Go Premium for a chance to win a PS4. Enter to Win


Gateway security device  Vs software running on a PC ?

Posted on 2010-09-22
Medium Priority
Last Modified: 2012-05-10
I wanted to get some inputs from experts who have been managing some small business networks (>75 PC's) as how they handle the following things:

- anti-virus
- Malware
- spyware
- trojan's
- internet browsing threats
- email scanning threats

We were using the Symantec locally on the PC's and on a server from a decade.
Since recent time things have changed and users are getting the fake antivirus threats and they accidentally click. The best way to clean up is using some free tools like malware bytes.

Now we are planning to implement some new software or a gateway device which will take of anitivirus,rojan,email,spyware threats in our network.

I was looking at some ads about some gateway security appliances which can be installed on our network internet gateway.

1.  How good are these gateway security appliances ?

2. Are they easy to manage compared to a software based one a server ?

3. Does the security appliance take care of everything ?(antivirus,spyware,malware,email threats,trojans, etc ) ?

Email me your inputs based on your experience.

Ours is a small business network (>50 PC's), can spend more if its worth with a appliance compared to software based.

Question by:OCUBE

Assisted Solution

williamvanerp earned 498 total points
ID: 33737236
Take a look at Barracuda appliances (http://www.barracudanetworks.com). We use the web filter for internet traffic filtering / scanning and the spam filter for e-mail scanning. They get the whole deal for anti spam, virus, malware etc.

Barracudas are really easy to implement and maintain. Support is 24h included, also remote support on the device. If you get one, it takes 5 minutes to configure and it works.

The also have a total solution in the NG Firewall which includes more the blocking and filtering.
LVL 22

Expert Comment

by:Matt V
ID: 33737248
A good gateway appliance is a hardened purpose ready device.  Installing software on a server leaves you open to server OS attacks as well.
That aside, there are often good combinations of security device (firewall/ips) and server implemented (anti-virus, web proxy filter etc.) that also make sense.
It really depends on environment, budget etc.
LVL 15

Accepted Solution

Jeff Perkins earned 1002 total points
ID: 33737284
  I've had good experience with the Sonic Wall solutions. They do have gateway comprehensive coverage, and I use it for an added layer of protection. But prefer a seperate antivirus, it's possible that the antivirus protection they sell is sufficient, but I prefer to run one from a company that does nothing but antivirus.
   I was a Norton man for about 10 years, until 2006 when their software became such a resource hog. You will notice a big performance difference if you pull that and switch to something a little less grabby. My preference is the Eset Nod 32.
   As for anti-malware, I've tried many, and don't rely on the firewall appliance for this either. If there's been a problem with users getting malware infections, I usually recommend purchasing the pro version of malwarebytes, this keeps all but a few baddies from slipping by.
  And as always a good security briefing and personal use policy is better than any protection you can install.  Educating users as to what can happen if they do the things that get them in trouble, and making a company policy that the user has to take care of paying for cleanup, goes a long way.  Many of my clients have this policy, although they don't usually enforce it, but after having a security meeting and explaining stuff to the users, and telling them they will have to, it certainly cuts down on the problems.
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

LVL 16

Expert Comment

ID: 33737307
I would also add that you should keep some security on the client machines. Just imagine the impact of not having AV on your clients/servers and then someone brings in a virus on a memory stick/laptop etc.
Within the border, windows firwall and AV should cover you acceptably, but at the border, you should look at a decent firewall at the minimum, with possible anti-spam/av/proxy/content control depending on your needs.

Expert Comment

by:Robby Swartenbroekx
ID: 33737337
I've a lot of experience using Vasco's aXsGUARD Gatekeeper. We are very happy with it, but is can not completly remove the need for a local anti-virus solution installed on each PC because virusses can also infiltrate via CD/DVD and USB sticks.

It is capable of filtering all webtraffic, analysing it with a virusscanner and it uses SNORT to analyse traffic to see if it is legit data. you can also monitor and block (or allow) webtraffic based on generic and custom filters.
It can also filter SPAM and scan mails with 2 different virusscanners and block mails based on attachment types, senders and recipients.
It has lots more features, you can read it all on their website http://www.vasco.com/products/axs_guard/axs_guard_gatekeeper/axs_guard_gatekeeper.aspx

The drawback is that it is not usable in very large environments were you need clustering to spread the load., but I have not experienced any problems with about 200 to 300 users (I don't have any experience with larger environments).

Author Comment

ID: 33765855
So looking at the inputs from the experts, it seems that we need to have some kind of antivirus program running on the local pc's inspite of having a gateway appliance.
LVL 15

Assisted Solution

by:Jeff Perkins
Jeff Perkins earned 1002 total points
ID: 33766762
That would definitely be my recomendation. Unless you completely strap down user systems, disable the usb ports, disable optical drives, and any other method of input into the systems, it only takes one person coming to work with a usb drive or ext hdd, to quickly download something they need and boom, your whole network has a virus running through it that never had to go through the gateway....
   Not to mention that nothing, and I do mean nothing short of disconecting from the outside world, will stop everything.  There is no 100% sure fire protection system. So if you have a two fold or more layers, you hare more secure.  
   You can use a server managed antivirus, I'm partial to Nod32, they have a control center that comes with their business license, and are priced for better pricing as the number of users goes up and even cheaper to renew.  You can distribute and control your av from the server/servers or from a workstation, your preference.

Author Closing Comment

ID: 34002668

LVL 15

Expert Comment

by:Jeff Perkins
ID: 34009731
Thank you!

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question