RE: mailbox store down

  • From: Danny <nocmonkey@xxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Mon, 10 Jan 2005 15:02:38 -0500

On Mon, 10 Jan 2005 15:13:46 -0400, Steve Moffat <steve@xxxxxxxxxx> wrote:
> Well I, and no doubt many others, would stay away from them. In fact I
> do not install any AV products on Exchange servers.

Any computer - including servers - plugged into a network are
vulnerable to malware (viruses, worms, backdoors - malicious software)
infection. A strong gateway/firewall with built-in anti-malware
scanning is obviously highly-recommended, but should not be relied
upon to protect all devices plugged into the network logically behind

The best protection from malware comes in the form of multiple layers. 

> Servers are servers, and therefore should not be at risk from mail borne 
> viruses.

No matter what the role of the computer (file server, workstation, MTA
server, AD, etc.), if it's plugged into the network it WILL be at

The only way to remove the risk: unplug the node from the network.

IMO, the only way to mitigate the risk of malware intrusion/infection
is through layers from at least two different vendors:

-Run A-M (anti-malware) protection at your border
-Block unessential email attachments at your border
-Run A-M at the SMTP level of your gateway MTA's
-Run A-M on your Exchange databases
-Run A-M on all nodes (workstations, servers, etc.) connected to the network 
-Keep all of your software up-to-date/patched
-Notice the "Workaround" section of MS security bulletins
-Monitor multiple A-V vendor websites for new threats & verify virus
definition/signature compliance
-Run frequent tests to ensure your systems are doing their job

*This is just a list of somethings of the top of my head.

> And worms should be caught at the gateway/firewall.

You should not rely on one layer. There are too many "what if..."'s. 

There are many "free" systems you can implement, so budget constraints
are not always a factor. As Greg stated, a single point of failure is
bad and can quite easily be avoided without spending a fortune (even
if it did cost a fortune, it would be much cheaper than recovering
from a virus outbreak).


Other related posts: