Re: Two vendor strategy in virus protection

David H. Lipman wrote:
From: "Joerg Schuetter" <nntp@xxxxxxxxxxxxx>

| Hello NG
| I heard from one key account manager of a anti-virus company that it is
| no longer necessary to have two anti-virus vendors to secure your network.
| What is your experience?
| This could help us to save a amount of money by relaying only on the AV
| on the client and getting rid of the AV on proxy and mail server.
| Jörg

He';s wrong.

A good strategy is to have one vendor's solution on the email servers.
Another vendor's solution on the File and Print servers and workstations
Another vendor's solution on gateways and/or proxys.

This way one vendor may catch what another vendor may miss.

another reason he's wrong is the "getting rid of the AV on proxy and mail server" part... client side security apps are good (necessary even) but they're prone to failure due to such things as users turning them off, mobile devices (laptops, pdas, smart phones, etc) connecting to the network without adequate (or any) client security software, etc...

scanning at the mail server provides fault tolerance through redundancy (though it should probably be part of a more general content filtering effort so as to affect defense in depth)...

"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"