Re: Help me choose antivirus software

[Steve Hillier <securityfocus () mastermindtoys com>]

I'll just comment on everything at once...


On 01/26/2006 09:27 a, Sean Crawford wrote:
> Yup....
> www.nod32.com
> It's the best about IMHO......... 

The centralised updating and configuration management seems to be done
via a network file share. This I can do. I just need to read a little
further to see if users can be locked out of making configuration changes.

The Remote Administrator module for NOD32 seems to be a Windows only
application. Since I have no Windows servers...

However, I do like the memory footprint. I've heard a great deal about
how compact NOD32 is compared to other virus scanners.


On 01/25/2006 09:33 p, Ray Sawyer wrote:
> I use F-Secure. Works great for me and neither clients nor policy server need to be windows. All can be run on Linux.

I'm looking at this one as well. The only thing I'm unsure about is the
fact that the Linux software comes as RPM or Debian packages -- neither
of which I have had much luck with in the past when I try to install
them on my Slackware boxes.

On the plus side, they will work on SuSE -- essentially Novell Open
Enterprise Server -- which I do have in my upgrade plans.


On 01/27/2006 02:42 a, Tinus Janse van Rensburg wrote:
> Hi Steve
>
> You could also look at installing and Gateway Antivirus, Intrusion
> detection, Spyware detection, Contentfiltering )HTTP) Firewall etc
>
> Have a look at www.fortinet.net <http://www.fortinet.net/>

Interesting that you mention this...we already are using one of these
products for our perimeter defence. However, this does not prevent
anyone from loading a virus onto a workstation from non-networked media
(i.e. infected CD-ROM, floppy, USB key, etc.).

I believe this concept is often referred to as "layers" or "zones" of
security.

Sure, we could implement a policy that states all external media needs
to be scanned off-line by a dedicated machine before being used by any
workstation on our network, but enforcing this policy is a different matter.


Please keep the suggestions coming. I'd rather have too many choices
than too few.

sph


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------