Jochem, Yes - I agree it's a grey area. But if your auditor is agressive he may insist on it. As I said in my original post, I agree with those who find virus software on a web serve an intrusive and unnecessary complication. I was only pointing out a fly in the ointment. In our case we install it, but we do not use it in a "resident" manner (where it definitely causes issues in my view).
-mark -----Original Message----- From: Jochem van Dieten [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 23, 2005 2:11 AM To: CF-Talk Subject: Re: Symantec AntiVirus for Dedicated Web Server... Rey Bango wrote: > > Virus protection on web servers, though, is a grey area because the > subject is mentioned in broad terms and doesn't specifically say web > servers. > > The PCI standard can be read here: > > https://sdp.mastercardintl.com/pdf/pcd_manual.pdf The relevant quote from page 8: Maintain a Vulnerability Management Program Many vulnerabilities and malicious viruses enter the network via employeesâ e-mail activities. Anti-virus software must be used on all e-mail systems and desktops to protect systems from malicious software. 5. Use and regularly update anti-virus software or programs 5.1 Deploy anti-virus mechanisms on all systems commonly affected by viruses (for example PCâs and servers). 5.2 Ensure that all anti-virus mechanisms are current, actively running, and capable of generating audit logs. I see this as supporting my original point that AV is for email servers and possibly file servers. A webserver simply isn't a system commonly affected by viruses: there is no clueless user sitting at the console double-clicking anything he can lay his hands on. Jochem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:216035 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
