Results 1 to 3 of 3

Thread: For those who protect networks from Viruses

  1. #1

    For those who protect networks from Viruses

    As I mentioned in my previous article (For those concern large AV installation and protection of networks) the number 4 command needs to be retold.

    4. You do not need to do the number 3 if you use AV for Internet or AV for mail and Content and Spam filtering.Your gateway products should be informed before you even realize than a new thread already exist. Therefore as long as you got right tools properly installed on the gateway nothing malicious will pass through your network.

    Everyone knows today about Fizzer. The matter is that which of you is protecting a networks with lots of clerks? And if you do do you have AV gateway products installed?

    I just now watching the mail alerts that my AV gateway product informs me the many of Fizzer worms try to enter via email into the corporation and being droped at the door.

    So to conclude, these days corporations are just widely open to anyone if they do not have gateway security products. Fizzer and any kind of these worms will be here to remind us...and warn us what is needed to protect and what is to come...

    Well I am not Nostradamus...I am just an engineer...xixixxxixixixixi
    That was all folks!
    http://www.virusinfo.bz/cgi-bin/ultimatebb.cgi

  2. #2
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830
    You must also lock down users' access to 3rd party POP accounts or web mail.

    It isn't very secure to rely on security tools installed on a gateway or mail server if the users can bypass the security measures by downloading attachments from Hotmail or if the users can connect to Kazaa or IRC or any other security risk that does not go through the main corporate email server.

    Even after you have locked down access to instant messaging, P2P, 3rd-party POP and web mail access, you still need to educate the users and keep antivirus clients running at the desktop level (a software firewall would be beneficial as well). You don't want to rely on a false sense of security or security through obscurity.

    Users will magically and inevitably find their way around security measures. I recommend that the AV running at the client level be from a different vendor than the AV at the server level in the hopes that what one misses the other might catch. But, I know there are arguments that can be made for why they should both be from the same vendor as well.

  3. #3
    Originally posted here by tonybradley
    You must also lock down users' access to 3rd party POP accounts or web mail.

    It isn't very secure to rely on security tools installed on a gateway or mail server if the users can bypass the security measures by downloading attachments from Hotmail or if the users can connect to Kazaa or IRC or any other security risk that does not go through the main corporate email server.

    Even after you have locked down access to instant messaging, P2P, 3rd-party POP and web mail access, you still need to educate the users and keep antivirus clients running at the desktop level (a software firewall would be beneficial as well). You don't want to rely on a false sense of security or security through obscurity.

    Users will magically and inevitably find their way around security measures. I recommend that the AV running at the client level be from a different vendor than the AV at the server level in the hopes that what one misses the other might catch. But, I know there are arguments that can be made for why they should both be from the same vendor as well.
    Dear friend Gateway content scanning products websweeper and mailsweepers do lock hotmail and web client mails if you do not know yet. IRC as well is strictry prohibited and cutted via firewalls when we talk for serious corporate environments.
    You do not need to do anything with end user if you use centralized AV products. Did you tried any of these centralized AV products. End user is a teller and does not need to concern with security..we just want them to do their jobs and we are here to remind them that we watching them whatever they do and access in a corporate network.
    We do support homogeneus environment since we do support them much easier. If we do differnet products in server and clients we need more time to support them. Time is money and noone pays the cost for such ideas.
    And for people who looking to find their way out and in to bypass security measures there are hundreds of tools to catch their activity.
    In conclusion what is the scope of your reply to my above message. I did not find any scope of your reccomendations as a reply to his message.
    Thank you for your time though...
    That was all folks!
    http://www.virusinfo.bz/cgi-bin/ultimatebb.cgi

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •