as every country sees other threats, be aware of that if your experience for anything mentioned is different (for example 1.1.1.2 can work for you, but doesn't here).</p></blockquote><p></p>
[QUOTE="AXYZE, post: 975756, member: 85827"] Hey. I don't know if this category is okay for this thread, if not then please move it. I’m behind pre-built PC brand and we’re about to refresh our line of computers. Instead of going with trial Norton/Avast etc like a lot of others are doing (for money obv) we are trying to make our pc’s fast, secure and [B]without any annoyances[/B]. After experiments we settled on Microsoft Defender + ASR Rules + Cloud security on high + Windows Firewall with blocked obvious lolbins (not all of them, as we found some old obscure software that uses these EXEs in legit way). Also disabled old samba protocol. It created the best balance, no conflicts, no calls from customers. No infections too, which was happening before before we implemented these things (infected people called us before, but not after these changes). We experimented a lot and for example - High+ cloud security level decreased performance esp. when installing programs, Network Protection caused a lot of conflicts (for example iperf3 didnt show proper results). Script blocking ASR rule also "doesn't work", as many people play Minecraft on unofficial Java launchers and many of them are using obfuscated scripts that are 100% legit... We sold thousands of PC’s and found that our current config doesn't create any problems for our customers, but I would love to improve it even further. I’m posting here because I’m interested in your opinion – what more we could do while maintaining „fast & secure and without annoyances” principles? What are your experiences with malware-blocking DNS like Cloudflare 1.1.1.2? Does it ever kick in? People are installing their own browsers like Opera GX so I'm thinking that instead of extension like TrafficLight maybe could do similar thing at DNS-level? Which DNS has the best phishing blocking? In my tests I found out that Norton is blocking Facebook ad-##### like super ultra iPhone giveaways the quickest, but we can't rely on extensions and don't want to include trial AV... I'm testing 1.1.1.2 for some time (half a year?) and NEVER saw it kickin in so idk... What about Quad9 and others? Share your experiences! „[B]Without annoyances[/B]” is very important, some people even try to disable UAC because its already too much for them, so for example we cant make default user w/o admin rights. We are transparent and informing users about changes compared to "default Windows" btw if someone here is worried that we are making some "unofficial" changes. We are selling 99% of our PC's to polish customers (mainly gamers), 1% is other countries in Europe (Germany, UK etc.) so our experiences can be different as every country sees other threats, be aware of that if your experience for anything mentioned is different (for example 1.1.1.2 can work for you, but doesn't here). [/QUOTE]
Insert quotes…
Verification
Post reply
Top
