Announcement

Collapse
No announcement yet.

Create an AV / FW server?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Create an AV / FW server?

    Good morning!

    I couldn't decide where this post should go
    (mods please move!)

    but my idea is to create an AV / FW server that scans every pc on the network, incoming mail, outgoing mail....everything.

    Is there anything like that?

    I'd like to stay as close to Microsoft as possible,
    my experience with McAffe / Symantec has been client apps that slow the pc down, bug the user, and fail at being good enough.


    Thanks in advance!

  • #2
    Re: Create an AV / FW server?

    For the firewall side of thnigs, Forefront TMG (new version of ISA server) will do the trick. For emails, Forefront Security for Exchange, ideally on an Edge Server, but could go on the Hub Transport server
    For AV most apps like McAfee have a central control panel, as does Microsoft Forefront Client Security. All will do some work on the client, though, so will use system resources

    *Non Microsoft solutions are available
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Create an AV / FW server?

      That sounds like a -huge- project,
      but one that will have awesome results.



      I don't have much experience with Edge servers, but something I really want to look into.

      Thanks for your help- anything else I should look into?

      Comment


      • #4
        Re: Create an AV / FW server?

        Personally I would avoid Edge Servers and investigate 3rd party spam/av filtering. Messagelabs are very good, and there are others.

        But start with planning properly, and make the business case for a big spend!

        How big is your network, and what are you running on it at the moment?
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd
        Scotland

        ** Remember to give credit where credit is due and leave reputation points where appropriate **

        Comment


        • #5
          Re: Create an AV / FW server?

          IME Edge Transport only makes sense when you have TMG, and even then not much. It's a bit of a waste of a server and Exchange license, although some of that is mitigated as the Edge role can be installed on a Forefront TMG server.

          Regarding AV, the Gartner reports are not long out for this year so worth a look to see what's best for you. Again IME, Symantec and McAfee products are awful to use and quite resource hungry.
          BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
          sigpic
          Cruachan's Blog

          Comment


          • #6
            Re: Create an AV / FW server?

            Originally posted by cruachan View Post
            IME Edge Transport only makes sense when you have TMG, and even then not much. It's a bit of a waste of a server and Exchange license, although some of that is mitigated as the Edge role can be installed on a Forefront TMG server.
            But this requires both an Exchange and a TMG license, does it not?
            Tom Jones
            MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
            PhD, MSc, FIAP, MIITT
            IT Trainer / Consultant
            Ossian Ltd
            Scotland

            ** Remember to give credit where credit is due and leave reputation points where appropriate **

            Comment


            • #7
              Re: Create an AV / FW server?

              Didn't phrase it that well, but what I meant is, seeing as TMG and Edge can coexist, it only really makes sense to deploy Edge if you already have TMG otherwise you need to have another server for the Edge role.

              Makes even less sense now though seeing as TMG is almost certainly getting canned, although still no official announcement from Microsoft.
              BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
              sigpic
              Cruachan's Blog

              Comment


              • #8
                Re: Create an AV / FW server?

                sound like you may benefit from NAC/NAP whatever it's called

                basically, you put security health validators on each PC, and if they don't meet a minimum patch level, and have firewalls enabled and stuff (theres all sorts of things you can configure) they can be put into a separate subnet.


                (vague memory from trainin material..)
                Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                Comment


                • #9
                  Re: Create an AV / FW server?

                  so happy to see so many responses!

                  My network is 75+ users across 5 states,
                  and a central server for documents / email / blackberry.

                  about 35 people work in the central office, and a lot of the others travel to and from the central office.

                  ..the problem I've seen (with almost all of my clients) is that 1 person opens up some Nigerian Prince, or decides to play some game, or open a link on facebook, etc, and then we're on blacklists, I gotta find the culprit, etc.

                  Do you guys ever run into that?

                  Comment


                  • #10
                    Re: Create an AV / FW server?

                    EDIT to include:
                    *Ideally, I'd like to have everyone completely secure,
                    and be able to monitor / scan the computers at any interval to stop a widespread attack before it happens.

                    Comment


                    • #11
                      Re: Create an AV / FW server?

                      Ok, the best thing you can do is make sure that no end users are Local Admins on their PCs. Most (up to 100% in some cases) strains of virus/malware are negated by users not being local admins. Install WSUS (Free download from Microsoft) for patch management and you can see at a glance the patch levels of your machines. You can install multiple WSUS servers (E.g. one for each site) but have them synchronise centrally for simpler managment.

                      (L)Users will always find new ways to break things, but if they aren't admins they can't change things, or install things, which is always a good start. I like to use WDS to create standard builds and remove local admin rights to stop users messing with them.
                      BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
                      sigpic
                      Cruachan's Blog

                      Comment


                      • #12
                        Re: Create an AV / FW server?

                        I was born in the land of Small business server,

                        so I never had to use more than 1 server for everything.
                        I do agree that sometimes having different servers is better.

                        I'd like to set up Microsoft TMG on an Edge server to clean up all the garbage that comes in, so here comes the stupid question:

                        ..What is the best route for setting up an edge server?
                        I'll google around, but I was hoping you guys can point me to
                        your favorite install guide or personal opinion.

                        Comment

                        Working...
                        X