Security Basics mailing list archives
RE: Why NOT to disable Real Time Antivirus on Servers
From: "Anton Muthu Kumar B (InfoSec) - CTD, Chennai" <antonmk () hcltech com>
Date: Thu, 3 Nov 2005 12:20:10 +0530
Hi George, If the character of the virus is only to be multiplied, then having real time protection enabled could introduce marginal performance degradation. But practically, viruses are basically meant not only for multiplication but they are introduced with destructive intent which would make the server crash or some times Denial Of Service. When the Server is un-available what will be the role of performance? Thanks & Regards Anton DISCLAIMER This message and any attachment(s) contained here are information that is confidential, proprietary to HCL Technologies and its customers. Contents may be privileged or otherwise protected by law. The information is solely intended for the individual or the entity it is addressed to. If you are not the intended recipient of this message, you are not authorized to read, forward, print, retain, copy or disseminate this message or any part of it. If you have received this e-mail in error, please notify the sender immediately by return e-mail and delete it from your computer. -----Original Message----- From: george.peek () gmx net [mailto:george.peek () gmx net] Sent: Wednesday, November 02, 2005 11:04 PM To: security-basics () securityfocus com Subject: Why NOT to disable Real Time Antivirus on Servers Greetings, An Engineer and I are having an argument about keeping Real Time Antivirus disabled on servers. His point is keeping Real Time Antivirus Enabled on servers such as the Exchange Server takes a huge performance hit on the server. My argument is that keeping real time antivirus software disabled defeats the purpose of PREVENTING a server from being infected in the first place. Once it is infected, it is all too late already. The antivirus software is enabled on the workstations. He argues that since all of the workstations have the antivirus enabled, then there is no way for the virus to get in. Mine argument that a virus can still get in through other means. I need examples and case studies to refer to. I would like to find different case studies or scenarios where the real time antivirus was disabled on the servers, enabled on the PCs, and the company still got infected. Also, would like to find solutions to enabling real time scan and stream lining it so it does not affect the Exchange Server as bad. Would someone point me in the right direction or post potential case studies. Please post or email me. George.peek () gmx net Thank You
Current thread:
- Re: Why NOT to disable Real Time Antivirus on Servers, (continued)
- Re: Why NOT to disable Real Time Antivirus on Servers Thierry Zoller (Nov 03)
- Re: Why NOT to disable Real Time Antivirus on Servers Paul Wolstenholme (Nov 04)
- Re: Why NOT to disable Real Time Antivirus on Servers Micheal Espinola Jr (Nov 04)
- Re: Why NOT to disable Real Time Antivirus on Servers Brian Loe (Nov 03)
- Re: Why NOT to disable Real Time Antivirus on Servers RCS (Nov 03)
- Re: Why NOT to disable Real Time Antivirus on Servers Kenton Smith (Nov 03)
- Re: Why NOT to disable Real Time Antivirus on Servers tombrown (Nov 03)
- Re: Why NOT to disable Real Time Antivirus on Servers edizzle56 (Nov 03)
- RE: Why NOT to disable Real Time Antivirus on Servers Corey Watts-Jones (Nov 04)
- Re: Why NOT to disable Real Time Antivirus on Servers Micheal Espinola Jr (Nov 04)
- RE: Why NOT to disable Real Time Antivirus on Servers Anton Muthu Kumar B (InfoSec) - CTD, Chennai (Nov 03)
- RE: Why NOT to disable Real Time Antivirus on Servers Kirk Brady (Nov 03)
- RE: Why NOT to disable Real Time Antivirus on Servers Nick Duda (Nov 03)
- RE: Why NOT to disable Real Time Antivirus on Servers Steven Jones (Nov 03)
- Re: Why NOT to disable Real Time Antivirus on Servers THAVEEWAT VASAVAKUL (Nov 03)
- Re: Why NOT to disable Real Time Antivirus on Servers barcajax (Nov 03)
- RE: Why NOT to disable Real Time Antivirus on Servers Herbold, John W. (Nov 03)
- RE: Why NOT to disable Real Time Antivirus on Servers Steven Jones (Nov 04)
- Message not available
- RE: Why NOT to disable Real Time Antivirus on Servers Pranav Lal (Nov 07)
- Message not available
- Re: Why NOT to disable Real Time Antivirus on Servers Thierry Zoller (Nov 03)
- Re: Re: Why NOT to disable Real Time Antivirus on Servers Warren V Camp (Nov 04)
- RE: Why NOT to disable Real Time Antivirus on Servers Dunigan, Michael (Nov 04)