Focus on Virus
Back to list
RE: What should be protected with anti-virus software?
Feb 06 2006 03:06PM
Evan Mann (emann pinnaclefinancial com)
Your ops manager needs a head check. If they are computers, they have
files that can be infected, simple as that.
A/V should be on every system in your environment IMO. Exclude the
on-access scanner from scanning folders that hold stuff like your mail
stores, databases, IIS metabase, etc., and let the rest of the system be
protected. Use the on-access scanner, any port blocking and
scriptblocking the software you use may offer, etc.
It's common sense, I don't think a document is required. Does the
operations manage have ANY IT experience? My guess is no.
From: Erdahl, Larry E [mailto:Larry.Erdahl (at) allina (dot) com [email concealed]]
Sent: Thursday, February 02, 2006 8:06 AM
To: focus-virus (at) securityfocus (dot) com [email concealed]
Subject: What should be protected with anti-virus software?
Long time reader, but first time poster, so please be gentle ;-).
I am in the middle of a risk assessment of our current anti-virus
practice and need a little help.
I am finding servers without any anti-virus software installed and
others that are only configured as on-access detection. I am not sure if
the reasoning for not having anti-virus installed or only running
on-access holds water or is sufficient for today's needs.
The operations manager believes that not all servers need anti-virus
software. He believes his application servers are safe because they
don't receive e-mails and they don't have files that would become
infected. He also feels his Novell file and print servers are
sufficiently protect by using on-access detection only.
Can anyone give me a "best business practice" recommendation or point me
to documentation on what should be protected with anti-virus software
Any help will be greatly appreciated!
This message contains information that may be confidential and
privileged. Unless you are the addressee (or authorized to receive for
the addressee), you may not use, copy or disclose to anyone the message
or any information contained in the message. If you have received the
message in error, please advise the sender by reply e-mail and delete
[ reply ]
Copyright 2010, SecurityFocus