pcdoc

WHS 2011 and Antivirus

139 posts in this topic

Sometimes there are things that just do work well together. Existing antivirus programs and WHS are two of those things. First I tried AVG which claims to be 2008R2 compatible (and works fine on my 2008 R2) which I installed. Every time I installed it I would loose the media library via remote aceess. Remove it and all is well. Next I tried NOD32 which is alos a server 2008R2 program. This times I lost my picture library, and it completely hosed my installation of WHS 2011. I could not uninstall and it completely locked the system. When I rebooted the install was corrupt and would not let me run the install program. The silver lining is the in windows system recovery in WHS 2011 is absolutely awesome and restored my configuration back to yesterday in about 12 mins. The only thing I lost was the couple of hours I spent this morning creating a bunch of shares. The moral of the story is stay away from AV programs for WHS 2011 until they give us one that is made for it.

Share this post


Link to post
Share on other sites

What about Security Essentials? Didn't they make it compatible with 2008R2?

Share this post


Link to post
Share on other sites

With all the hoopla around DE and the new DE add-ins...I totally forgot about AV. Will do some testing on MSE right now!

 

5 minutes later....well that was easy. I get the "this version does not support this OS" message. Will have to figure a way to hack it on. Bummer.

Share this post


Link to post
Share on other sites

5 minutes later....well that was easy. I get the "this version does not support this OS" message. Will have to figure a way to hack it on. Bummer.

 

When I get a chance, I'll try to install the Forefront Endpoint Protection 2010 client and see how that works out. I've installed that stand-alone w/o the server on some of my test and demo VMs running 2008 R2. Not sure how this would really help in a production scenario, however.

Share this post


Link to post
Share on other sites

When I get a chance, I'll try to install the Forefront Endpoint Protection 2010 client and see how that works out. I've installed that stand-alone w/o the server on some of my test and demo VMs running 2008 R2. Not sure how this would really help in a production scenario, however.

 

 

I saw that but was not sure that it would be good for a standalone server.

 

Jim,

 

Got the same message. Actualy that was the second one I tried. There is not much out there.

Share this post


Link to post
Share on other sites

ClamAV. Works well on my WHS2011 box. Not going to try and claim how effective it is, but it is low-resource and causes no problems.

Share this post


Link to post
Share on other sites

ClamAV. Works well on my WHS2011 box. Not going to try and claim how effective it is, but it is low-resource and causes no problems.

 

 

Great to know, I may try it. Did get an email from AVG and they are going to release a WHS 2011 version but they would not commit to a date. Thanks for the information.

Share this post


Link to post
Share on other sites

Same song, second verse...seems like I have been here before? Oh wait...I have! Bummer

Share this post


Link to post
Share on other sites

With SBS 2011 out the door, you'd think that the A/V companies would be crawling over themselves fighting to get marketshare in this new arena.

Why aren't we seeing new A/V products that support the new server arch?

And with DE out of the picture, there's no excuse for the A/V companies to exclude Home Server either.

Drat!

While ClamAV is OK, it doesn't offer realtime scanning.

Share this post


Link to post
Share on other sites

Maybe we need to give it just a couple more weeks? I will keep my eyes open!

Share this post


Link to post
Share on other sites

I know we've discussed this ad nauseum with WHSv1, but I'm still in the camp that says I don't need - or want - additional real time scanning and it's overhead on a file server when my workstations already do this. The concern is more with malware embedded into websites these days anyway, and hopefully most people aren't using their WHS as a web-surfing machine...

Share this post


Link to post
Share on other sites

You are right we have discussed this allot however I still believe it is important for two reasons. First, remote access espcially if you have write access. I access my sever from work all time to transfer files and would prefer not to attach anything that does not below. Work AV is good but because of size therer is always one threat or another. Secondly, in the last year, I have the server detect 3 separte files that where infected. So at that point I became a believer. Theoritically that should not happen but it did. Everyone needs to find a strategy that works for them but for me, I want the extra protection. Call me paranoid.

Share this post


Link to post
Share on other sites

Good Morning All,

 

I have read this thread and currently testing Symantec Endpoint Protection (version 11.0.5002.333). So far the installation was smooth with no errors. I will be testing this out this weekend and part of next week. I will post my results to the thread.

Share this post


Link to post
Share on other sites

Good Morning All,

 

I have read this thread and currently testing Symantec Endpoint Protection (version 11.0.5002.333). So far the installation was smooth with no errors. I will be testing this out this weekend and part of next week. I will post my results to the thread.

 

 

Very interested in your results. Looked at it briefly and it seem a bit confusing as well as designed to protect not only your server but all you clients as well. The concept is cool so let us know what you think.

