> We're running a couple of Windows Web Server 2008 servers with IIS7 and CF > MX7. > > What security/AV software are you guys running on this sort of setup?
Are you avoiding the use of file uploads? Have you properly secured the filesystem and limited the permissions of the CF service account? If the answer to both of these is "yes", you don't really need AV software on a web server. If you do allow file uploads, you might want to use AV specifically to scan the directory where you allow these uploaded files (which of course should not be in a web-accessible directory). You can use any AV software that can be limited to scanning a directory when it changes. There are all kinds of other "security" software: host-based firewalls, web application filters, change monitoring tools like Tripwire, etc. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-server/message.cfm/messageid:6998 Subscription: http://www.houseoffusion.com/groups/cf-server/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-server/unsubscribe.cfm
