Solved

SAV interupts Hyper-V Machines ?

Posted on 2013-11-25
2
219 Views
Last Modified: 2014-11-12
Once upon a time there was an AD DC with Win2008 R2 Ent x64 and 80GB RAM and 4 quad processors.
On top of that there were three Hyper-V machines. One is the exchange server, one is the Remote Desktop gateway (RD), and the last is just a Plain O’l Server (POS), but it hosts the Symantec Endpoint Protection Manager console as well. All Hyper-V servers are 2008 R2 x64 (just like the mother ship)
  One day we "tried" to install SAV on all of them. As you probably guessed it all went terribly wrong; End users couldn't connect to exchange to get their mail; Remote users couldn't connect to the RD Server.  POS seemed to work fine, but exploding violins were everywhere.

Ended up uninstalling SAV on all machines (except POS) and the clowns got into their little car and drove off.

Kind of would like SAV on the servers (call me old fashioned).
Looking for incite as to what the helllll, and a fix or at lease research material etc.

Since I’m unemployed now I have LOTS of time to get to the bottom of this (kidding).
If anyone has escaped from Zardoz with that information I would reeeally like to know.
0
Comment
Question by:rusb2d
2 Comments
 
LVL 20

Accepted Solution

by:
Svet Paperov earned 500 total points
ID: 39676423
I don’t have a say about running SAV on servers.

However, if you allow me, I would like to put my five cents on what one should consider a good security practice (at least I do); it’s up to you to take it or not.

I prefer having a proactive protection by patching the software regularly (Microsoft rolls out its security updates each month) and locking the door with good piece of firewall and web-filtering appliance than fighting the bad code when it’s already on the server, what the AV does.

Out of the above servers, I would install an AV on the Remote Desktop Server only because of the user activity that happens there but I would also lock down its Internet Explorer to the allowed web sites only, like local Intranet, for example or a very short list of external web addresses (if required for the user tasks).      

---
About the SAV: we replaced out Symantec EP 11 with Kaspersky Security Center two years ago: it’s much lighter on the host, its management console is amazing and it’s cheaper.

As for the e-mail server: we’ve been using hosted anti-spam/anti-virus solution for years – for the price of $1 per month per mailbox it’s worth it: much less traffic on our Internet connection, no more fuss about managing anti-spam definitions locally, storing the Junk out the server in case it’s needed, etc. There are many solutions out there. We recently switched from Google Postini to Microsoft FOPE (now EOP) – Exchange accounts synchronization, user’s whitelist synchronization and very few false positives and negatives.

I hope this helps
0
 
LVL 23

Expert Comment

by:Nagendra Pratap Singh
ID: 39677298
Patches will not help you again email viruses and other nasties.

Perhaps you should use only the SAV designed for exchange etc. I know in one case where an AV program deleted the .EDB file.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
Introduction Windows 2012 is here - it is upon us, and I hope that like me, you will upgrade your Hyper-V to the new version which has been promised to be a lot more stable, flexible and powerful than its predecessor in Windows 2008 R2.  Setting up…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now