NETWORK WORLD NEWSLETTER: RON NUTTER WITH ASK THE EXPERTS 10/13/04 Today's focus: Single solution for both spam and viruses?
Dear [EMAIL PROTECTED], In this issue: * Help Desk columnist Ron Nutter answers a user who wonders if ��there's one product that can do it all * Links related to Ask the Experts * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Veritas Meta Group Whitepaper Database Infrastructure Performance Challenges: Approaches to Better Manage Application Database and Storage Subsystem Performance Corporate relational databases now manage the majority of business-critical data within the enterprise. IT organizations face continuing challenges in managing increasingly complex, data-driven application environments. Read this white paper to discover several factors which will converge to challenge the IT organization's ability to manage its database software infrastructure. http://www.fattail.com/redir/redirect.asp?CID=84646 _______________________________________________________________ WHAT DO YOU KNOW ABOUT THE NEW DATA CENTER? Sign up for Network World's Data Center Newsletter in which Johna Till Johnson and the team at Nemertes Research will provide an ongoing assessment of current data center business drivers and future trends; concrete advice and guidance for IT executives seeking to consolidate data centers, improve disaster recovery, and deploy virtualization techniques. Click here to subscribe: http://www.fattail.com/redir/redirect.asp?CID=84770 _______________________________________________________________ Today's focus: Single solution for both spam and viruses? By Ron Nutter I was recently hired by a company to take care of their growing local area network. The first thing they want me to is to start taking steps to reduce the amount of spam and viruses coming into the company's mail server. What is the best way to handle this? Will one product do it all? -- Via the Internet There are a couple of main ways to do this: Appliances and software. There are appliances that will do one or both tasks. If you have the money (yes, appliance solutions can be more expensive), this kind of approach has several benefits. It reduces CPU loads on the mail server. When looking at this type of solution, be sure to look at the ongoing maintenance costs. Also check if the agreement covers advance shipping of replacement unit if yours were to fail to minimize the time you will be without protection. If the appliance option is too expensive for you, there's software. Start by breaking the task into two parts: viruses and spam. There are both commercial and open source solutions that you can look at here. As with the appliance option, look at the costs of each option and the costs for ongoing support. With the open-source options, you may be able to find 3rd parties that will provide this for a fee. If you don't go with that route, talk to others running these same packages to see what amount of time they spent working on that problem and assign a cost to that. This will help you identify what the real support costs is for all options. You may find the best answer is to look for best-of-breed applications, one for spam and one for viruses: If you put together your own solution, keep in mind that it may take more than one computer to try to get the problem you are working on somewhere close to being under control. One company that I have talked to uses a three-tier approach: The first computer in their configuration runs an SMTP anti-virus gateway to do an initial screening of the e-mail and block those e-mails and/or attachments that contain viruses. The second computer runs the SpamAssassin ( <http://spamassassin.apache.org/> ) open source anti-spam application. Meanwhile, the mail server also runs an anti-virus application (they are looking to add another anti-virus package, the open-source ClamAV [ <http://www.clamav.net/> ], on the theory that it will catch anything that gets by the other anti-virus app). They have 3 MX records for their setup, one for the first system scanning the e-mails for viruses, the second for the SpamAssassin/ClamAV setup and the last for the mail server itself. Each of these MX records has an increasingly higher weight than the record before it. While this may seem like overkill, it has fault tolerance built into it. If the first and or second systems are not responding, e-mail still arrives at the mail server used by the company. They have noticed one curious thing since implementing a 3-MX record setup: Spam that initially would have gone directly to the mail server, is now going to the second MX record entry instead of the first MX record. Having the e-mail jump through several hoops adds an increasing layer of difficulty of something bad getting through, assuming of course that everything is work all the time. This is one example of how the situation was resolved for one company, you may find that your solution may be somewhere between the two solutions that have been discussed here. With either solution, you may want to look at blocking as many of the different types of attachments as you can get approval to do so. By blocking them outright, you can minimize some type of new attack getting through because the signatures dont know about the new attack. Something else to look for is something called attachment typing. This can help prevent an attachment of slipping through because it was renamed from say .zip to .zio. _______________________________________________________________ To contact: Ron Nutter Ron Nutter, a Master Certified Novell Engineer and Microsoft Certified Systems Engineer in the Lexington, Ky., area, tracks down the answers to your questions. Send your questions to <mailto:[EMAIL PROTECTED]>. _______________________________________________________________ This newsletter is sponsored by Fidelia Fidelia adds sophistication to systems management Extend Insight Manager, OpenManage and many unix monitoring solutions with proactive trending, capacity planning and a sophisticated notification engine by adding Fidelia NetVigil into your environment. http://www.fattail.com/redir/redirect.asp?CID=84628 _______________________________________________________________ ARCHIVE LINKS Dr. Internet archive: http://www.nwfusion.com/columnists/blass.html Nutter's Help Desk archive: http://www.nwfusion.com/columnists/nutter.html _______________________________________________________________ FEATURED READER RESOURCE THE NEW DATA CENTER Today's top companies are accelerating toward Web-based computing. That means building the new data center -- where grids, virtualization, autonomic computing and other big changes shatter the traditional boundaries on applications and information, and bring the extended enterprise to life. Learn about The New Data Center on NW Fusion's Research Center at: <http://www.nwfusion.com/topics/datacenter.html> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
