-
May 13th, 2003, 08:40 AM
#1
Member
For those who protect networks from Viruses
As I mentioned in my previous article (For those concern large AV installation and protection of networks) the number 4 command needs to be retold.
4. You do not need to do the number 3 if you use AV for Internet or AV for mail and Content and Spam filtering.Your gateway products should be informed before you even realize than a new thread already exist. Therefore as long as you got right tools properly installed on the gateway nothing malicious will pass through your network.
Everyone knows today about Fizzer. The matter is that which of you is protecting a networks with lots of clerks? And if you do do you have AV gateway products installed?
I just now watching the mail alerts that my AV gateway product informs me the many of Fizzer worms try to enter via email into the corporation and being droped at the door.
So to conclude, these days corporations are just widely open to anyone if they do not have gateway security products. Fizzer and any kind of these worms will be here to remind us...and warn us what is needed to protect and what is to come...
Well I am not Nostradamus...I am just an engineer...xixixxxixixixixi
That was all folks!
http://www.virusinfo.bz/cgi-bin/ultimatebb.cgi
-
May 18th, 2003, 11:08 AM
#2
You must also lock down users' access to 3rd party POP accounts or web mail.
It isn't very secure to rely on security tools installed on a gateway or mail server if the users can bypass the security measures by downloading attachments from Hotmail or if the users can connect to Kazaa or IRC or any other security risk that does not go through the main corporate email server.
Even after you have locked down access to instant messaging, P2P, 3rd-party POP and web mail access, you still need to educate the users and keep antivirus clients running at the desktop level (a software firewall would be beneficial as well). You don't want to rely on a false sense of security or security through obscurity.
Users will magically and inevitably find their way around security measures. I recommend that the AV running at the client level be from a different vendor than the AV at the server level in the hopes that what one misses the other might catch. But, I know there are arguments that can be made for why they should both be from the same vendor as well.
-
May 18th, 2003, 05:06 PM
#3
Member
Originally posted here by tonybradley
You must also lock down users' access to 3rd party POP accounts or web mail.
It isn't very secure to rely on security tools installed on a gateway or mail server if the users can bypass the security measures by downloading attachments from Hotmail or if the users can connect to Kazaa or IRC or any other security risk that does not go through the main corporate email server.
Even after you have locked down access to instant messaging, P2P, 3rd-party POP and web mail access, you still need to educate the users and keep antivirus clients running at the desktop level (a software firewall would be beneficial as well). You don't want to rely on a false sense of security or security through obscurity.
Users will magically and inevitably find their way around security measures. I recommend that the AV running at the client level be from a different vendor than the AV at the server level in the hopes that what one misses the other might catch. But, I know there are arguments that can be made for why they should both be from the same vendor as well.
Dear friend Gateway content scanning products websweeper and mailsweepers do lock hotmail and web client mails if you do not know yet. IRC as well is strictry prohibited and cutted via firewalls when we talk for serious corporate environments.
You do not need to do anything with end user if you use centralized AV products. Did you tried any of these centralized AV products. End user is a teller and does not need to concern with security..we just want them to do their jobs and we are here to remind them that we watching them whatever they do and access in a corporate network.
We do support homogeneus environment since we do support them much easier. If we do differnet products in server and clients we need more time to support them. Time is money and noone pays the cost for such ideas.
And for people who looking to find their way out and in to bypass security measures there are hundreds of tools to catch their activity.
In conclusion what is the scope of your reply to my above message. I did not find any scope of your reccomendations as a reply to his message.
Thank you for your time though...
That was all folks!
http://www.virusinfo.bz/cgi-bin/ultimatebb.cgi
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|