Is it necessary to have anti-virus on a Windows 2008 file server?
September 7, 2012 3:51 PM Subscribe
Is it necessary to have anti-virus on a Windows 2008 file server?
My IT guy says it's not necessary to have any antivirus on our file server. He says it takes too many resources and that viruses are incapable of executing from clients.
This doesn't sound safe to me. My approach would be to install antivirus and disable real-time scanning. I would set a schedule for scans.
What is the best approach to ensure that we are protected?
Details: We have Kaspersky Business Space Security (which includes a license for a special Kaspersky File Server Version)
My IT guy says it's not necessary to have any antivirus on our file server. He says it takes too many resources and that viruses are incapable of executing from clients.
This doesn't sound safe to me. My approach would be to install antivirus and disable real-time scanning. I would set a schedule for scans.
What is the best approach to ensure that we are protected?
Details: We have Kaspersky Business Space Security (which includes a license for a special Kaspersky File Server Version)
Best answer: 21 year systems and security guy here. If I were to do a security audit on your company's systems, no AV on a piece of critical infrastructure would be almost certainly listed as a moderate-to-high risk deficiency, depending on any other mitigating controls.
So yes, you should most definitely have AV on your file server, it's just a no-brainer. Of course it consumes resources, but that just means that a good sysadmin should size the server to accommodate the additional resource hit. AV isn't a security panacea, but it's still a very necessary piece of defense in depth.
posted by deadmessenger at 4:14 PM on September 7, 2012
So yes, you should most definitely have AV on your file server, it's just a no-brainer. Of course it consumes resources, but that just means that a good sysadmin should size the server to accommodate the additional resource hit. AV isn't a security panacea, but it's still a very necessary piece of defense in depth.
posted by deadmessenger at 4:14 PM on September 7, 2012
Best answer: We run a Netapp NAS cluster for file sharing. While the NAS itself is highly unlikely to be infected (it runs a propitiatory O/S), it can certainly store virii and share them out to ~4000 connected CIFS users.
We have 4 dedicated A/V servers which constantly scan the NAS on file access, along with end-point A/V on every user's XP desktop.
posted by Diag at 4:21 PM on September 7, 2012
We have 4 dedicated A/V servers which constantly scan the NAS on file access, along with end-point A/V on every user's XP desktop.
posted by Diag at 4:21 PM on September 7, 2012
Best answer: Yes. Absolutely.
Your IT guy has apparently never heard of zero-day remote exploits.
Someday (probably his last day on whatever job he has at that time), he will.
posted by pla at 4:44 PM on September 7, 2012 [1 favorite]
Your IT guy has apparently never heard of zero-day remote exploits.
Someday (probably his last day on whatever job he has at that time), he will.
posted by pla at 4:44 PM on September 7, 2012 [1 favorite]
Response by poster: Wow, thanks for all the experienced answers! It looks like it is unanimous.
posted by colecovizion at 5:25 PM on September 7, 2012
posted by colecovizion at 5:25 PM on September 7, 2012
Yep ... get this for a laugh ... I had a novel netware server wipe itself from a Dos boot sector virus on the boot partition ... (back in 1998) ... just because it is unlikely that the server will ever execute infected code doesn't mean that it can't somehow find its way on and cause havoc!
posted by jannw at 10:24 AM on September 8, 2012
posted by jannw at 10:24 AM on September 8, 2012
« Older More car cigarette adapter problems | Civilian Review Committees for Federal Employee... Newer »
This thread is closed to new comments.
posted by Cosine at 4:04 PM on September 7, 2012