I've tried scouring these forums and support articles, but haven't found what I am looking for.
What are the recommended or best practice configs for AV/spyware scans on client machines?
If there isn't official documentation, then what works and is consistent for you guys?
We have a mixture of desktops, laptops and Citrix VMs all running Windows 7 in our environment. All physical machines are turned off at close of business, and WoL is hit or miss with MDRs it seems, but I can work with that. Don't care about server settings, we took LD off of them because it was so inconsistent.
I have tried a couple different configs in the past, but nothing is ever consistent. Heaven forbid we have a virus issue and have to start a catch all task. That throws the local schedules completely off and we won't get scans ever back on a schedule, without pushing the update to all of the agents. Oh man, don't get me started on trying to limit the CPU usage on the clients. I'm convinced that slider bar is just there for show.
So what works best for you all? Local schedules? One task run from the core? Push or Policy? What settings do you use that gives you the most consistent coverage? Screen shots of your configs is a plus .
Thanks for any help you can offer!!