Re: Why NOT to disable Real Time Antivirus on Servers
Date: 2 Nov 2005 21:57:15 -0000 To: email@example.com('binary' encoding is not supported, stored as-is) Well first of all, I would beg to find out how big of a performance hit this really is. If it's that bad then someone should be looking at new hardware. You might be good to find some stats on overhead from your AV vendor.
On the specific topic of security...surrounding the Exchange server. I agree the AV should be on everything but you'd be surprised so don't feel too alone. I wouldn't be as concerned about no AV on the actual Exchange server as I would be on the actual mail that is going through the Exchange server, I presume that is on?
I think this type of thinking started when most all viruses were via email. Meaning that people didn't check email on servers so they didn't think they needed AV. Now it's very obvious with all of the worms/viruses that spread on thier own.
If you don't have much network segmentation or controls between the servers and the users that also increases the risk.
Not solving your problem but some things to think about. Good luck...th