Jump to content
jantanik

What is the best antivirus?

Recommended Posts

msawyer91

I feel better having at least some antivirus on the server, mainly because I enable Remote Access. It is true that it is a bad practice to use the server as a general web browsing box. You're asking for nothing but trouble if you do. If you need to download an add-in or something you'd like on the server, you're best off getting that from one of the client PCs that has AV protection, and then copying it to the server.

 

If you must do browsing on the server, install Google Chrome or Firefox. IE is a horrible browser and full of vulnerabilities. Chrome and FF are a lot less susceptible to malware--I won't say they're immune, just less susceptible.

 

But, my desire to have some type of AV on the server comes from Remote Access, which uses IIS. Since Microsoft is notorious for buffer overrun and similar vulnerabilities, I'd hate for there to be a vulnerability in IIS 7 that's exposed to the public Internet without having a second line of defense (AV software) to protect me if that vulnerability is exploited. Most of the time when Microsoft releases a security patch, the description just says something like, "A security vulnerability has been identified that can allow an unauthenticated remote attacker to compromise your system and gain control over it." Sometimes this pertains to an Office application, but oftentimes it's Windows itself. Microsoft usually doesn't get too specific about exactly where the vulnerability lies, lest every malicious coder out there would be trying to exploit it before folks patch it.

 

Security is everyone's responsibility, including mine. And I'd like my server--and all the computers in my house--to be as secure as I can reasonably make them.

Share this post


Link to post
Share on other sites
pcdoc

I am a bit different (I know that is not unusual). I use Norton's Internet Security on all 8 clients and run the new AVG File Server version 2012 ($39) on my WHS 2011 and Server 2008R2. To cap things off and complete the package I use Kaspersky on my Untangle box. My main reason for AV on the WHS is past history. I have found a couple of files that where contaminated from years ago which would have not bee discovered had it not been for server based AV. Personally it gives me peace of mind.

Share this post


Link to post
Share on other sites
ikon

I am a bit different (I know that is not unusual). I use Norton's Internet Security on all 8 clients and run the new AVG File Server version 2012 ($39) on my WHS 2011 and Server 2008R2. To cap things off and complete the package I use Kaspersky on my Untangle box. My main reason for AV on the WHS is past history. I have found a couple of files that where contaminated from years ago which would have not bee discovered had it not been for server based AV. Personally it gives me peace of mind.

 

In a way, you're running much like many corporations do; many run AV on their servers not so much to protect the servers themselves, but rather to detect malware being stored on the servers that came from client computers. The stored malware isn't a threat to the server per se, but it could get spread to other clients if users run the file(s).

Share this post


Link to post
Share on other sites
pcdoc

In a way, you're running much like many corporations do; many run AV on their servers not so much to protect the servers themselves, but rather to detect malware being stored on the servers that came from client computers. The stored malware isn't a threat to the server per se, but it could get spread to other clients if users run the file(s).

 

That about sums it up. I used to allow limited people to upload but that turned out to be an issue so I am no longer doing that. The main thing is I store all data on the server so the client only scans when accessing. Since files can get stored for quite some time, I prefer to have real time scanning on my server and not wait for a client to access it. It is all about the level of security you are looking for but for $39, I would rather have the piece of mind...

Share this post


Link to post
Share on other sites
ikon

That about sums it up. I used to allow limited people to upload but that turned out to be an issue so I am no longer doing that. The main thing is I store all data on the server so the client only scans when accessing. Since files can get stored for quite some time, I prefer to have real time scanning on my server and not wait for a client to access it. It is all about the level of security you are looking for but for $39, I would rather have the piece of mind...

 

Kinda sums up the difference between our setups. I have client data on the local computers and have it auto-copied to the WHS by Scheduled Tasks, so the data gets scanned at the client. Since MSSE is set to auto-update, the clients are kept up to snuff without my intervention. Both ways work, so it's really personal preference I think.

Share this post


Link to post
Share on other sites
pcdoc

Kinda sums up the difference between our setups. I have client data on the local computers and have it auto-copied to the WHS by Scheduled Tasks, so the data gets scanned at the client. Since MSSE is set to auto-update, the clients are kept up to snuff without my intervention. Both ways work, so it's really personal preference I think.

 

Yep. As long as data gets scanned it works. Everyone just has to make sure that they use something that works for them and provides protection.

Share this post


Link to post
Share on other sites
Joe_Miner

I am a bit different (I know that is not unusual). I use Norton's Internet Security on all 8 clients and run the new AVG File Server version 2012 ($39) on my WHS 2011 and Server 2008R2. To cap things off and complete the package I use Kaspersky on my Untangle box. My main reason for AV on the WHS is past history. I have found a couple of files that where contaminated from years ago which would have not bee discovered had it not been for server based AV. Personally it gives me peace of mind.

 

I really like your approach -- I lean towards the multi-layered defense approach and I like the idea that your clients have a different engine (or at least a different brand of engine) from your servers. I have NIS on my laptop (my preceived greatest risk) but everything else (FF & MSE) are basically the same engines & definitions -- I'm thinking that may be a weakness in my set-up.

Share this post


Link to post
Share on other sites
pcdoc

I really like your approach -- I lean towards the multi-layered defense approach and I like the idea that your clients have a different engine (or at least a different brand of engine) from your servers. I have NIS on my laptop (my preceived greatest risk) but everything else (FF & MSE) are basically the same engines & definitions -- I'm thinking that may be a weakness in my set-up.

 

I am not sure if what I am doing is the best but it certainly gives me a warm and fuzzy feeling. I do not see much wrong in your approach either. The only I would change is to keep all the clients on NIS. If you watch the sales you can get some good pricing.

Share this post


Link to post
Share on other sites
Joe_Miner

I am not sure if what I am doing is the best but it certainly gives me a warm and fuzzy feeling. I do not see much wrong in your approach either. The only I would change is to keep all the clients on NIS. If you watch the sales you can get some good pricing.

 

Very good point. Watching the sales does provide some very good pricing for NIS -- especially if one is willing to fill out the paperwork for all the rebates etc (which I am) :)

 

On a public WiFi I feel more secure with my laptop with NIS than MSE but that's just me and my years of being a Norton fanboy for over 25 years :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now




×