Centralized Antivirus/Firewall

GoneShootin · 29-03-2006 2:50pm #1

Hellew

I'm trying to figure out which is the best way to protect a number of LAN windows pc's from one locat [i.e server]. The server would be the only machine that will have internet access. How can I best manage each client pc such that they all have adequate antivirus/firewall definitions sent from the main internet source.

What's best practise in this situation?

Gilgamesh · 29-03-2006 2:54pm

well, I think the best solution would be a corporate solution, like Symantec Client security, in which you would be able to manage the config of the clients like firewall rules and AV config through one console, and they would receive their definitions through a Primary AV server.

I think they have license packages for Small businesses too, so it would be a bit cheaper.

am not aware of a solution though like a hardware filewall, which would be able to give you FULL protection in the network, might look into it

GoneShootin · 29-03-2006 3:17pm

Found an interesting solution with McAfee [yes I know about their recent ****up]

http://mcafeeasap.com/intl/EN/content/rumor/howitworks/1.asp

Static M.e. · 29-03-2006 4:03pm

While you are setting up your AV + FW solution. Dont forget about your patch management!

Set up a WUS server. its fantastic stuff. Alot less complicated than some of the commerial products that provide the same solution.

voodoo · 29-03-2006 7:29pm

Hi there,

Yeah, the Managed VirusScan solution from McAfee is very good! It has technology called "Rumour Technology" which essentially means that once all your machines are networked, the one machine that has internet access downloads the daily DAT files and the others pole out on the network looking for teh updates. Very good solution.

GoneShootin · 29-03-2006 10:01pm

Static M.e. wrote:

Set up a WUS server.

A what now?

WizZard · 30-03-2006 2:13pm

WSUS. Well worth it if you don't have any other patch management solution in place.

jank · 30-03-2006 3:16pm

What recent McAfee **** up??

WSUS is great but you have to be carefull it doesnt eat up all yor bandwidth to remote sites even if you have BITS running.

McAfee ePO is what we use. Maybe its a big too big for what your after but its easy to manage hundreds if not thousands of clients from one server and console interface, once you have all your clients managed which can be sometime tricky if you are on different domains to them.

voodoo · 30-03-2006 7:10pm

Jank,

Agree - EPO is the best centralized management solution out there! It really is aimed at large corporates though! Any customers with more than say 150 machines that they need protection should use this. There is another solution from McAfee called Protection Pilot, which is aimed at customers with less than 150 machines. Still quite good for central management though!

In terms of firewalls, still think that some of the solutions out there like the "UTM - Unified Threat Management" solutions should be looked at if you are a relatively small network, have no or little IT resources and looking for a cheap, secure solution which will give you firewall, gateway (email and Web) anti-virus protection, anti-spyware, anti-spam, content filtering, packet shaping, intrusion prevention and the ability to set up VPN connection to your network!

The UTM firewalls will not negate the need to have desktop AV protection however... this needs to be clarified... there are other methods of viruses getting into a network - just think about that iPod or USB stick you use at home

Centralized Antivirus/Firewall

Comments