Solved

Installing Software on a Domain Controller

Posted on 2010-11-18
7
421 Views
Last Modified: 2012-05-10
A general question that I would like to have some experts opinions on. What are you feelings about installing software on a Windows 2003 domain controller. We already have McAfee VirusScan 8.7 installed. We just purcahsed McAfee Anti-Spyware as an add-on to VirusScan 8.7. Is it neccessary to install the add-on to our DC's? Is it neccessary to even have VirusScan 8.7 installed?

Thanks
0
Comment
Question by:AGenMIS
7 Comments
 
LVL 23

Expert Comment

by:jakethecatuk
ID: 34163834
Although Microsoft always say that you don't install anything on a domain controller, there are a few givens that you can install.

AV is a good example, and personnaly, I wouldn't run any DC with an AV package installed.

Whether I would install anti spyware though is another question.  In theory, anti spyware will protect you from anything being installed covertly from a website for example.  As you shouldn't be browsing the web from an AD server - why would you need anti spyware?

0
 
LVL 4

Expert Comment

by:Jsblanton
ID: 34163857
I never install anti spyware protection on my servers, especially real-time protection. It's a recipe for trouble if you ask me. The majority of spyware/grayware is going to be picked up from surfing the internet, which shouldn't be done from your servers. Now, possibly if it's a terminal server I might make an exception. Otherwise, I would recommend against it, I think if you called Mcafee and asked them they would probably say the same.
0
 

Expert Comment

by:rfvirani
ID: 34163861
We have similar setup and installed VSE 8.7 with Anti Spyware module on all our servers including DCs [a mix of 2003 and 2008] and it works good.

I think it is important to have antivirus and anti spyware on sever to prevent them from getting affected in case a virus/spyware breaks out on network.
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 4

Expert Comment

by:Jsblanton
ID: 34163896
@rfvirani:   I'm not sure where you heard this, but it's pretty much SOP to not install spyware protection on servers. It may "work good" for now on certain servers, but it's too broad of a blanket statement to say that you can install anti-spyware on any server and it will "work good".

@AgenMIS: It's your decision but I HIGHLY recommend not following this advice.
0
 
LVL 10

Accepted Solution

by:
jramsier earned 500 total points
ID: 34164041
Anti-Virus is a yes, I dont do it but is usefull.  I do remote scans on my DC.  Anti-Spyware is just waste of resources on the server.  you should never be using browsing on any server (except like terminal servers).  Should always test can copy over files.
0
 

Author Comment

by:AGenMIS
ID: 34164621
Can spyware infect a server by other means then surfing the web? Removable drives?
0
 
LVL 4

Expert Comment

by:Jsblanton
ID: 34164751
Technically, yes. But you shouldn't have random users plugging removable drives into your servers if you ask me. If you are worried about your server getting infected, there are online remote scanning options like another expert had mentioned. Ultimately it's up to you, but I would suggest not putting anti-spyware on your server. Good luck.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Server 2000 functional level to server 2008 r2 5 73
"Why did the system shutdown, unexpectedly? Getting the message at login. 4 63
inactive users 13 80
Enterprise Mode 4 30
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question