Solved

SAV interupts Hyper-V Machines ?

Posted on 2013-11-25
2
223 Views
Last Modified: 2014-11-12
Once upon a time there was an AD DC with Win2008 R2 Ent x64 and 80GB RAM and 4 quad processors.
On top of that there were three Hyper-V machines. One is the exchange server, one is the Remote Desktop gateway (RD), and the last is just a Plain O’l Server (POS), but it hosts the Symantec Endpoint Protection Manager console as well. All Hyper-V servers are 2008 R2 x64 (just like the mother ship)
  One day we "tried" to install SAV on all of them. As you probably guessed it all went terribly wrong; End users couldn't connect to exchange to get their mail; Remote users couldn't connect to the RD Server.  POS seemed to work fine, but exploding violins were everywhere.

Ended up uninstalling SAV on all machines (except POS) and the clowns got into their little car and drove off.

Kind of would like SAV on the servers (call me old fashioned).
Looking for incite as to what the helllll, and a fix or at lease research material etc.

Since I’m unemployed now I have LOTS of time to get to the bottom of this (kidding).
If anyone has escaped from Zardoz with that information I would reeeally like to know.
0
Comment
Question by:rusb2d
2 Comments
 
LVL 20

Accepted Solution

by:
Svet Paperov earned 500 total points
ID: 39676423
I don’t have a say about running SAV on servers.

However, if you allow me, I would like to put my five cents on what one should consider a good security practice (at least I do); it’s up to you to take it or not.

I prefer having a proactive protection by patching the software regularly (Microsoft rolls out its security updates each month) and locking the door with good piece of firewall and web-filtering appliance than fighting the bad code when it’s already on the server, what the AV does.

Out of the above servers, I would install an AV on the Remote Desktop Server only because of the user activity that happens there but I would also lock down its Internet Explorer to the allowed web sites only, like local Intranet, for example or a very short list of external web addresses (if required for the user tasks).      

---
About the SAV: we replaced out Symantec EP 11 with Kaspersky Security Center two years ago: it’s much lighter on the host, its management console is amazing and it’s cheaper.

As for the e-mail server: we’ve been using hosted anti-spam/anti-virus solution for years – for the price of $1 per month per mailbox it’s worth it: much less traffic on our Internet connection, no more fuss about managing anti-spam definitions locally, storing the Junk out the server in case it’s needed, etc. There are many solutions out there. We recently switched from Google Postini to Microsoft FOPE (now EOP) – Exchange accounts synchronization, user’s whitelist synchronization and very few false positives and negatives.

I hope this helps
0
 
LVL 23

Expert Comment

by:Nagendra Pratap Singh
ID: 39677298
Patches will not help you again email viruses and other nasties.

Perhaps you should use only the SAV designed for exchange etc. I know in one case where an AV program deleted the .EDB file.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Introduction RemoteFX is already in use today, but you're probably not aware of it.  With the advent of Windows 2012 and Windows 8, RDP has gotten a whole lot better due to the fact that RDP now uses even more RemoteFX technologies to make desktop …
Few best practices specific to Network Configurations to be considered while deploying a Hyper-V infrastructure. It may not be the full list, but this could be a base line. Dedicated Network: Always consider dedicated network/VLAN for Hyper-V…
This is a video describing the growing solar energy use in Utah. This is a topic that greatly interests me and so I decided to produce a video about it.
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now