Join 3,424 readers in helping fund MetaFilter (Hide)


Is it necessary to have anti-virus on a Windows 2008 file server?
September 7, 2012 3:51 PM   Subscribe

Is it necessary to have anti-virus on a Windows 2008 file server?

My IT guy says it's not necessary to have any antivirus on our file server. He says it takes too many resources and that viruses are incapable of executing from clients.

This doesn't sound safe to me. My approach would be to install antivirus and disable real-time scanning. I would set a schedule for scans.

What is the best approach to ensure that we are protected?

Details: We have Kaspersky Business Space Security (which includes a license for a special Kaspersky File Server Version)
posted by colecovizion to Technology (7 answers total) 1 user marked this as a favorite
 
Sysadmin here, I manage around 1,000 servers, half of these run Windows, with very few exceptions all the Windows boxes run AV, we use MS Forefront and find it is pretty light on resources. It's just good IT practice.
posted by Cosine at 4:04 PM on September 7, 2012


21 year systems and security guy here. If I were to do a security audit on your company's systems, no AV on a piece of critical infrastructure would be almost certainly listed as a moderate-to-high risk deficiency, depending on any other mitigating controls.

So yes, you should most definitely have AV on your file server, it's just a no-brainer. Of course it consumes resources, but that just means that a good sysadmin should size the server to accommodate the additional resource hit. AV isn't a security panacea, but it's still a very necessary piece of defense in depth.
posted by deadmessenger at 4:14 PM on September 7, 2012


We run a Netapp NAS cluster for file sharing. While the NAS itself is highly unlikely to be infected (it runs a propitiatory O/S), it can certainly store virii and share them out to ~4000 connected CIFS users.

We have 4 dedicated A/V servers which constantly scan the NAS on file access, along with end-point A/V on every user's XP desktop.
posted by Diag at 4:21 PM on September 7, 2012


Yes. Absolutely.

Your IT guy has apparently never heard of zero-day remote exploits.

Someday (probably his last day on whatever job he has at that time), he will.
posted by pla at 4:44 PM on September 7, 2012 [1 favorite]


Wow, thanks for all the experienced answers! It looks like it is unanimous.
posted by colecovizion at 5:25 PM on September 7, 2012


Yep ... get this for a laugh ... I had a novel netware server wipe itself from a Dos boot sector virus on the boot partition ... (back in 1998) ... just because it is unlikely that the server will ever execute infected code doesn't mean that it can't somehow find its way on and cause havoc!
posted by jannw at 10:24 AM on September 8, 2012


My IT guy says it's not necessary to have any antivirus on our file server. He says it takes too many resources and that viruses are incapable of executing from clients.

This is provably ridiculous. Drop a non-virus EXE on the fileserver and double-click it from a connected client. It will run.
posted by odinsdream at 3:25 PM on September 8, 2012


« Older How do I fix the ac adapter in...   |  How does the idea of a civilia... Newer »
This thread is closed to new comments.