On 4/12/2016 5:22 PM, Ski Kacoroski wrote:
Hi,
I work for a school district and we are seeing an uptick in
virus/malware events - especially on the mac workstations. We
currently run antivirus on some windows servers and our windows
workstations, but not on our mac workstations, iPads, chromebooks, or
linux servers. In addition we are implementing BYOD so we have a lot
of uncontrolled devices on our network.
Since we are 100% virtual, we are considering antivirus that runs at
the ESX layer instead of putting agents on each server along with
agents on the windows and mac workstations.
I would love to know what your antivirus/malware strategy is and why?
Defense in depth.
*) anti-virus at the desktop
*) anti-virus and anti-botnet at the edge with something like a PaloAlto
firewall with the A/V license and the Wildfire license, optimally. Not
cheap, but it would pay for itself with a single ransomware incident.
*) looking at Observable Networks for intra-site traffic anomaly
analysis with netflow/sflow. Also Reservoir Labs has some forensic tools
for places that have a security team and want to understand incidents
after the fact through something like a 'flight recorder'.
_______________________________________________
Discuss mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
