• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 634
  • Last Modified:

How good are Appliance based Antivirus/AntiSpam solutions ?


we are small business company with 45 computers.
we have been using Symantec Antivirus all these years on workstations & Servers.
we have microsoft exchange email server- so we use the symantec mail security for MS exchange as well.

We wanted to migrate to a newer or better solution.

1) Wanted to check with the experts here as how good are the Appliance Based Antivirus Solutions ?

2) I know that appliance based AV's will not replace the workstations AV scanning. we would still need AV on workstations & Servers.  But when we go with any appliance based AV solution at the gateway level, how much of AV maintenance on workstations/server would cut down ?


3) Any inputs from the current appliance AV users ?
0
OCUBE
Asked:
OCUBE
  • 3
  • 2
2 Solutions
 
younghvCommented:
The only "Appliance" I ever used was in the form of hardware firewalls set at the perimeter monitoring traffic through our foundry switch. If you have any examples, we could do a better job commenting.

I always recommend a hardware firewall to all users - even home networks - and for a company your size a server-based enterprise AV applications.

I have had great luck with MSE on home & small networks (up to 10 systems) and think you would do well to evaluate the Microsoft Forefront Endpoint application:
http://www.microsoft.com/en-us/server-cloud/forefront/endpoint-protection.aspx

Malwarebytes will soon have an enterprise version and the two products work very well together.
http://www.malwarebytes.org/products/malwarebytes_enterprise

I am not a fan of any of the AV solutions that attempt to provide a 'suite' of applications - too many things trying to happen at the same time and none (IMO) performing very well.

An EE Article on basic systems protection is here:
MALWARE - "An Ounce of Prevention..."
0
 
OCUBEAuthor Commented:

 How does Barracuda Spam & Virus firewall work ?
0
 
younghvCommented:
I have seen several of our top Experts recommend it, but not personally used it.
We happen to have one of the top networking experts on the planet posting here at EE and I'll ask him to take a look at this question.

He's based in the UK, so not sure if he is still on-line.
0
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

 
OCUBEAuthor Commented:

Thanks for the help
0
 
Keith AlabasterEnterprise ArchitectCommented:
Need to change the perspective of the question a little. In your original question you state you want a newer or better solution - it would help to understand what is wrong (in your view) with your existing system? What doesn't it do that you want it to? What does it do that you DONT want it to? That said, I would want to get rid of Symantec also as I have never found the product to be reliable.

Appliance based AV systems are no different to software based software or even externally-hosted 3rd-party solutions in respect to functionality and - in my view - it does not cut down any maintenance at all. What it DOES do is provide another layer of protection, defence in depth if you like. What an appliance (as close to the edge as possible) can you give you is that first line of defence for most types of traffic - SMTP filtering for attachments etc, a proxy filter for known payloads contained in web sites and most have antispam protection as well.

I will not comment on Juniper as I have never used their products although I have not heard anything disparaging about their offerings.

I agree with YoungV about the suites although an exception to the rule is Sophos. The Sophos suite is not the cheapest but is superb. You also get the benefit that the license also allows your users to install the software on their home computers. Whilst this sounds like a sales gimmick, in truth it means that your home users are protected (and clean) prior to any of them making a VPN connection onto your network and introducing a virus through the back door as often VPN's bypass the edge protection sysyems. Further, if you have laptop users who take their equipment out of the office an appliance serves no purpose so as you comment yourself the need for protection at all levels remain and therefore the maintenance does not reduce. Their central management console and reporting tools/alerting tools are also excellent.

Microsoft's Forefront endpoint security suite is indeed extremely good but I don't normally recommend it unless the client site also has System Manager or similar to control the clients through a dashboard.

You have made no mention about centralised deployment, updating or monitoring - are these required? In addition, you have not mentioned your budget - the products I mention are not the cheapest but all round, they are likely the best.

0
 
OCUBEAuthor Commented:
Didn't got the exact solutions what I am looking for but got some good info to look forward for a solution.
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now