[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] *AntiVirus Solution*



I have clam and clamwin deployed extensively and it works very well -- as I mentioned last time around I have not bothered with AV for OS X (Sophos quit working when I upgraded to 10.4 frankly it wasn't worth the performance hit to combat a non existent problem).  

I think you could deploy clam and be confident that your network will be secure -- even with a bunch of windows machines, clam will kill any virus(s) on the server before they can do any damage.  

Sophos really does have an option to move (or delete) infected files, more of an issue on the mac is it's desire to mount and scan any volume that has ever been mounted on that machine -- if you get 30+ desktops all trying to scan a network volume you can imagine what that does for both network and server performance!


Thanks


Andy

Spitfire Computer Services

441 Beaver Street

Suite 202

Sewickley, PA 15143

Phone (412) 749-0162

Fax: (412) 749-0203

andy spitcomp com

www.spitcomp.com


On Dec 12, 2005, at 10:25 AM, Robert Mortimer wrote:

All,

Do any of you use ClamAV or KlamAV as your sole antivirus solution in
your organizations? We have used Symantec, which we left, and are
currently using Sophos Anti-Virus since it runs on Macs, Windows and
Linux. However, Sophos doesn't handle infected files very well. Instead
of quarantining the files it leaves them where they are and just informs
the administrator that the computer/user has an infected file. Not an
acceptable solution for our environment.

The "on access" Sophos notification bans access files it does not perform a
scan/cleanup.
Sophos can be set to do a scheduled scan, this does provide clean up
actions.
Sophos can also be used to clean incoming e-mail streams and reject infected
mail.
(we were using it with sendmail/Mime-defang)
On access is useful as is stops propagation between full scans (it is not
provided by Clam under windows but can be provided using clam SAMBA on your
file server).

Note people who activate an "on access" scan event may not (should not) have
the permissions needed to move viruses about our network, any clean up for
"on access" would have to be done under these permissions. If that includes
sending to quarantine that implies access to you quarantine store, you
really do not want to go there. That is why you set up correct permissions
and use them for a scheduled scan.



So again, have/do any of you use ClamAV/KlamAV as your sole antivirus
solution and how is it working for you and do you recommend it for
heterogeneous networks? Any comments or suggestions from anyone on this
is welcome and appreciated. Thanks in advance!

-Paul

--
Paul VanGundy
Information Technology Director
Epping High School
Epping Middle School
P: 603.679.5472
F: 603.679.2966

_______________________________________________
K12OSN mailing list
For more info see <http://www.k12os.org>


_______________________________________________
K12OSN mailing list
For more info see <http://www.k12os.org>



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]