Hi Bakari, AV products marketed for ISA are typically inspecting traffic passing through the firewall, not files located on the firewall. HTH, Tom Thomas W Shinder www.isaserver.org/shinder <http://www.isaserver.org/shinder> ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp <http://tinyurl.com/1llp> -----Original Message----- From: Bakari Allen [mailto:bakari.allen@xxxxxxxxx] Sent: Friday, November 07, 2003 11:29 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Removing Terminal Services from an ISA system http://www.ISAserver.org Maybe I am grabbing the donkey by the tail here, but are you suggesting that the ISA-aware AV products should not be installed on the firewall to protect the network or just to protect the firewall itself? Bakari Allen ballen@xxxxxxxxx -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] Sent: Friday, November 07, 2003 10:54 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Removing Terminal Services from an ISA system http://www.ISAserver.org Hi John, Excellent point. Maybe I should rethink my approach to AV on the firewall. I figure that if no one has write access to the firewall from a network location, and I don't run any client software on the firewall, that I should be fairly safe. Can you think of a scenario that would allow a virus onto the box given those parameters? (excluding the possibility that someone brings a virus infected CD, floppy or USB "drive" to the firewall) Thanks! Tom