If you don't want an AV running realtime on your DC, then you may settle for scheduling another computer scanning the DC routinely. It doesn't give you realtime scan but there is at lease some scanning done routinely. Best of all, you keep your DC clean from AV software.
My personal perferance is to dump the AV idea and implement Host based security. The reason being that the DC is less likely to be the first server to be infected. Moreover, you can harden the DC with security templates to make it more difficult to infect (unless it's coming from an Enterprise Admin user who was infected...ouch). The DC's most important data is the AD database. If you have more then one DC, then loosing a DC should not mean a total rebuild...in other words, you do have redundancy. Unlike an Exchange server, where private mailbox stores are unique and losing it will invariable mean a restore from Backup or if that fails, then it's all lost. Never-the-less, I think a hacker accessing your DC is much more harmful then an AV attack on your DC. Thus the implementation of Host Based Security (HBS). Check out Symantec Intruder Alert http://enterprisesecurity.symantec.com/products/products.cfm?productid=48&PI D=na&EID=0 If you are really serious about security, couple the Intruder Alert with AV scanning and Network based security systems (Net Prowler). Note: I am in no way saying that Symantec is the best product out there...as I have not tested them all. I just know of these two products from previous use of the Axent products (who got bought out by Symantec...geeze, I hope they don't ruin the product). Regards, Leonard Lee -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ed Esgro Sent: Tuesday, March 19, 2002 10:52 AM To: NT 2000 Discussions Subject: RE: AV on a DC I use NAV corporate Edition. No problems for over a year. -----Original Message----- From: Edgington, Jeffrey [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 19, 2002 10:10 AM To: NT 2000 Discussions Subject: AV on a DC I'm in kind of a quandary on this subject. On one hand I'm leery of leaving my DCs unprotected... on the other I'm hesitant to put third party software on them. What are your opinions on this? (I'm considering NetShield 4.5) Thanks :) --------------------------------------- Jeffrey Edgington Systems Administrator University of Missouri - Rolla Are you a Spectator or a Participant? --------------------------------------- ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
