Dear friend Gateway content scanning products websweeper and mailsweepers do lock hotmail and web client mails if you do not know yet. IRC as well is strictry prohibited and cutted via firewalls when we talk for serious corporate environments.Originally posted here by tonybradley
You must also lock down users' access to 3rd party POP accounts or web mail.
It isn't very secure to rely on security tools installed on a gateway or mail server if the users can bypass the security measures by downloading attachments from Hotmail or if the users can connect to Kazaa or IRC or any other security risk that does not go through the main corporate email server.
Even after you have locked down access to instant messaging, P2P, 3rd-party POP and web mail access, you still need to educate the users and keep antivirus clients running at the desktop level (a software firewall would be beneficial as well). You don't want to rely on a false sense of security or security through obscurity.
Users will magically and inevitably find their way around security measures. I recommend that the AV running at the client level be from a different vendor than the AV at the server level in the hopes that what one misses the other might catch. But, I know there are arguments that can be made for why they should both be from the same vendor as well.
You do not need to do anything with end user if you use centralized AV products. Did you tried any of these centralized AV products. End user is a teller and does not need to concern with security..we just want them to do their jobs and we are here to remind them that we watching them whatever they do and access in a corporate network.
We do support homogeneus environment since we do support them much easier. If we do differnet products in server and clients we need more time to support them. Time is money and noone pays the cost for such ideas.
And for people who looking to find their way out and in to bypass security measures there are hundreds of tools to catch their activity.
In conclusion what is the scope of your reply to my above message. I did not find any scope of your reccomendations as a reply to his message.
Thank you for your time though...
Reply With Quote