security server 2003 sbe standard recommendations...

i'm currently installing a network with a netscreen 5xp firewall followed by a windows server 2003 small business standard with 5 clients. I'm still not sure how to handle the security of my network. Do I need to activate the windows firewall, what brand and type of antivirus would you recommend( with automatic updates for server and clients without having to even look at it again)? Do I need an extra antispyware program?
Any recommandations would be welcome!!
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Well the windows firewall is better than nothing, but it is still not perfect. For software firewalls, zone alarm is hard to beat. Of course I think it is always better to have a hardware firewall...but it doesn't hurt to have both.

Antivirus is kinda one half dozen or another....there are lots of great programs out there that all basically work quite well. I use Symantec/Norton as that is what my organization has a site license for and I"m quite happy with it.  

Of course make sure all your systems are always kept up to date on patches so patch management software may be something to look at. This, in my opinion, is one of the most critical things that you need to do. Microsoft has a free one called SUS....this is a free software to manage windows updates...doesn't include office updates, but the new version of it that is set to come out next year will.

Centrally managed anti spyware protection is becoming more and more desirable in my opinion. While this won't protect against all malware, it will atleast help. My organization is looking to the server version of spysweeper. It is also good if you can use firefox instead of IE on your clients....a bit help in protecting against malware/spyware. If you must use IE, then I've found this to be very useful: 

Also it is very important to make sure your users do NOT have admin rights on their machines.  

Those are my thoughts on basic security....

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.