I've only been on the list a short time, but I must have missed the mandatory Trend Micro brainwashing. :-) So far from what I have noticed there seems to be a set answer to all AV questions. Question: I'm curious about the capabilities of NOD32. Answers (en mass): You should use Trend Micro. Question: Is anyone using Symantec? Answer (again en mass): You should buy Trend Micro.
Not that there is anything wrong with Trend Micro's product, it's great in my opinion, but these responses don't seem to be very helpful with regard to the questions being asked. My apologies to the list "gods" if TM is the list sponsor. :-) Tim -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Glen Miller Sent: Wednesday, October 05, 2005 11:55 AM To: 'ActiveDir@mail.activedir.org' Subject: RE: [ActiveDir] Anti-virus protection in domain enviroment Look into a product called Office Scan, by a company called Trend Micro. I have been using this product happily since 1998. It saved me from the "I love you" bug and a few rather nasty ones since. "I want my two dollars!" And Joe! Petitioning Webster's to include Joe-isms as an actual word. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ahmed Al Awah Sent: Tuesday, October 04, 2005 12:35 PM To: 'ActiveDir@mail.activedir.org' Subject: RE: [ActiveDir] Anti-virus protection in domain enviroment Since we're on topic..is anyone using Symantec AntiVirus 10 corp edition for A/V protection in a domain environment? -----Original Message----- From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] [mailto:[EMAIL PROTECTED] Sent: October 4, 2005 11:07 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Anti-virus protection in domain enviroment My 1 cent. I should go back to lurking...but... when choosing your a/v solution there's something to check on... some of the a/v vendors have historically needed admin rights to update or have had vulnerabilities themselves. Might be something to investigate and consider when chosing an a/v ...especially on a DC. In my own historical issues with Trend, the OfficeProtect dat file upgrade to XP sp2 wasn't properly 'vetted" and flatlined my workstations and last I heard cost Trend $8 mil in lost sales. They've also had a security vulnerability patched somewhat recently. Epo's had their issues as well.... http://xforce.iss.net/xforce/xfdb/21839 ISS X-Force Database: epolicy-msde-obtain-password(12787): ePolicy Orchestrator could allow an attacker to obtain MSDE SA password: http://xforce.iss.net/xforce/xfdb/12787 ISS X-Force Database: epolicy-execute-commands(14166): ePolicy Orchestrator command execution: http://xforce.iss.net/xforce/xfdb/14166 Al Garrett wrote: > My 2 cents... > EpO has worked outstanding for us. > Does inventory reports, finds "rogues", demonstrates to pointy-haired > bosses how many infections are avoided and how dangerous it is "out > there." > Combined with CommTouch Anti-Spam solution. > > -----Original Message----- > *From:* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > *Sent:* Tuesday, October 04, 2005 8:36 AM > *To:* ActiveDir@mail.activedir.org > *Subject:* RE: [ActiveDir] Anti-virus protection in domain > enviroment > > Just to add a little to what Phil says: > > When I last used ePO I found that possibly the most useful feature > was the reporting aspect. This allows you (amongst others) to > assess which viruses were found in the environment and therefore > what action if any needs to be taken to prevent further infection. > > Most organisations don't have any idea how many infections they > suffer from or how regularly the infections occur. A tool such as > ePO can help in this area quite significantly. [it's also a handy > management tool which helps justify the ongoing AV costs :) ] > > neil > > > *___________________________* > *Neil Ruston* > Global Technology Infrastructure > Nomura International plc > > > ------------------------------------------------------------------------ > *From:* [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] *On Behalf Of *Phil Renouf > *Sent:* 04 October 2005 16:10 > *To:* ActiveDir@mail.activedir.org > *Subject:* Re: [ActiveDir] Anti-virus protection in domain > enviroment > > Take a look at this article, it should give you the information > you need to configure Antivirus on your DC's: > > http://support.microsoft.com/default.aspx/kb/822158 > > I don't have any experience running NOD32 on anything :) > > As for clients, most environments I have been in use a product > similar to McAfee's EPO to centrally manage all the AV agents on > the desktop to make sure they are configured to the corporate > standard and that they have up to date scan engines and DAT files. > > Phil > > > On 10/4/05, *Boris Demirov* <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > Hello everybody, > I got some questions about the anti-virus protection of a > domain controller > and the domain environment: > > In my opinion the best AV program for the moment is NOD32 - I > am using it > successfully on many workstations, but I am not quite sure how > it will act on > a DC. What kind of protection do you use on your DCs and have > somebody got a > closer look on the NOD32 installed on a DC? > And something else to ask: what kind of AV protect your > workstations in > domain, do you use a single copy of a normal AV or some > enterprise edition? > > All advises on the topic of antivirus protection in domain > controller and the > stations in the domain are welcome. > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > <http://www.activedir.org/ListFAQ.aspx> > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > PLEASE READ: The information contained in this email is > confidential and > intended for the named recipient(s) only. If you are not an intended > recipient of this email please notify the sender immediately and > delete your > copy from your system. You must not copy, distribute or take any > further > action in reliance on it. Email is not a secure method of > communication and > Nomura International plc ('NIplc') will not, to the extent > permitted by law, > accept responsibility or liability for (a) the accuracy or > completeness of, > or (b) the presence of any virus, worm or similar malicious or > disabling > code in, this message or any attachment(s) to it. If verification > of this > email is sought then please request a hard copy. Unless otherwise > stated > this email: (1) is not, and should not be treated or relied upon as, > investment research; (2) contains views or opinions that are > solely those of > the author and do not necessarily represent those of NIplc; (3) is > intended > for informational purposes only and is not a recommendation, > solicitation or > offer to buy or sell securities or related financial instruments. > NIplc > does not provide investment services to private customers. > Authorised and > regulated by the Financial Services Authority. Registered in England > no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St > Martin's-le-Grand, > London, EC1A 4NP. A member of the Nomura group of companies. > -- Letting your vendors set your risk analysis these days? http://www.threatcode.com List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ a List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
