@brent gardner

workstations, A/V should mainly be seen as a defense against thumb drives, since they can't be controlled by network policy. You should already be blocking known spammers, porn and warez websites, bit torrent, etc. So those should not be entry points anyway. If they are, you're doing something wrong.

Oh my god how wrong can you be !!!!

just disable it in the bios and protect the registry and change usbstor from 3 to 4

That can be done Via a GPO which hang on 1 second ... ITS A NETWORK POLICY !!!!

gah i understand what your trying to say but your wrong

we manage multiple companies remotley which means we cant lock things down at all.

and then ontop of that they dont browse porn there and they dont download warez

But they get shit loads of bugs trying to get in via email but we use groupshield which is a AV product that stops at least 300 odd trojans a day

then we have AV on all the machines and still bugs get on ... (facebook private email etc )

please explain should i go to the director and say lets get rid of all your protection you dont need it !

bloody hell your daft !

IT? icon cause thats the bloody boat your sitting in !