Gateway security device Vs software running on a PC ?

I wanted to get some inputs from experts who have been managing some small business networks (>75 PC's) as how they handle the following things:

- anti-virus
- Malware
- spyware
- trojan's
- internet browsing threats
- email scanning threats


We were using the Symantec locally on the PC's and on a server from a decade.
Since recent time things have changed and users are getting the fake antivirus threats and they accidentally click. The best way to clean up is using some free tools like malware bytes.

Now we are planning to implement some new software or a gateway device which will take of anitivirus,rojan,email,spyware threats in our network.

I was looking at some ads about some gateway security appliances which can be installed on our network internet gateway.

1.  How good are these gateway security appliances ?

2. Are they easy to manage compared to a software based one a server ?

3. Does the security appliance take care of everything ?(antivirus,spyware,malware,email threats,trojans, etc ) ?


Email me your inputs based on your experience.

Ours is a small business network (>50 PC's), can spend more if its worth with a appliance compared to software based.




OCUBEAsked:
Who is Participating?
 
Jeff PerkinsOwnerCommented:
  I've had good experience with the Sonic Wall solutions. They do have gateway comprehensive coverage, and I use it for an added layer of protection. But prefer a seperate antivirus, it's possible that the antivirus protection they sell is sufficient, but I prefer to run one from a company that does nothing but antivirus.
   I was a Norton man for about 10 years, until 2006 when their software became such a resource hog. You will notice a big performance difference if you pull that and switch to something a little less grabby. My preference is the Eset Nod 32.
   As for anti-malware, I've tried many, and don't rely on the firewall appliance for this either. If there's been a problem with users getting malware infections, I usually recommend purchasing the pro version of malwarebytes, this keeps all but a few baddies from slipping by.
  And as always a good security briefing and personal use policy is better than any protection you can install.  Educating users as to what can happen if they do the things that get them in trouble, and making a company policy that the user has to take care of paying for cleanup, goes a long way.  Many of my clients have this policy, although they don't usually enforce it, but after having a security meeting and explaining stuff to the users, and telling them they will have to, it certainly cuts down on the problems.
0
 
williamvanerpCommented:
Take a look at Barracuda appliances (http://www.barracudanetworks.com). We use the web filter for internet traffic filtering / scanning and the spam filter for e-mail scanning. They get the whole deal for anti spam, virus, malware etc.

Barracudas are really easy to implement and maintain. Support is 24h included, also remote support on the device. If you get one, it takes 5 minutes to configure and it works.

The also have a total solution in the NG Firewall which includes more the blocking and filtering.
0
 
Matt VCommented:
A good gateway appliance is a hardened purpose ready device.  Installing software on a server leaves you open to server OS attacks as well.
That aside, there are often good combinations of security device (firewall/ips) and server implemented (anti-virus, web proxy filter etc.) that also make sense.
It really depends on environment, budget etc.
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

 
InteraXCommented:
I would also add that you should keep some security on the client machines. Just imagine the impact of not having AV on your clients/servers and then someone brings in a virus on a memory stick/laptop etc.
Within the border, windows firwall and AV should cover you acceptably, but at the border, you should look at a decent firewall at the minimum, with possible anti-spam/av/proxy/content control depending on your needs.
0
 
Robby SwartenbroekxMSP engineerCommented:
I've a lot of experience using Vasco's aXsGUARD Gatekeeper. We are very happy with it, but is can not completly remove the need for a local anti-virus solution installed on each PC because virusses can also infiltrate via CD/DVD and USB sticks.

It is capable of filtering all webtraffic, analysing it with a virusscanner and it uses SNORT to analyse traffic to see if it is legit data. you can also monitor and block (or allow) webtraffic based on generic and custom filters.
It can also filter SPAM and scan mails with 2 different virusscanners and block mails based on attachment types, senders and recipients.
It has lots more features, you can read it all on their website http://www.vasco.com/products/axs_guard/axs_guard_gatekeeper/axs_guard_gatekeeper.aspx

The drawback is that it is not usable in very large environments were you need clustering to spread the load., but I have not experienced any problems with about 200 to 300 users (I don't have any experience with larger environments).
0
 
OCUBEAuthor Commented:
So looking at the inputs from the experts, it seems that we need to have some kind of antivirus program running on the local pc's inspite of having a gateway appliance.
0
 
Jeff PerkinsOwnerCommented:
That would definitely be my recomendation. Unless you completely strap down user systems, disable the usb ports, disable optical drives, and any other method of input into the systems, it only takes one person coming to work with a usb drive or ext hdd, to quickly download something they need and boom, your whole network has a virus running through it that never had to go through the gateway....
   Not to mention that nothing, and I do mean nothing short of disconecting from the outside world, will stop everything.  There is no 100% sure fire protection system. So if you have a two fold or more layers, you hare more secure.  
   You can use a server managed antivirus, I'm partial to Nod32, they have a control center that comes with their business license, and are priced for better pricing as the number of users goes up and even cheaper to renew.  You can distribute and control your av from the server/servers or from a workstation, your preference.
0
 
OCUBEAuthor Commented:

Thanks
0
 
Jeff PerkinsOwnerCommented:
Thank you!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.