What antivirus to use SBS 2008ST R2
|
From: Susan Bradley on 31 Jan 2010 14:41 Cliff Galiher - MVP wrote: > False positives aside, how may *true* positives have your *server* > products caught? Remember, we're not talking about the client machines > here, but the server itself. > > ...for the record, I'm not ready to abandon AV on the server yet > either, but I see Susan's point. They are heavy-handed, WAAAAYYYY too > resource intensive for the amount of security they provide, bloated, a > PITA to manage, did I mention resource intensive?, generally > ineffective (google hack?), and rarely, if ever, catch something that > wouldn't otherwise be caught by the free MS malicious software removal > tool. > > In short, a zero-day exploit like the google hack slides right by an > AV product, and keeping your server patched and avoiding bad habits > (browsing etc) avoids *most* of the rest of the issues. For me, it is > an old habit to break and I'm not *quite* ready to let go of my safety > blankets yet....but I see a very real argument to be made here and I'm > not far from being convinced... > > -Cliff > > > "Leythos" <spam999free(a)rrohio.com> wrote in message > news:MPG.25cf6961caad8ac898a0e9(a)us.news.astraweb.com... >> In article <uYjJU2goKHA.5328(a)TK2MSFTNGP04.phx.gbl>, >> russ(a)REMOVETHIS.sbits.biz says... >>> I don't get any false Positives? >>> >> >> I've been using Symantec Corporate Edition on servers and workstations >> since version 6, never had a false positive, but, with version >> 10.0.something I did have it corrupt a random user profile, say 1 out of >> 100 profiles about once every 2 months.... It took them about 4 months >> to fix it, but going back to a previous release removed the problem. >> >> I've stopped using Symantec Corporate Edition and use Avira now, still >> no false positives. >> >> -- >> You can't trust your best friends, your five senses, only the little >> voice inside you that most civilians don't even hear -- Listen to that. >> Trust yourself. >> spam999free(a)rrohio.com (remove 999 for proper email address) > If you put the scanning in the cloud in front of the server, exactly what is the antivirus on the server doing other than making your life miserable at times?
From: Russ - SBITS.Biz on 31 Jan 2010 15:51 Well last month it saved a clients @#$# When he connected a USB to the Server and Decided to Move files from the External USB Drive... He complained that he couldn't copy a file. when I checked It turned out that the "File" was a Virus and Trend Stopped it... So yes. IMO it still has a purpose Russ -- Russell Grover - SBITS.Biz Microsoft Gold Certified Partner Microsoft Certified Small Business Specialist World Wide 24hr SBS Remote Support - http://www.SBITS.Biz "Susan Bradley" wrote: > Cliff Galiher - MVP wrote: > > False positives aside, how may *true* positives have your *server* > > products caught? Remember, we're not talking about the client machines > > here, but the server itself. > > > > ...for the record, I'm not ready to abandon AV on the server yet > > either, but I see Susan's point. They are heavy-handed, WAAAAYYYY too > > resource intensive for the amount of security they provide, bloated, a > > PITA to manage, did I mention resource intensive?, generally > > ineffective (google hack?), and rarely, if ever, catch something that > > wouldn't otherwise be caught by the free MS malicious software removal > > tool. > > > > In short, a zero-day exploit like the google hack slides right by an > > AV product, and keeping your server patched and avoiding bad habits > > (browsing etc) avoids *most* of the rest of the issues. For me, it is > > an old habit to break and I'm not *quite* ready to let go of my safety > > blankets yet....but I see a very real argument to be made here and I'm > > not far from being convinced... > > > > -Cliff > > > > > > "Leythos" <spam999free(a)rrohio.com> wrote in message > > news:MPG.25cf6961caad8ac898a0e9(a)us.news.astraweb.com... > >> In article <uYjJU2goKHA.5328(a)TK2MSFTNGP04.phx.gbl>, > >> russ(a)REMOVETHIS.sbits.biz says... > >>> I don't get any false Positives? > >>> > >> > >> I've been using Symantec Corporate Edition on servers and workstations > >> since version 6, never had a false positive, but, with version > >> 10.0.something I did have it corrupt a random user profile, say 1 out of > >> 100 profiles about once every 2 months.... It took them about 4 months > >> to fix it, but going back to a previous release removed the problem. > >> > >> I've stopped using Symantec Corporate Edition and use Avira now, still > >> no false positives. > >> > >> -- > >> You can't trust your best friends, your five senses, only the little > >> voice inside you that most civilians don't even hear -- Listen to that. > >> Trust yourself. > >> spam999free(a)rrohio.com (remove 999 for proper email address) > > > If you put the scanning in the cloud in front of the server, exactly > what is the antivirus on the server doing other than making your life > miserable at times? > . >
From: Russ - SBITS.Biz on 31 Jan 2010 15:53 I think all AV's have problems They all have Pro's and Con's Use what you feel confortable with IMO (Something is better than Nothing in most cases.) Unless it's McAfee (Sorry I don't like it at all LOL) Russ -- Russell Grover - SBITS.Biz Microsoft Gold Certified Partner Microsoft Certified Small Business Specialist World Wide 24hr SBS Remote Support - http://www.SBITS.Biz "Susan Bradley" wrote: > Leythos wrote: > > In article <u39aMZSoKHA.1548(a)TK2MSFTNGP02.phx.gbl>, sbradcpa(a)pacbell.net > > says... > > > >> Ronald wrote: > >> > >>> Hello > >>> > >>> What antivirus application do you suggest for SBS 2008 R2 - a single server > >>> licsence is needed. > >>> > >>> Thanks! > >>> > >>> > >>> > >> None. > >> > >> Seriously. > >> > >> Protect the workstations, but I'm seriously questioning the value of > >> antivirus on a server due to the risk of false positives and how heavy > >> handed all of them are these days. > >> > > > > I would rather rely on backups and AV than to have no AV protection at > > the server memory and file level. > > > > > A backup does not fix the issue where antivirus vendors are installing > firewalls and causing network traffic to come to a halt, or the issue > where the Exchange aware a/v is shutting down email after a week and > causing issues. > > Symantec is not without it's past issues as well. > . >
From: Leythos on 31 Jan 2010 19:12 In article <72ABA7A1-C1DF-4B68-B08B-4A50AA12DFDE(a)microsoft.com>, cgaliher(a)gmail.com says... > > False positives aside, how may *true* positives have your *server* products > caught? Remember, we're not talking about the client machines here, but the > server itself. > The only time we've had a server positive is on unmanaged networks where the clients don't have a proper firewall. It's always a previously undetected malware on a users folders. Couple dozen times. On our managed networks we've never even had a workstation compromised, and we check once a quarter/half with multiple other products in case something has been missed by the corporate av vendors. -- You can't trust your best friends, your five senses, only the little voice inside you that most civilians don't even hear -- Listen to that. Trust yourself. spam999free(a)rrohio.com (remove 999 for proper email address)
From: Leythos on 31 Jan 2010 19:13
In article <#BAmn1qoKHA.4044(a)TK2MSFTNGP06.phx.gbl>, sbradcpa(a)pacbell.net says... > If you put the scanning in the cloud in front of the server, exactly > what is the antivirus on the server doing other than making your life > miserable at times? > Things get in, it happens, and sometimes they are not caught by the workstation AV product - the server AV product scans everything, profiles, my-documents, etc... -- You can't trust your best friends, your five senses, only the little voice inside you that most civilians don't even hear -- Listen to that. Trust yourself. spam999free(a)rrohio.com (remove 999 for proper email address) |