Paul used to have a very nice pyramid of coke cans.. --Kevinm TSSSBE, M, WLKMMAS, UCC+WCA, And Beyond http://www.daughtry.ca/ For Graphics and WebDesign, GO here!
-----Original Message----- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 10, 2002 1:19 PM To: MS-Exchange Admin Issues Subject: RE: Is virus protection on the Exchange server necessary? I need something to put my coke cans on. -----Original Message----- From: Toni, Randy [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 10, 2002 1:18 PM To: MS-Exchange Admin Issues Subject: RE: Is virus protection on the Exchange server necessary? so, you want the InoculateIT CD? (heh heh....) > -----Original Message----- > From: Lathrum Matt-P55173 [SMTP:[EMAIL PROTECTED]] > Sent: Wednesday, April 10, 2002 4:10 PM > To: MS-Exchange Admin Issues > Subject: RE: Is virus protection on the Exchange server necessary? > > Ok! Ok! I got it! I agree! :) > > -- > Matt Lathrum > General Dynamics Decision Systems > When cryptography is outlawed, > bayl bhgynjf jvyy unir cevinpl. > > -----Original Message----- > From: Toni, Randy [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, April 10, 2002 12:50 PM > To: MS-Exchange Admin Issues > Subject: RE: Is virus protection on the Exchange server necessary? > > I have a copy of InouclateIT Exchange Option you can have if you > really want to give your Microsoft resident some ammo to support their > argument ;-) > > Why would you knowingly let a virus in just because it's "easy" to > clean up? How many PC's/servers/etc will be melting down while you're > shutting down Exchange to do the exmerge? How much of your sensitive > data (passwords, > whatever) could be floating out to wherever by that time? AV is not > foolproof by itself. Not by a longshot. His comment is "...when a > virus outbreak occurs that actually gets inside...". Hmmmm... I would > personally want to be a bit more proactive. > > By the time you discover the virus even exists, it's may not just the > Exchange server that's toast. We had a recent incident with an exe > file > (virus) that snuck by the SMTP proxy service (firewall) and got into the > Exchange box before the latest AV signatures made it here. It made it > into > 41 mailboxes, oh joy.... Fortunately we hammered it with a trial version > of > a content filtering gateway (a test relay) that used a policy-based > ruleset > to strip it as it blew past the broken proxy on it's towards the > not-yet-updated Exchange server (and ultimately a whole network of > potentially-not-yet-updated PC's). We got the AV sig's a couple hours > later, and even at that point it took some time (not much - but how much > does a worm need?) for the sigs to roll out to every PC. But the test > relay > system rendered it useless. We were lucky. AV (clients, agents. etc.) > and > the SMTP proxy both failed us. A trial system saved out butts. Yeah, I > know, having AV agent on the Exchange box did not help in this specific > instance, but that's just the point - AV updates (even automated, on the > Exchange server, or the desktops, wherever) always have the potential to > leave little windows of opportunity for a brand-new and aggressive worm to > get in. You have to plug every hole. You should be trying to kill it at > the gateway, on any relay servers, on the Exchange box, on the desktops, > at > the servers, wherever you can. > > Defense in depth. Be proactive. Don't knowingly turn your back on > any potential threats. > > > > -----Original Message----- > > From: Lathrum Matt-P55173 > [SMTP:[EMAIL PROTECTED]] > > Sent: Wednesday, April 10, 2002 1:10 PM > > To: MS-Exchange Admin Issues > > Subject: Is virus protection on the Exchange server necessary? > > > > Our environment has Trend running on the firewall for anti-virus and > > content filtering. We have NAV running on the desktops. We are > currently > > evaluating Antigen and SAVF (Symantec) to put on our E2K Exchange > servers > > (including an E2K cluster on a Compaq SAN). However, our Microsoft > > resident is suggesting to us that AV on the servers themselves is > > not necessary and will only introduce problems and instability > > (particularly Symantec's product). He said that when a virus > > outbreak occurs that actually gets inside, a quick ExMerge on the > > server is just as effective as pushing out virus defs using the AV > > product. > > > > With AV software on the firewall and on the desktops, what do people > think > > about not putting AV on the Exchange servers themselves? > > > > -- > > Matt Lathrum > > General Dynamics Decision Systems > > When cryptography is outlawed, > > bayl bhgynjf jvyy unir cevinpl. > > > > > > List Charter and FAQ at: > > http://www.sunbelt-software.com/exchange_list_charter.htm > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm > > List Charter and FAQ at: > http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm List Charter and FAQ at: http://www.sunbelt-software.com/exchange_list_charter.htm
