Doesn't Norton offer a program for Exchange? Is there something wrong with
it? Please let me know as I was thinking about going with it for our
system and replacing InnoculateIt which we are using now. Thanks
On Sun, 20 Jun 1999, Jen wrote:
> Analysis so far (comparison of firewall virus scanners, mostly Trend and
> Symantec):
>
> 1. Trend is more flexible and has much better logging capabilities.
> Norton might be able to stop more, but you can't really tell,
> because it's logs tell you virtually nothing.
> 2. CVP (at least on FW-1) is awful. A few reasons:
> a. It is not possible to setup virus scans without having an SMTP
> security server. Unfortunately, the one that comes with FW-1
> leaves a lot to be desired (as in, if you try to use it for
> outgoing mail, you're asking for trouble; it isn't capable of
> querying DNS). So this means you have to setup another SMTP
> server (or use an existing one as the security server). This
> has its own set of problems, complicated by ...
> b. There is no fault tolerance, nor is there any alert sent when
> a server cannot be contacted. In other words, if FW-1 can't
> find a server it needs (the security server, the CVP server,
> etc.), it just denies the connection. Actually, if you don't
> have an SMTP security server, it might be worse -- haven't
> quite figured out what the default security server does yet.
> The problem here is that the more servers you include in
> virus scanning and firewalling, the more likely you are to
> have a problem.
> 3. Virus scanners do not offer a lot of flexibility. It would be
> nice to be able to deny all attachments with the extension
> .exe or .com, and quarrantine any that come in meeting those
> criteria. Unfortunately, no product that I know of does this.
> Norton allows you to stop .exe and .com files from coming
> in, but it doesn't tell you that it's stopping them, nor the
> names of the files it stops, nor ... well, you get the point.
>
> Conclusion: Virus scanning at the firewall is fraught with peril. Trend
> offers a CVP-free way to do virus scanning (an SMTP server that scans
> viruses and forwards to internal SMTP servers), which seems like the
> best way to go. Norton has an SMTP product I haven't looked at yet, but
> if it's as barren as their firewall product, there will be problems.
> There might be other products that do this, too, and I'd appreciate
> hearing of any. Unfortunately, from experience, the virus engine that
> we trust the most tends to be Norton (the one we trust the least tends
> to be NAI). I just wish they offered better tracking and management, a
> la Trend. It's virtually impossible to tell what it's doing, which
> frightens me.
>
> We use Exchange for e-mail, so if Norton's SMTP Gateway is decent, we'll
> probably use it instead of Trend, and use Trend on the Exchange server.
> If the gateway isn't decent, I guess we'll just trust Trend to catch
> everything at the network and mail server level, and let Norton catch
> stuff on file servers and desktops.
>
> Any feedback would be great.
>
> Thanks!
>
> Jen
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
