We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Virus/Malware/Spyware Network Security Solutions

Feragh
Feragh asked
on
Medium Priority
770 Views
Last Modified: 2013-11-22
I have a somewhat abstract network security question.  I am newly administering networks on two separate locations with around 60 nodes each and have been working to enhance their network security.  I know this encompasses too many areas to go into in a single topic, so I am looking for advice in the area of virus/spyware/malware etc. security.

Currently I have upgraded both networks to Symantec Endpoint Protection 11 for all servers and clients.  I have been doing further research in virus protection and many experts recommend multiple solutions to better protect a network from attack.  For instance, I recently ran into a couple virus attacks which completely bypassed Symantec Endpoint Protection and had to be found and removed manually.  I know this is an issue which can never be protected against fully, but it seems there are solutions which will greatly enhance network security.  One obvious addition is a hardware firewall for both networks which I am currently in the process of obtaining and installing.  For this reason, I would like to narrow this focus down to purely the network software.  My question is this&

What combination of network protection software would you recommend to be placed on both Server and Client machines?  I.E., would you recommend using a malware and/or spyware product in parallel with Symantec Endpoint Protection?  And even though I am utilizing Symantec Endpoint Protection currently, I would also like to hear if you have had better results with other solutions in network environments since others may be needing this and for my own reference when doing future upgrades.  Also, please expound if you feel I have left off other key concerns pertaining to this focus.

My largest concern is experienced issues when combining products of this nature since many of their securities overlap and will cause conflicts, which I have seen many times in the past.  Please add any knowledge you have as to why the proposed solutions are preferable to increase mine and other readers understanding in the area.  Lastly, as is the case in nearly all organizations, cost is an issue.  So if some of the ideal solutions are quite costly, a secondary recommendation for a similar but more cost effective solution would be greatly appreciated.

Thank you in advance for the help and I look forward to hearing from the experts in this area.
Comment
Watch Question

Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Author

Commented:
Thanks for the detailed and informative reply.  That answers many of my questions quite nicely.  You are right in that the companies will most definitely not spring for the cost of the 3 layer solutions, but I will definitely be using several of the suggestions stated above.  I especially like the idea of varying the software makes between the client and server levels.

A couple follow up questions for you.  Have you found any anti-virus/malware products to work better for clients and others for servers?  In my case, both client and servers are Microsoft, namely Windows XP Pro and Windows Server 2003.  I am also curious to know more on your thoughts on anti-spam.  We currently use an anti-spam product from GFI for one company and the other has yet to impletement one.  And are you talking more than just a software based anti-spam client.  The mail client I am using is Exchange 2003.

Thanks again for the help.

Commented:
Anti-SPAM....Brightmail is the best solutions I've ever used.  If your network is small you can get away with loading it directly on the Exchange server.  But the better approach (and the only good approach in larger networks) is to set up Brightmail on a seperate system (btw, this applies to GFI also).  Currently I am using a Barracuda appliance, which also works well.  Takes a bit more maintenance than Brightmail, and I cannot get it "locked down" as much as Brightmail without getting false positives.  I have never used GFI, but it does get good reviews (from my understanding it is utilizing the same technology Barracuda uses).  Brightmail and Barracuda offer anti-virus, as does GFI if I remember correctly from last time I read a product brief for GFI.


Anti-virus probably gets more into the esoteric discussions.  Symantec anti-virus is obviously a leader in market-share, and I've had no complaints on their anti-virus (thought I strongly recommend against their Internet Security Suite product).  McAfee is getting good reviews, but I have had problems in the past with them.  I am using AVG right now with good success (you will find that AVG does not get top-spot on reviews though).  I've also used Fprot on servers many years ago, but their ratings have slipped since I used it last.

My current opinion on Anti-virus is that basically any of the "top 5" products are about the same, and any of the "top 10" will give you about equally good protection.  This, of course, can be the topic of very vigorous debate!

For servers, you do want to be sure that you are using a product specifically designed to run on servers, and from a company that has been around for awhile.  I have used Symantec, Fprot, McAfee, AVG, and a handful of others on servers.  Fprot is the only one that caused problems...I had to tweak it because "out of the box" killed performance on one of our apps.  I also once had a customer blow up a server once when they uninstalled Symantec, and I had to go in and manually clean up the registry for them.
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.