I've only been on the list a short time, but I must have missed the
mandatory Trend Micro brainwashing. :-)
So far from what I have noticed there seems to be a set answer to all AV
questions.
Question: I'm curious about the capabilities of NOD32.
Answers (en mass): You should use Trend Micro.
Question: Is anyone using Symantec?
Answer (again en mass): You should buy Trend Micro.
Not that there is anything wrong with Trend Micro's product, it's great
in my opinion, but these responses don't seem to be very helpful with
regard to the questions being asked.
My apologies to the list "gods" if TM is the list sponsor. :-)
Tim
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Glen Miller
Sent: Wednesday, October 05, 2005 11:55 AM
To: '[email protected]'
Subject: RE: [ActiveDir] Anti-virus protection in domain enviroment
Look into a product called Office Scan, by a company called Trend Micro.
I have been using this product happily since 1998. It saved me from the
"I love you" bug and a few rather nasty ones since.
"I want my two dollars!"
And Joe! Petitioning Webster's to include Joe-isms as an actual word.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ahmed Al Awah
Sent: Tuesday, October 04, 2005 12:35 PM
To: '[email protected]'
Subject: RE: [ActiveDir] Anti-virus protection in domain enviroment
Since we're on topic..is anyone using Symantec AntiVirus 10 corp edition
for A/V protection in a domain environment?
-----Original Message-----
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
[mailto:[EMAIL PROTECTED]
Sent: October 4, 2005 11:07 AM
To: [email protected]
Subject: Re: [ActiveDir] Anti-virus protection in domain enviroment
My 1 cent.
I should go back to lurking...but... when choosing your a/v solution
there's something to check on... some of the a/v vendors have
historically needed admin rights to update or have had vulnerabilities
themselves.
Might be something to investigate and consider when chosing an a/v
...especially on a DC.
In my own historical issues with Trend, the OfficeProtect dat file
upgrade to XP sp2 wasn't properly 'vetted" and flatlined my workstations
and last I heard cost Trend $8 mil in lost sales. They've also had a
security vulnerability patched somewhat recently.
Epo's had their issues as well....
http://xforce.iss.net/xforce/xfdb/21839
ISS X-Force Database: epolicy-msde-obtain-password(12787): ePolicy
Orchestrator could allow an attacker to obtain MSDE SA password:
http://xforce.iss.net/xforce/xfdb/12787
ISS X-Force Database: epolicy-execute-commands(14166): ePolicy
Orchestrator command execution: http://xforce.iss.net/xforce/xfdb/14166
Al Garrett wrote:
My 2 cents...
EpO has worked outstanding for us.
Does inventory reports, finds "rogues", demonstrates to pointy-haired
bosses how many infections are avoided and how dangerous it is "out
there."
Combined with CommTouch Anti-Spam solution.
-----Original Message-----
*From:* [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
*Sent:* Tuesday, October 04, 2005 8:36 AM
*To:* [email protected]
*Subject:* RE: [ActiveDir] Anti-virus protection in domain
enviroment
Just to add a little to what Phil says:
When I last used ePO I found that possibly the most useful feature
was the reporting aspect. This allows you (amongst others) to
assess which viruses were found in the environment and therefore
what action if any needs to be taken to prevent further infection.
Most organisations don't have any idea how many infections they
suffer from or how regularly the infections occur. A tool such as
ePO can help in this area quite significantly. [it's also a handy
management tool which helps justify the ongoing AV costs :) ]
neil
*___________________________*
*Neil Ruston*
Global Technology Infrastructure
Nomura International plc
------------------------------------------------------------------------
*From:* [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] *On Behalf Of *Phil
Renouf
*Sent:* 04 October 2005 16:10
*To:* [email protected]
*Subject:* Re: [ActiveDir] Anti-virus protection in domain
enviroment
Take a look at this article, it should give you the information
you need to configure Antivirus on your DC's:
http://support.microsoft.com/default.aspx/kb/822158
I don't have any experience running NOD32 on anything :)
As for clients, most environments I have been in use a product
similar to McAfee's EPO to centrally manage all the AV agents on
the desktop to make sure they are configured to the corporate
standard and that they have up to date scan engines and DAT files.
Phil
On 10/4/05, *Boris Demirov* <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
Hello everybody,
I got some questions about the anti-virus protection of a
domain controller
and the domain environment:
In my opinion the best AV program for the moment is NOD32 - I
am using it
successfully on many workstations, but I am not quite sure how
it will act on
a DC. What kind of protection do you use on your DCs and have
somebody got a
closer look on the NOD32 installed on a DC?
And something else to ask: what kind of AV protect your
workstations in
domain, do you use a single copy of a normal AV or some
enterprise edition?
All advises on the topic of antivirus protection in domain
controller and the
stations in the domain are welcome.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
<http://www.activedir.org/ListFAQ.aspx>
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
PLEASE READ: The information contained in this email is
confidential and
intended for the named recipient(s) only. If you are not an
intended
recipient of this email please notify the sender immediately and
delete your
copy from your system. You must not copy, distribute or take any
further
action in reliance on it. Email is not a secure method of
communication and
Nomura International plc ('NIplc') will not, to the extent
permitted by law,
accept responsibility or liability for (a) the accuracy or
completeness of,
or (b) the presence of any virus, worm or similar malicious or
disabling
code in, this message or any attachment(s) to it. If verification
of this
email is sought then please request a hard copy. Unless otherwise
stated
this email: (1) is not, and should not be treated or relied upon
as,
investment research; (2) contains views or opinions that are
solely those of
the author and do not necessarily represent those of NIplc; (3) is
intended
for informational purposes only and is not a recommendation,
solicitation or
offer to buy or sell securities or related financial instruments.
NIplc
does not provide investment services to private customers.
Authorised and
regulated by the Financial Services Authority. Registered in
England
no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St
Martin's-le-Grand,
London, EC1A 4NP. A member of the Nomura group of companies.
