We've had a couple of events both this year and last year where it just didn't seem to catch ransomware, which is impossible to do if someone has hands-on with the system. There were some things that they had or used to have or don't have that I still haven't figured out called journaling. And it was supposed to be a way to roll back changes that were made. However, they're telling me they don't have that. That's not in the system. It’s my understanding that it doesn’t actually scan any files at all. They just look at their database of files they've scanned previously, and either it matches or doesn't. That might be where the shortcoming is, is that it just can't stay up-to-date fast enough to stop new things that are coming in. It's an after-the-fact anti-virus. It doesn't do anything proactive. The virus has to hit the machine before it detects it. There is one thing that is deplorable with the product that I would change as soon as I found a better one. However, the reports are worthless. You go and look at a scan report and cannot get a log of machines. I can log into a console and see the files were scanned every day at 2:00 AM, and they all passed green or something was detected and removed. However, you have to go to the console. I don't have anything that I can send to my client on reports. What they give you is a bunch of bar graphs with no details. You can't drill down. It'll say two infections. However, it doesn't tell you what machines. You've just really got several different reports, and they're all just a bunch of graphs and wasted paper. There's nothing really substantial. The reports that I can use for client-facing, once a month, to say, "Here, we scanned all these workstations. Here are our results," don’t exist. They've got fake reports. I've screamed about that for years, and they just won't do anything. Therefore, I created my own little up-to-date or not ask fail-type report. I send that to them in place of a report directly from a product.
