University of Utah Health Sciences Center (UUHSC) is a division of University Health Care — a large healthcare network and medical training institution that consists of a number of hospitals, clinics, specialty healthcare centers, medical schools, and research centers. To support the approximately 17,000 academic, clinical, and administrative users spread across more than 60 separate buildings — some up to 100 miles away — UUHSC operates three data centers and employs an IT staff of more than 200. A team of 15 technicians spends most of each day roaming campuses and fixing computers. Protecting the UUHSC network from viruses and other malware is the responsibility of one IT person, but it is not his primary job; like most IT administrators, his time to deal with such issues is limited.
Stand-alone anti-virus solution is time-consuming and ineffective
“My predecessor at University of Utah Health Sciences Center turned to McAfee VirusScan Enterprise software several years ago — and more recently, McAfee AntiSpyware Enterprise — to protect our network from viruses and other malware,” explains Neil Baird, senior client systems analyst at UUHSC. “Before that, university policy required all network users to have some kind of anti-virus software on their system. Some users were unreliable, however, and often let their virus definition [.DAT] files expire. Others ignored warnings to upgrade to newer software.”
“Next, we instituted a policy that required all users to have McAfee VirusScan Enterprise on their desktops,” says Baird. “That helped ensure that all our users had reliable anti-virus software, but if there were out-of-date .DAT files or any other security issues at the desktop, we had no way of knowing. I couldn’t begin to say how much time and effort it took the IT staff to physically visit machines and manually check them.”
“Stand-alone anti-virus software is only a best-of-intentions solution,” adds Baird. “It’s only a matter of time before a system — and ultimately, the network — is at risk.”
Centralized management of threat protection eases IT administration
UUHSC began using McAfee ePolicy Orchestrator (ePO), to centrally manage McAfee VirusScan Enterprise across its network. From the beginning, ePO facilitated the administration of threat protection across the network.
“With just a glance at the ePO dashboard, I can tell whether systems are at risk, and, within seconds, generate a report that tells me which systems need attention and why,” says Baird. “ePO is easy for me to configure and I can trust that it’s going to do what I tell it to.”
Migration to ePO 4.0 takes only 15 minutes
When ePO 4.0 was released, UUHSC decided to upgrade from version 3.6 to take advantage of improved functionality, such as more flexible reporting capabilities. “The upgrade couldn’t have been easier,” says Baird. “It took all of 15 minutes. We just made sure we had a backup of our database, hit a button, and voilá, everything was working as it should.”
With ePO 4.0, UUHSC can quickly produce useful automated reports and a variety of real-time dashboards that focus on key performance indicators (KPIs). IT administrators can display information via bar, pie, and line charts, and integrate a launch pad of relevant links. It’s also easy to switch between dashboards using tabs.
"Even though we are not using McAfee ePO 4.0 to its full potential yet, the time savings are beyond significant. I only have to spend five minutes a week in the ePO console and, in that five minutes, I accomplish what would probably have taken two or three days for a tech to do manually."Neil Baird
Sr. Client Systems Analyst, University of Utah Health Sciences Center
Dashboards and detailed reporting accelerate IT decision making
Baird frequently uses built-in reports, such as the .DAT deployment report that lists .DAT versions by system, as well as customized reports in ePO 4.0 that help to quickly and easily determine security risk status. “It is extremely easy to customize the pre-packaged reports,” says Baird. “For instance, I refer often to building-specific .DAT deployment reports that I created by modifying the standard reports.”
Other UUHSC IT administrators also rely on ePO 4.0’s user-friendly, real-time dashboards to know which systems need attention. Because ePO is web-based, it is easy to give them access. The dashboards also provide University of Utah’s high-level security team with a reference point to help them gauge the security profile of the Health Sciences network, and compliance data suitable for governing standards, such as HIPAA.
Actionable reporting and task automation save countless additional hours
Two of Baird’s favorite features of ePO 4.0 are actionable reporting and task automation, because they save UUHSC IT an average of 16 hours of labor a week. “In earlier versions of ePO, I could run a report and see which machines were not being updated, but a technician had to physically visit each machine to do something about it,” explains Baird. “Now I can run that same report, and from the same screen, select the machines that are out-of-date and set in motion the appropriate action or actions.”
From the ePO 4.0 console, Baird can even determine the sequence of security management tasks. For example, if a system has out-of-date virus definitions, he can click to have ePO first try to wake up the agent. If that doesn’t work, Baird can reinstall the agent or take other actions.
ePO 4.0 saves days by reducing IT overhead
In the future, as financial resources permit, UUHSC would like to consider adding additional McAfee security risk management solutions, such as McAfee host Intrusion Prevention (Host IPS) and McAfee Endpoint Encryption. UUHSC IT would be able to take advantage of easy installation and management of the new products through ePO. “Even though we are not yet using McAfee ePO 4.0 to its fullest potential, the time savings are beyond significant,” says Baird. “I only have to spend five minutes a week in the ePO console and, in that five minutes, I accomplish what would probably have taken two or three days for a tech to do manually.”