Solved

SAV interupts Hyper-V Machines ?

Posted on 2013-11-25
2
228 Views
Last Modified: 2014-11-12
Once upon a time there was an AD DC with Win2008 R2 Ent x64 and 80GB RAM and 4 quad processors.
On top of that there were three Hyper-V machines. One is the exchange server, one is the Remote Desktop gateway (RD), and the last is just a Plain O’l Server (POS), but it hosts the Symantec Endpoint Protection Manager console as well. All Hyper-V servers are 2008 R2 x64 (just like the mother ship)
  One day we "tried" to install SAV on all of them. As you probably guessed it all went terribly wrong; End users couldn't connect to exchange to get their mail; Remote users couldn't connect to the RD Server.  POS seemed to work fine, but exploding violins were everywhere.

Ended up uninstalling SAV on all machines (except POS) and the clowns got into their little car and drove off.

Kind of would like SAV on the servers (call me old fashioned).
Looking for incite as to what the helllll, and a fix or at lease research material etc.

Since I’m unemployed now I have LOTS of time to get to the bottom of this (kidding).
If anyone has escaped from Zardoz with that information I would reeeally like to know.
0
Comment
Question by:rusb2d
2 Comments
 
LVL 20

Accepted Solution

by:
Svet Paperov earned 500 total points
ID: 39676423
I don’t have a say about running SAV on servers.

However, if you allow me, I would like to put my five cents on what one should consider a good security practice (at least I do); it’s up to you to take it or not.

I prefer having a proactive protection by patching the software regularly (Microsoft rolls out its security updates each month) and locking the door with good piece of firewall and web-filtering appliance than fighting the bad code when it’s already on the server, what the AV does.

Out of the above servers, I would install an AV on the Remote Desktop Server only because of the user activity that happens there but I would also lock down its Internet Explorer to the allowed web sites only, like local Intranet, for example or a very short list of external web addresses (if required for the user tasks).      

---
About the SAV: we replaced out Symantec EP 11 with Kaspersky Security Center two years ago: it’s much lighter on the host, its management console is amazing and it’s cheaper.

As for the e-mail server: we’ve been using hosted anti-spam/anti-virus solution for years – for the price of $1 per month per mailbox it’s worth it: much less traffic on our Internet connection, no more fuss about managing anti-spam definitions locally, storing the Junk out the server in case it’s needed, etc. There are many solutions out there. We recently switched from Google Postini to Microsoft FOPE (now EOP) – Exchange accounts synchronization, user’s whitelist synchronization and very few false positives and negatives.

I hope this helps
0
 
LVL 23

Expert Comment

by:Nagendra Pratap Singh
ID: 39677298
Patches will not help you again email viruses and other nasties.

Perhaps you should use only the SAV designed for exchange etc. I know in one case where an AV program deleted the .EDB file.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Know what services you can and cannot, should and should not combine on your server.
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question