Solved

Server 2008 R2 Remote Desktop Services Antivirus solution

Posted on 2011-03-02
18
2,841 Views
Last Modified: 2013-11-22
Hello,
I am going to be implementing a new Server 2008 R2 domain structure running a Server 2008 R2 Remote Desktop Services server, Exchange 2010 Server and SQL 2008 Server all running in separate VM's on a Server 2008 R2 Hyper-V host and wanted some information regarding antivirus. I have a 55 user domain that all 55 users will log in via RDS. Currently we have a 2003 Domain running Terminal Services, Exchange 2003 and SQL 2005 running on their own physical boxes. The antivirus we use (ESET NOD32) is effective but runs a process for every user logged on and I have noticed that occasionally there are problems with the process that causes it to crash and sometimes crashing the primary ESET process and the server. I would like to move away from that type of situation.

We just recently implemented Postini Message Security service and I have been using OpenDNS content filtering along with a SonicWall TZ210 with the full Comprehensive Security Suite (Gateway AV, Spyware, Intrusion Prevention, Content Filtering) installed for some time. Keep in mind 48 of those users are accessing the server through VPN tunnels from remote offices and the TZ210 scans the VPN connections as well and the end users local pc's do have antivirus installed.

Those products/services seem to be doing a good job of blocking websites that are inappropriate and/or malicious and in blocking viruses, spam and malware before it actually hits my servers.

My question is has anyone had any experience using just firewall gateway and cloud based AV, Spam and content filtering and not installing any local AV on the server. The users have no way of physically accessing the server to use USB or the CD drive.

Any information and/or suggestions would be welcome.

Thanks in advance
Robert
0
Comment
Question by:Gadgetguyz
  • 9
  • 6
  • 3
18 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 35020155
Well in theory everything should be caught at the gateway filter but you know not everything is full proof. I suggest installing AV on the systems as well because this gives you a layer of security on the system itself. McAfee runs well on a Terminal Server.
0
 

Author Comment

by:Gadgetguyz
ID: 35020507
True nothing is 100% even locally installed AV which is why I feel the multi-layered approach that I have in place should be a good defense w/o the resource drain of a locally installed product. Considering the end users cannot access physical equipment that opens up USB attacks etc. on the server I am hoping to be able to eliminate the cost, management and resource issues of installing an antivirus software. I am hoping someone has actual real world experience with a configuration similar to what I am wanting to use that can attest to it's effectiveness.

I do appreciate your comment!
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 250 total points
ID: 35020742
I have had the configuration you want but again we still had some issues on the server itself even though users don't have access to the physical server the gateway device was still not catching everything which would allow for malware and virus to install on Terminal Server. Without virus protection on the Terminal Server we weren't notified of any infection until the system was fully infected and needed a rebuild at that point.

The overall issues are not knowing you are infected or not on the server.
0
 

Author Comment

by:Gadgetguyz
ID: 35020906
I see your point thanks for clarifying. What I have been seeing is even companies such as McAfee and Symantec are offering AV as a SaaS solution which is what Postini service is doing and the SonicWall is filtering email and http traffic. How long did you run your configuration?
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 35021067
Well the site had it in for a while but I don't know how long until  they got affectted and how long the site could have been potentially having private data been sent to hackers
0
 

Author Comment

by:Gadgetguyz
ID: 35021485
Thanks I appreciate your input.
0
 
LVL 6

Expert Comment

by:Flipp
ID: 38615486
Just wanted to get some advice from someone as I have a very similar setup coming up with Server 2012 and Hyper-V with SonicWall TZ210 and about 30 Users.

Do you install AV on clients local machine as well on the RDS Server?

Any recommendations on configuring client machines to lock down?
0
 

Author Comment

by:Gadgetguyz
ID: 38618050
I do not have software AV installed on the server at all. I have been running a router/cloud AV solution and AV installed on each workstation. I have been running this solution for a couple years without any issue. I have a SonicWall NSA 250MW running the comprehensive security suite.
0
 
LVL 6

Expert Comment

by:Flipp
ID: 38618481
Oh cool, so AV for Workstations is a hosted solution, so I am assuming all workstations even if they just are connecting to RDS Server have AV?
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 

Author Comment

by:Gadgetguyz
ID: 38618514
t
hat is correct each workstation has a stand alone installs of Microsoft Security Essentials.
0
 

Author Comment

by:Gadgetguyz
ID: 38618525
Sorry that last comment was posted on my mobile not sure why it dropped that line down.
0
 
LVL 6

Expert Comment

by:Flipp
ID: 38618526
Do you manage these installs/updates in any way AND what product do you use on RDS Server?
0
 
LVL 6

Expert Comment

by:Flipp
ID: 38618533
We had looked at using MSE for Small Business but it seems to be only for Home or Home Office Use Only - unless something has changed?
0
 

Author Comment

by:Gadgetguyz
ID: 38618537
I don't manage the workstations all they are is simply clients to connect to the RDS server. The RDS server has no anti virus all my anti virus is handled through my router and cloud solutions.
0
 
LVL 6

Expert Comment

by:Flipp
ID: 38618544
Interesting ....... would love to find out more about your architecture. You available via email or chat?
0
 

Author Comment

by:Gadgetguyz
ID: 38618557
sure I'd be happy to talk to you about it do you use Google Plus?
0
 
LVL 6

Expert Comment

by:Flipp
ID: 38618573
Sure do - how do I search for you?
0
 

Author Comment

by:Gadgetguyz
ID: 38618675
Here is a link to my profile - http://gplus.to/rwarren
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Let’s list some of the technologies that enable smooth teleworking. 
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now