• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 314
  • Last Modified:

the Good Antiviurs now a day

Hi everybody,

I'm not expet in the security but I need to know about it.

first of all: I need to get some scinetific or expert comparisons between the enterprize antivirueses (not business comparisons). and I need to know your recommedations for the best solution nowadays.

second: I need to know if I should fix a standalone server for the antivirus or not, and I have to make a domin or not?

third: I need to know if this kind of solutinos is suffecient; mean: do I have to install any other solutions (as firewal, malware, antyspyware, etc...).

forth: what's the differnt between the hardware Firewall and the software firewall?

fifth: how the router and swiches effect the security in my network and what's you recommendations.

I know it's a lot but I will thank every body give me any prpoer information about any point.

best regards

0
Ahmed82
Asked:
Ahmed82
1 Solution
 
bruceb2Commented:
Wow, you have some loaded questions.

1.  When it comes to Enterprise AV here are the questions to have answered when evaluating.
          Do they provide a fully working demo that you can test in a lab?
          How often do they release definitions? Weekly, Bi-Weekly
          How often do they release application updates?
     I have worked for companies that have used Norton, McAfee, Trend, and a few others and they all pretty much do the same thing but in different methodologies.  Some kill the virus (Norton), some quarantine it (McAfee) before killing it, Some just tell you it is there and leave it up to you to remove (Trend).  Narrow down the ones that fit your needs and test in a lab setting not on production network.  Put a sniffer on that pipe and watch the traffic.  Some AV programs create a ton of traffic.  One suggestion on test enviroment.  Make one machine with every app you have on it and monitor performance.  I currently run McAfee and my AutoCAD design machines don't like it.

2. Needing a stand-alone server will depend on two factors.  Is it a centralized AV program or De-centralized.  And how much power the AV needs to run.  I have 2 Definition mirrors setup on my network to eliminate traffic but there is no server component to it.  I recommend domains from a sheer security stand point.  Active Directory gives you a ton of tools to use for security and organization.

3.  It never hurts to have those programs in place.  I tend not to install them on every machine due to performance and cost.  I leave the spyware and malware tools in my techs hands to use on an as needed basis.  I do have Windows Defender installed on all machines and the firewall enabled.  SPAM is handled at the gateway level.

4.  A hardware Firewall is like a Cisco PIX or Cisco ASA appliance.  It is a physical device that sits at the parimeter of your network.  A software firewall is an app that can operate like the physical firewall but on a server or can be installed on every device.  I do both.

5.  My suggestion is to crack open the vendor manuals and lock them down.  If they get through your router and your firewall your switches are your next line of defense.  VLANs are a good place to start and it may improve your network performance.

Hope this helps.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now