Re: Anyone using AV, Spam, & content filtering devices?

On Thu, 19 Apr 2007 18:56:01 +0100, Andrew Hodgson wrote:

On Mon, 16 Apr 2007 08:18:02 -0500, Leythos <Void@xxxxxxxxxxx> wrote:

On Mon, 16 Apr 2007 06:10:55 -0700, Gary V. wrote:

I know I am not going to stop using trend this is just
a what if. If the one device could stop "all" incoming then why have
it on the server. I guess would still need away to clean a virus if/
when it gets to the server. Anyways

You need to understand that AV solutions are "reactionary" for the most
part.

Removing content before it reaches your network is not reactionary, but it
is not a 100% reliable method - as an example, I can remove all EXE files
and depending on the solution a person could email an EX_ file and then
the idiot on the lan could save and rename it to EXE and you could be
compromised.

Urm, if your appliance based solution allows this then it is
worthless. The system I believe is being talked about in the op's
message was some type of appliance with a disk, running an antivirus
system etc. For example, I run Sophos suite on our box, Sophos AV on
the workstations, but ClamAV on the appliance based solution in front
of the SBS. ClamAV is very good at getting fishing attacks, whereas
Sophos catches some bits that ClamAV doesn't touch.

You don't seem to get the big picture, the firewall with proxy services
that removes possible malware based on content type IS a good method - it
means that content will not reach the network where it can impact the
network.

The firewall solution IS NOT THE ONLY PART - I use Symantec Corp 10 for
W/S on all nodes and GFI Mail Sec/Ess on all exchange servers, but, I have
always blocked as much as I can BEFORE IT REACHES THE NETWORK and it has
served our clients quite well.

No sane person would base a solution around a single means of protection,
even more so when they have serious holes, but, you should be looking at
multiple paths/methods to protect your clients. The firewall is just one
more way to protect them.



--

Leythos

Igitur qui desiderat pacem, praeparet bellum.

spam999free@xxxxxxxxxx (remove 999 for proper email address)
.

Relevant Pages

  • Re: Firewalls
    ... To enable or disable Internet Connection Firewall ... Open Network Connections ... protect, and then, under Network Tasks, click Change settings of this ...
    (microsoft.public.windowsxp.security_admin)
  • [fw-wiz] State of security technology for the enterprise
    ... enterprise network. ... Content filtering on the firewall ... VMWARE/Hypervisor sensors to protect my virtual infrastructure ...
    (Firewall-Wizards)
  • Re: Need Norton Personal Firewall w/XP Home?
    ... > double-click Network Connections. ... > settings of this connection. ... > On the Advanced tab, under Internet Connection Firewall, select ... > the Protect my computer and network by limiting or preventing ...
    (microsoft.public.windowsxp.general)
  • Re: SBS2003 Firewall Group Policy
    ... > In an SBS network, the Windows firewall is not protecting you from outside ... Just as I do not need the government to protect me from myself, ... GPOs, RIS, etc, the advantages of the firewall are apparent. ... > called Small Business Server Windows Firewall. ...
    (microsoft.public.backoffice.smallbiz2000)
  • Re: SBS2003 Firewall Group Policy
    ... You do have the choice but I am a small business owner with industry specific software and having my workstations be part of the security of my network... ... Just as I do not need the government to protect me from myself, I do not need Microsoft to protect users from themselves. ... I wish Microsoft would understand the former concept and give us the choice of implementing the firewall or not, ...
    (microsoft.public.backoffice.smallbiz2000)