Re: Two vendor strategy in virus protection



David H. Lipman wrote:
From: "Joerg Schuetter" <nntp@xxxxxxxxxxxxx>

| Hello NG
|
| I heard from one key account manager of a anti-virus company that it is
| no longer necessary to have two anti-virus vendors to secure your network.
| What is your experience?
| This could help us to save a amount of money by relaying only on the AV
| on the client and getting rid of the AV on proxy and mail server.
|
| Jörg
|

He';s wrong.

A good strategy is to have one vendor's solution on the email servers.
Another vendor's solution on the File and Print servers and workstations
Another vendor's solution on gateways and/or proxys.

This way one vendor may catch what another vendor may miss.

another reason he's wrong is the "getting rid of the AV on proxy and mail server" part... client side security apps are good (necessary even) but they're prone to failure due to such things as users turning them off, mobile devices (laptops, pdas, smart phones, etc) connecting to the network without adequate (or any) client security software, etc...

scanning at the mail server provides fault tolerance through redundancy (though it should probably be part of a more general content filtering effort so as to affect defense in depth)...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"
.



Relevant Pages

  • Re: Outlook Express Undeliverable
    ... If your client is not getting an NDR message back from ... his mail server (which means his sending mail server got rejected during the ... Maybe you have server-side spam filtering enabled and his mails ... sender is infected so his mails could also be infected. ...
    (microsoft.public.internet.mail)
  • Re: Using outside DNS name to access internal server from inside the network
    ... that points to their mail server on port 8081. ... assume there is no internal DNS server. ... me by the IT consuling firm on behalf of the client! ... hit your customers internet front end ... ...
    (comp.dcom.sys.cisco)
  • Re: Sendamil
    ... we can not give ip address of every and each client in "access file".... ... i wann give access of my mail server from 80 port means fron web site .. ... server for outgoing mails ... The real problem is, none of us understand your question. ...
    (RedHat)
  • Re: Incoming NON-Junk Mail routed to Junk Folder. Please assist.
    ... She's always had McAfee on her machine but I think this ... I guess our best bet is to just turn off the Outlook junk filter. ... (byte by byte during its transmission between mail server and client). ...
    (microsoft.public.outlook.general)
  • Routing Issues
    ... My client had a Netware 3.12 running (which ran fairly sucsessfully for the ... I sold my client a MS-SBS03 server.... ... The company who supplied the mail server and firewall, cisco pix 501. ...
    (microsoft.public.win2000.general)