Re: Mail filter and anti-virus, please advise!

From: "Yakesh Arora" <aroray@xxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Date: Tue, 2 Sep 2003 17:11:06 +0100
What is split tunneling?
----- Original Message -----
From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, September 02, 2003 5:05 PM
Subject: [isalist] Re: Mail filter and anti-virus, please advise!


http://www.ISAserver.org


Hi Kenny,

And don't forget to NEVER allow split tunneling and NEVER allow users to
connect modems to their computers. Both these config allow users to
subvert firewall policy.

HTH,
Tom

Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp




-----Original Message-----
From: Kenny Mann [mailto:Kennymann@xxxxxxxxxxx]
Sent: Tuesday, September 02, 2003 10:57 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Mail filter and anti-virus, please advise!


http://www.ISAserver.org


In general (IMO: In all cases) it's a bad idea to rely on a single
point, as that will inevitably be your single-point of failure.
From your emails I father you are focusing on security in general so...
Many things make up a secure network.

1.) Firewall (ISA, Cisco, IPTables, etc Even Windows 2000 and XP have
TCP/IP filtering built-in, so your client machines can have their own
firewalls, just in case).
2.) Software Updates. I say software updates because this effects
everything. Your firewall, your OS, and your running software. Windows
Update is a good thing to run on a regular basis. If you are worried
about an update hosing your machines, once a week run it on your
machine, then allow other people to update a couple days later. I
believe that Isa 2000 is on SP1.
3.) Antivirus. Having an Exchange addon or mail addon (for whatever mail
server you use) is a good idea. Some machines may not be powerful enough
to run a real-time virus scanner. Upgrade them, or at least install it
and once a week (day?) scan the machine.
4.) When installing Win2K/XP give it an administrator password. Even if
it's something simple/stupid. It may stop a worm that exploits blank
admin passwords or mounts the C$ share.

Anything I missed anyone?

>> Thats the reason, I didnt see any reason for av on every machine.
>>
>> Would'nt you agree?
Me being me, I would rather play paranoid. It's very difficult to cover
all the holes and to stop someone from getting data in. It's been my
experience that people who generally don't know any better accidently
find a way in.. Maybe it's just my luck but...
What if someone sends an attachment that the server can not scan or
accidently allows through?
If your AV doesn't catch a virus, but the next day it's added to your
definitions. You already have a virus in your network.  It is not a fun
way to spend a weekend dis-infecting computers (unless you have some
Nerf toys ;-) and a few friends)
You say that only a couple computers are allows to have access to
floppies and cd-roms, do you mean the drive or disk?
Someone could bring a disk from home and show joe blow in the cube next
door this cool neat game, which is virus infected.
Is it possible for any of them to bring a laptop in and jack it into the
network?
What if they have a USB drive?
FTP access?

</two cents>
Hope this helps!

Kenny Mann

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
aroray@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Re: Mail filter and anti-virus, please advise!

Other related posts:
