AnimeSuki Forums

Register Forum Rules FAQ Members List Social Groups Search Today's Posts Mark Forums Read

Go Back   AnimeSuki Forum > AnimeSuki & Technology > Tech Support

Notices

Reply
 
Thread Tools
Old 2007-11-30, 00:35   Link #1
Tiberium Wolf
Senior Member
 
 
Join Date: Dec 2004
Location: Portugal
Age: 34
Recomend Antivirus for Business

For example: a company with 80 PC and some servers. (all with MS OSs)

Which antivirus or protection suite would you recommend? I know that for 80 or so licenses it won't come cheap. Unless (don't know if its possible) you put only antivirus in the server that provides net but then the other pcs in the lan would get infected if an user bring something outside.

Well since we have some IT ppl here I wanted to know your opinion.
__________________
Tiberium Wolf is offline   Reply With Quote
Old 2007-11-30, 01:07   Link #2
grey_moon
Yummy, sweet and unyuu!!!
 
 
Join Date: Dec 2004
Quote:
Originally Posted by Tiberium Wolf View Post
For example: a company with 80 PC and some servers. (all with MS OSs)

Which antivirus or protection suite would you recommend? I know that for 80 or so licenses it won't come cheap. Unless (don't know if its possible) you put only antivirus in the server that provides net but then the other pcs in the lan would get infected if an user bring something outside.

Well since we have some IT ppl here I wanted to know your opinion.
*Scratches head*

The 2 main things I would look out for are:


How good is the basic scanner
Is the engine any good on the reviews and does it get frequent updates that have a low known false positives history. Does the scanner cover spyware? Does it employ other practices such as file auditing or white listing.

How good is the suite in terms of central management
Can the updates be moved to an internal source? Why kill your internet connection 80 times when you could download it once and should test it before rolling out. Does it do centralised warning? Lots of bad things can be mitigated by yanking an affected box before it infects others. Does it integrate well into your existing network? Thinking about hooking into the domain or if you really have a pew pew network like that Cisco self defending stuff.

Even though I have experience with McAFee and it scores well on the whole centralised management thing, it has a bad history of false positives.

*Edit*
Centralised scanning can be done via Samba (or any other MS share tech I guess), but the problem is the registry isn't loaded and that won't get scanned.
__________________
grey_moon is offline   Reply With Quote
Old 2007-11-30, 03:02   Link #3
Ledgem
Love Yourself
 
 
Join Date: Mar 2003
Location: Northeast USA
Age: 28
With 80 PCs, I'd think it'd be best to go with a relatively cheap virus scanner, focus more on network security, and have a server that reloads a disk image to the computers to ensure that they're clean and fully functional every X number of hours. That requires some extra infrastructure, and the users would need to get used to the idea that the desktop isn't a good place to store their files (depending on how you set it all up)...

Our university uses Symantec Corporate Edition. Not sure about the costs, but it seems to work well enough.
__________________
Ledgem is offline   Reply With Quote
Old 2007-11-30, 04:00   Link #4
Phantom-Takaya
INTJ
*IT Support
 
 
Join Date: Feb 2007
Location: Alaska
Age: 31
Send a message via AIM to Phantom-Takaya Send a message via MSN to Phantom-Takaya Send a message via Yahoo to Phantom-Takaya
Symantec Corporate Edition varies in price due to the amount of users. The last time I checked, the unlimited subscription is $3,000 plus. It checks and scans the client and server computers periodically, and I have yet to see a limit on the amount of computers that the software can be installed for that high of a price. The catch is if you wish to upgrade the software to the next version up, you'd need to shell out another $3,000 plus.

You can also look into Kaspersky's server-client anti-virus software. The price may be higher, but it's due to the fact that the quality of their product tends to be higher.

Ledgem is right about the fact that you should worry more about your security than anti-virus protection. The anti-virus is your defense upon the entry ONCE it bypasses the firewall. In order to ensure that not just anything gets passed the firewall unless permitted, you should look into the different types of firewall software out there for your clients and possibly server.

The server tends to be different issue when it comes to firewalls, considering the purpose the server serves. If it's running a database and sharing files, printers, etc, as well as hosting the internal website and/or the server acts as a DHCP host for the rest of the network, then it would be best to look for a firewall specifically designed for a server so you don't have to walk to the server every other second or minute to permit a local IP to connect to the server, or so on and so forth.

