Re: Migrating Anti Virus Software
Do you have a single AV console to manage all the hosts in your environment? Or are you just installing AV independently on each endpoint?
I presume you have tested the new AV on some systems to ensure it's not going to do something stupid like quarantine Word throughout your enterprise .
If it were me I would have a weekend change window. One day I would rip out all existing AV. Then once I've confirmed it's completely out of my environment I'd install the new one everywhere. have a script that would do the same on endpoints that were offline during the change.
Problems ensue generally when you've got a few AVs on one box. They tend to conflict and/or quarantine each other.
I hope you're not solely relying on AV to prevent infections. Anyway it's simple to test that AV is installed with an EICAR. Any AV will have an EICAR you can run on a random sampling of endpoints when you're done. Or build it into the deployment script.
My concern is on the virus spread if the installation of new AV if unsuccessful.