In my environment there are thousands of windows machines and although they have virus software there are always some cracks so I take the position that if you afford to do it and there is enough windows data to merit it then you should have virus protection on the Filers.
My company already has Symantec NAV internally throughout the oganization as well as Mcaffee products on all the firewalls and e-mail servers. Given that Norton was here and they were the first to come out with a working product for the Filers I looked at it. It worked ok and has gotten better in time. 2 years ago I fully deployed Carrier Scan 2.0 which is now SAVSE 4.x. There have been some issues but during migrations from older Novell/NT servers to the Filers I have caught and cleaned 100's of viruses, especially from Novell servers. In the case of one migration from a merging companies server we caught 1400 viruses in one migration. Granted that isn't the norm but it happens.
The set up I have built is basically that each filer has a dedicated 1GB network connection for Admin. Admin in this case includes snap mirror and virus scanning. Each Filer also has 2 virus scanning serves dedicated to it each with a 1GB network connection. Moving forward with the newer symantec version I will be pooling all of these scanning servers to basically create a scanning farm. I should mention this solution might be overkill for some but on our home server filers we have 3000+ clients each. We do not have scanning on our NFS only Filers but have over 50TB of data that is being scanned.
Lastly since we already have a Symantec platform I leveraged that environment using the LiveUpdate features of Symantec so my virus definitions are automatically updated as our virus people stress test new definitions and roll them out to our LiveUpdate server(s).
From: Geoff Hardin geoff.hardin@dalsemi.com To: toasters@mathworks.com Subject: Virus Scanning Date: Tue, 25 Mar 2003 11:44:53 -0600
I was wondering what other admins were using for virus scanning. And as an aside, I really want to know whether it is worth the time and money. Basically, I've been asked to evaluate the virus scanning software out there for the filers, but I'm not really sure it's even necessary. I am a UNIX admin, so I typically don't see the viruses that plague my NT compatriots, but I don't believe we've really had a problem on our filers with CIFS shares. But maybe I'm just biased, so that's why I'm asking for your input.
Which A/V software do you use a) McAfee NetShield for Netapp b) Symantec Antivirus for Netapp c) Trend Micro Server Protect d) other (are there any others?)
Is it really necessary? Please explain your answer.
Thanks for any and all input.
Geoff Hardin UNIX System Administrator geoff.hardin@dalsemi.com This space is for rent in order to increase company revenue.
_________________________________________________________________ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail