In his 2014 44CON presentation Joxean Koret describes as a better approach to ensure that your AV product is running in as isolated environment as possible, rather than being integrated with other business-critical functions. If your AV falls to an attacker, it shouldn’t automatically mean the rest of the network falls with it. Of course this increases the cost, so is not ideal for many smaller businesses.
More information is detailed in his presentation here – http://joxeankoret.com/download/breaking_av_software_44con.pdf