This isn't an easy task. Choosing carefully and wisely takes a lot of time and research.
__________________
"Even in a crowd, I was always alone." - Ernest Hemmingway
"God asks no man whether he will accept life. That is not the choice. You must take it. The only choice is how." - Henry Ward Beecher
Friend: "Evidence that you guys are made of epic win." Me: "That wasn't my goal. My goal is chaos, fear and...eggs."
Phantom-Takaya is offline   Reply With Quote
Old 2007-11-30, 08:27   Link #5
SeijiSensei
AS Oji-kun
 
 
Join Date: Nov 2006
Location: Mucking about
Age: 64
Let me add my voice to those saying that desktop antivirus should be your last line of defense.

The principal vector for viruses in most companies is e-mail. That's why my first investment would be building an email scanner. I've used the combination of ClamAV for virus scanning and SpamAssassin for spam stomping for years now. To manage these tasks I prefer the application known as MailScanner. Build a basic Linux server, install the pre-compiled binaries for all three programs from the MailScanner site, then have it sit between the inbound mail source and the mailbox server (or put the mailboxes on this box).

Next, I often use a combination of squid with iptables configured for transparent proxying to limit web traffic. At most sites I work with we routinely block .exe's, for instance, so that someone can't download that nude Britney video that turns out to be malware. You can even add a plugin to squid that will force it to scan all downloads, or certain types of downloads, with ClamAV as they arrive. You'd need a pretty fast box to handle the load of 80 machines if you go this route.

At the desktop I have clients that use McAfee, Norton, and F-Prot. Expect to spend something like $10-20/desktop/year for this software. This is actually not much money if you consider the costs of cleaning up after a virus/spyware outbreak in your company. The cost in lost productivity and IT support time in such situations will quickly exceed the cost of the antivirus software. Also, grey_moon's comments about central management are spot on.

Laptops pose another complicated threat. You just don't know where those puppies have been. One solution is to put all the laptops on a separate, firewalled subnet with very limited access to those services needed for work. Letting random laptops as peers onto the same network with your nice, clean desktop machines can be a recipe for disaster. If the mobile folks like salespeople need to use mail, web, a fileserver, and a database server while in the office, put them behind a firewall that only passes those ports. The laptop users won't like this if they're used to snatching files off other people's machines with Windows networking rather than using a central server, but why are you using peer-to-peer filesharing technologies when you should have a well-managed central server for that task instead?

I no longer have any experience with Windows antivirus since all our desktop machines run Linux. In fact, I'd say the best antivirus solution for Windows desktops is converting them to Linux or buying Macs .

Last edited by SeijiSensei; 2007-11-30 at 08:39.
SeijiSensei is online now   Reply With Quote
Old 2007-11-30, 12:42   Link #6
grey_moon
Yummy, sweet and unyuu!!!
 
 
Join Date: Dec 2004
Ooo great points especially highlighting the last line of defence issue*.

Going off topic, but if you are allowed to think outside of the box then solutions such as Deep Freeze which reverts all changes back to frozen point on boot is good if you are allowed to be really restrictive to the user. Or some form of imaging solution which allows you to dump the OS back on to the box with minimum down time is good too**. Both only work well if user data is stored on a server.

*I of course think that the best point was made by SeijiSensei on the last line of his post

**Ledgem mentions re-imaging every x hours which is a very good idea in terms of security, but you can also consider for just a quick method of re-installing a box, which helps mitigate some of the cost of recovery that SeijiSensei mentions
__________________
grey_moon is offline   Reply With Quote
Old 2007-11-30, 14:38   Link #7
Tiberium Wolf
Senior Member
 
 
Join Date: Dec 2004
Location: Portugal
Age: 34
Oh! Nice points even thou I asked only about AV. Off to do some reseach in google.
__________________
Tiberium Wolf is offline   Reply With Quote
Old 2007-11-30, 17:06   Link #8
arcadeplayer987
Senior Member
 
Join Date: Apr 2007
Avast is free and very good, I saw a comparison review between Avast and AVG and the conclusion was that Avast is better overall
__________________

www.arcadebuilder.net - The Best Arcade Script. Own your own arcade website today
arcadeplayer987 is offline   Reply With Quote
Old 2007-11-30, 19:15   Link #9
Tiberium Wolf
Senior Member
 
 
Join Date: Dec 2004
Location: Portugal
Age: 34
Free if it's for home use. For business you need to have a paid version else the company will be fined if the inspection comes by
__________________
Tiberium Wolf is offline   Reply With Quote
Old 2007-12-01, 00:03   Link #10
Epyon9283
Geek
 
 
Join Date: Dec 2005
Location: New Jersey
Age: 30
Send a message via ICQ to Epyon9283 Send a message via AIM to Epyon9283
I only have experience managing AVG in a corporate environment. Its decent. Centrally managed updates, you can get reports of who's scan turned up what. It was also cheaper than some other alternatives.
Epyon9283 is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 00:24.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
We use Silk.