In our environment we are running LDMS 2016.3 with Kaspersky Antivirus. All of our endpoints have Kaspersky antivirus installed and we recently purchased Cisco AMP for Endpoints malware protection. The AMP connector is a small lightweight application that has a CLAM AV piece that handles the quarantine part of the malware protection. From my understanding of Kaspersky's installation, there are numerous pieces of protection software that cause the install to halt and fail. So, with that being said, if the LD agent and AV are installed before the AMP connector, everything is golden. However, if there is something wrong or we need to reinstall the LD agent and AV, we have to first uninstall the AMP connector then proceed and after LD agent is installed, re-install the AMP connector. This is a huge issue if the agent gets hosed up and the agent health bootstrap tries to reinstall pieces or we initiate a task to reinstall the agent or parts of the AV because it will fail.
Any suggestions or advice is welcome.