NO AV on windows virtual servers

Hi, I am trying to make a good argument and document it as to why I don't want to run antivirus on my virtual instances of server 2008 and 2012. Does anyone have a good basis? Please do not respond if your goal is just to convince me to run it as that is not the purpose of this exercise.

Thanks
Dave
tkthelpdeskAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

epichero22Commented:
I would say that you don't use the computers for email or web browsing, you've set the proper security policies with regards to web access, programmed the firewall, locked the computers down with security policies, there already is an anti-virus running on the host machine and it scans your virtual drives, you're creating regular images of the virtual machines, and, most importantly, you know what you're doing and have the common sense to avoid the likes of viruses and malware.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
As expressed by Epichero22, I agree with him but I would go further and suggest you install MS EMET (Enhanced Mitigation Experience Toolkit).  Below is an explanation of what EMET is from Microsoft:

The Enhanced Mitigation Experience Toolkit (EMET) is a utility that helps prevent vulnerabilities in software from being successfully exploited. EMET achieves this goal by using security mitigation technologies. These technologies function as special protections and obstacles that an exploit author must defeat to exploit software vulnerabilities. These security mitigation technologies do not guarantee that vulnerabilities cannot be exploited. However, they work to make exploitation as difficult as possible to perform.
0
Sean JacksonInformation Security AnalystCommented:
The one additional thing I'd suggest is to have a white-listing service running on your servers, and then I'd say you're as secure as you could be, and adding AV wouldn't improve your security posture at all.

When 'they' come back and say, "but you NEED AntiVirus!"  Be polite, but remind them that McAfee himself said AV is dead, and Symantec said they need to put their focus on products that make a better difference.  AV relies on signatures of the software, and hackers have become smarter than that, and they obfuscate their software by changing the signature. Boom. AV is dead.
0
JohnBusiness Consultant (Owner)Commented:
AV relies on signatures of the software, and hackers have become smarter than that, and they obfuscate their software by changing the signature

EMET is helpful for mitigating against this. I have EMET running, and it was suggested above here. But it has its limits as well and is really a zero day stand in waiting for security patches to be readied and updated.

Always remember:  People who get viruses on their computers are NOT hapless victims. They invite viruses in by clicking on links purporting to help them. So if you are very sure about your own level of common sense, keep Windows updated, and use EMET (understanding its limitations), you are probably OK.
0
Natty GregIn Theory (IT)Commented:
I have never run AV on my servers, for the simple fact that my servers though can be on the internet, there was no need to go on the internet from the server itself. They have always sat behind a firewall serving up goodies.
I support you 100% no AV on server.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.