Thank you for the feedback Glenn.
We have decided that the overhead does is not worth the benefits. We have hundred of students compiling executables on a daily basis which would end up being scanned.
Joel
Quoting Glenn Walker gwalker@aetas.org:
We use it extensively, but I swear I think it's only added overhead.
There are lots of issues wrt size of container, type of data, etc. In many cases, the files need to be excluded (PST for example). Our particular environment has virus scanning on laptops, servers, mail gateways, mail servers, etc, so there seems to be little added benefit (as you mentioned, zero day infections will not be stopped). That said, while we employ several devices to perform this function (3 per cluster for home\shared - we do _not_ scan application data), there seems to be no performance impact. It's really an insurance policy, which is very cheap compared to how much money is spent on all other infrastructure combined. But actually beneficial? I don't really think so...
Glenn
On Tue, Dec 8, 2009 at 3:19 PM, Joel Krajden joelk@encs.concordia.cawrote:
Most of our clients (1000) accessing the filers for home directory shares are protected with an anti virus tool that scans a file on opening. There are unmanaged clients which have access to the filers and they may or may not be protected with an anti virus that is up to date, but they only risk infecting their own files in general.
Is there any real benefit to having virus checking implemented on the filer as well. Given that zero day infections will not be stopped, the additional cost of dedicated virus scanners and software licensing is significant, the performance hit with thousands of users will be high; what have other filer administrators used as arguments for or against using these products.
Any experience from administrators where the product has been of value?
Joel
-
Joel Krajden