RE: AntiVirus & ISA 2000

• From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 19 Nov 2004 06:16:23 -0800

That's the super-paranoid in you talking.
If ANY machine on the network gets infected, they're all potential
victims regardless of the AV solution you have in place.

Why is this, you ask (go ahead; ask)?
AV products are by their very nature, "reactive".
What this means is that if a brand-new virus hits the streets, then if
could infect your entire network before your precious AV distribution
server could get, much less redistribute the updated bits and
signatures.

Do what you can, update your sigs and bits every 4 hours, and push them
to the clients.

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!
 
 

-----Original Message-----
From: mithu@xxxxxxxxxx [mailto:mithu@xxxxxxxxxx] 
Sent: Thursday, November 18, 2004 10:35 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: AntiVirus & ISA 2000

http://www.ISAserver.org

If a LAN machine got compromised - and, there was a worm/virus that
targets ISA Server 2000 on the inside in some way - is it not possible
to
get a virus with some unknown w2k vulnerability?

System resources are not an issue for me - I'm just more concerned about
knowing that it does not cause any system problems on ISA 2000. If it
has
no affect on the firewall functions then it would be nice to at least
know
you are looking out for viruses. Of course, I'd like to hear your expert
opinions on my reasoning....

> Hello
> No worm can come in since there is no allow or publish rule created
from
> outside to ISA itself. It just passes packets. As an example if there
is a
> new virus going to web servers running IIS, ISA machine just passes it
> unless you run any server on ISA and then you need an army
> 
> > -----Original Message-----
> > From: mithu@xxxxxxxxxx [mailto:mithu@xxxxxxxxxx]
> > Sent: November 18, 2004 11:16 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: AntiVirus & ISA 2000
> > 
> > http://www.ISAserver.org
> > 
> > What about a worm that comes thru some unexpected future w2k
> > vulnerability?
> > 
> > Has anyone put Symantec AntiVirus Corporate for the server's own
> > protection in a ISA 2000 box?
> > 
> > 
> > > I see no reason to put AV on the firewall. How would it ever
become
> > > infected? You never run the browser, you never run e-mail clients,
you
> > > never run any client software or server software other than the
ISA
> > > firewall software on it. You don't allow connections from hosts to
any
> > > vulnerable ports either. So, the only function of AV software is
to
> > > introduce perforamnce reduction and potential for increased attack
> > > surface.=20
> > >
> > > HTH,
> > >
> > > Tom
> > > www.isaserver.org/shinder
> > > Tom and Deb Shinder's Configuring ISA Server 2004
> > > http://tinyurl.com/3xqb7
> > > MVP -- ISA Firewalls
> > >
> > >
> > > -----Original Message-----
> > > From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]=20
> > > Sent: Thursday, November 18, 2004 8:32 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: AntiVirus & ISA 2000
> > >
> > > http://www.ISAserver.org
> > >
> > > I can't see why not? I use Trend Server Protect on my ISA 2004
box.=20
> > >
> > > Andrew
> > >
> > >
> > > -----Original Message-----
> > > From: mithu@xxxxxxxxxx [mailto:mithu@xxxxxxxxxx]=20
> > > Sent: Thursday, November 18, 2004 8:27 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: AntiVirus & ISA 2000
> > >
> > > http://www.ISAserver.org
> > >
> > > To protect the server itself. Is Symantec AntiVirus Corp 9.0 an
> > > acceptable
> > > solution to run on the machine? Will it interfere with the ISA in
> > > anyway?
> > >
> > > > Please clarify what you are asking about.
> > > >=20
> > > > Are you asking about AV to scan the data flowing through ISA, or
are
> > > you
> > > > asking about AV to protect the server itself?
> > > >=20
> > > > John Tolmachoff
> > > > Engineer/Consultant/Owner
> > > > eServices For You
> > > >=20
> > > > > -----Original Message-----
> > > > > From: mithu@xxxxxxxxxx [mailto:mithu@xxxxxxxxxx]
> > > > > Sent: Thursday, November 18, 2004 10:29 AM
> > > > > To: [ISAserver.org Discussion List]
> > > > > Subject: [isalist] AntiVirus & ISA 2000
> > > > >=20
> > > > > http://www.ISAserver.org
> > > > >=20
> > > > > On this site it says don't install any applications on an ISA
2000
> > > box -
> > > > > now, does that include AntiVirus software?
> > > > >=20
> > > > > If AV software is allowable - what do you recommend? Is Norton
> > > AntiVirus
> > > > > Corporate 9.0 a workable solution on an ISA 2000 box?
> > > > >=20
> > > > > Thanks.
> > > > >=20
> > 
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: http://www.windowsnetworking.com
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List
as:
> > ara@xxxxxxxxxx
> > To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

Other related posts:

• » AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » Re: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000
• » RE: AntiVirus & ISA 2000

1. Home
2. isalist
3. Archive
4. 11-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---