Firewalls. We have no servers directly exposed on Internet. Regards Dimitre Il 31/gen/2014 18:07 "Uzzell, Stephan" <SUzzell@xxxxxxxxxx> ha scritto: > Hi all, > > > > We're in a bit of an uncomfortable spot here... We're basically a Windows > shop, our DB servers have internet access, and therefore our DB servers > have AV software installed. We have periodically had to disable or even > remove it on some of our larger database clusters as we have seen slow > interconnect traffic with it enabled (Symantec Endpoint, mostly version 12 > by this point). As soon as we remove Endpoint, interconnect ping times go > back to where they should be and we move on. > > > > We've just started a process of converting to Linux - supposedly we'll > have all 240+ databases on 11.2.0.3 on Linux by the end of the year. We had > somewhat assumed along the way that we would not be using AV software on > our Linux DB servers: lower risk, fewer Linux viruses, &c. > > > > Our PCI auditor doesn't seem to agree. To satisfy his requirements, we > need some form our AV software installed. Or some other form of protection... > > > > So - I guess my question is: people running production Linux environments > - what do you do? How do you protect your servers? > > > > Thanks! > > > > *Stephan Uzzell* > > >