Share this post


Link to post
Share on other sites

If you have anything that downloads metadata on your server then you need AV.

Share this post


Link to post
Share on other sites

Day one with Symantec Endpoint Protection (version 11.0.5002.333) and all seems to be working fine. I checked WHS 2011 and no errors. I have setup Symantec Endpoint Protection (version 11.0.5002.333) to scan all hard drives and no errors. I was able to get Symantec Endpoint Protection (version 11.0.5002.333) from the university I attended. Although there is no addon for Symantec i don't mind as long as it is doing the job.

Edited by PCEddie

Share this post


Link to post
Share on other sites

If you have anything that downloads metadata on your server then you need AV.

 

If it goes past your default gateway into the great world wide web it goes without saying it should have an AV. Otherwise your just burning cpu cycles to dbl chk the data. Nothing wrong with it, but...just sayin'

Share this post


Link to post
Share on other sites

What about Security Essentials? Didn't they make it compatible with 2008R2?

 

 

I just installed Windows Server 2008r2 Enterprise on a test computer and installed Microsoft Security Essentials. It did install with no problems and currently running it for a few days to see how it works. I did not receive any errors during the install. Although WHS 2011 is based on Windows Server 2008r2 there are some differences in what software can be installed on each OS. I hope Microsoft will update Security Essentials to install on WHS 2011 and Windows Small Business Server 2011 Essentials.

Share this post


Link to post
Share on other sites

Day one with Symantec Endpoint Protection (version 11.0.5002.333) and all seems to be working fine. I checked WHS 2011 and no errors. I have setup Symantec Endpoint Protection (version 11.0.5002.333) to scan all hard drives and no errors. I was able to get Symantec Endpoint Protection (version 11.0.5002.333) from the university I attended. Although there is no addon for Symantec i don't mind as long as it is doing the job.

 

I have tested Symantec Endpoint Protection (version 11.0.5002.333) this week and did not run into any issues. I had setup Symantec Endpoint Protection to auto update daily and scan all hard drives daily. I had put some test date on a hard drive which Symantec Endpoint Protection was able to scan with no issues. I will use this AV software on my WHS 2011 build until Microsoft updates Microsoft Security Essentials to run in WHS 2011 and SBS 2011.

Share this post


Link to post
Share on other sites

I have tested Symantec Endpoint Protection (version 11.0.5002.333) this week and did not run into any issues. I had setup Symantec Endpoint Protection to auto update daily and scan all hard drives daily. I had put some test date on a hard drive which Symantec Endpoint Protection was able to scan with no issues. I will use this AV software on my WHS 2011 build until Microsoft updates Microsoft Security Essentials to run in WHS 2011 and SBS 2011.

 

No impact to accessing you media library from remote access? I have seen this is a problem with a couple of packages.

Share this post


Link to post
Share on other sites

Was that the business edition of Nod32 you tried?

 

Strange that it has a problem with 2011.. I've installed it on a couple hundred machines without so much as a hiccup..

 

Though I've not tested it on 2011, I'm running it on my 2008r2 box along with the Eset Remote Administration as a management back end..

Share this post


Link to post
Share on other sites

No impact to accessing you media library from remote access? I have seen this is a problem with a couple of packages.

 

Good Morning PC Doc,

 

I used LogMeIn to access WHS 2011 RC and did not have any issues. I did not try to access the media library. I will mainly use this WHS as a file and backup server.

Share this post


Link to post
Share on other sites

I'd be very interested to hear of any potential issues from having Symantec Endpoint Protection installed on WHS, especially for remote access. I have SEP 11 update 6 installed on all my client machines (my work gives us all home-use licenses), but I've been hesitant to install it on my WHSv1 because of the integrated firewall. I didn't want to lose access to the server after install.

If all goes well on PCEddie's install, I may well ditch WHSClamAV for it.

I've been testing the WHS Phone for Android add-in and I'm liking it. I'd hate for a decent AV product to break the remote access features.

 

Has anyone tested M$ Forefront security?

This page doesn't list ANY WHS versions as compatible, although it does list 2003 server and 2008 server (& R2).

 

<goes off to play in VM...>

Edited by Mr_Smartepants

Share this post


Link to post
Share on other sites

Was that the business edition of Nod32 you tried?

 

Strange that it has a problem with 2011.. I've installed it on a couple hundred machines without so much as a hiccup..

 

Though I've not tested it on 2011, I'm running it on my 2008r2 box along with the Eset Remote Administration as a management back end..

 

Yes, the issue is not server 2008 as much as the media library accessed remotely. It is in their forums as well. It seems to affect several different ones but only as it relates to that. On the 2k8R2 no problem.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now