This is enough to make your head swim. I have a network of about 150 users. Windows 2003 Servers.
We run Trend Micro Client Security for SMB. Even with Trend running several users get hit with rootkits and the like. I know it is because the go places on the internet that they shouldn't ne going to. I obviously need some kind of Web Filter or in a broader sense some type of Unified Threat Mamagement.
In researching this topic it appears as though there are three basic topologies for doing this:
1) A security appliance
2) Turn the Windows Servers in to Proxy Servers
3) Set up a standalone PC as a Proxy server
Am I completely off base here?
Assuming I am close I am struggleing with the approach to take. I like the security appliances because they off load everything to the security appliance and don't utilize the servers in any way. I don't like the security appliances because they are propreitary and expensive. If one goes down it would be a real pain to get fixed rapidly and the intermet would be down for the duration of the fix.
I don't like using the server as a proxy server just from the standpoint that the less you have your server do the better off you are. One less thing to go wrong.
I like the idea of using a standalone PC as a Proxy Server for several reasons. It still eliminates any burden on the server. If it does go down you stand a good chance of fixing it fast and reasonably (especially if you make an image backup of it). There are a couple drawbacks. The major one seems to be that the UTM Proxy Server software from most vendors will only run on Windows Servers. This makes the price of a Security Appliance a lot more reasonable.
Does anyone have any input on the approach to take? My head is swimming with all the different vendors and their different approaches. I have read several of the threads here and everyone seems to reccommend a different vendor. Isn't there a web page you can go to to get an overall rating of the different vendors?
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…