Re: PCI / AV / Linux DB Servers
- From: "Radoulov, Dimitre" <cichomitiko@xxxxxxxxx>
- To: Stephan Uzzell <SUzzell@xxxxxxxxxx>
- Date: Fri, 31 Jan 2014 18:16:03 +0100
Firewalls. We have no servers directly exposed on Internet.
Regards
Dimitre
Il 31/gen/2014 18:07 "Uzzell, Stephan" <SUzzell@xxxxxxxxxx> ha scritto:
> Hi all,
>
>
>
> We're in a bit of an uncomfortable spot here... We're basically a Windows
> shop, our DB servers have internet access, and therefore our DB servers
> have AV software installed. We have periodically had to disable or even
> remove it on some of our larger database clusters as we have seen slow
> interconnect traffic with it enabled (Symantec Endpoint, mostly version 12
> by this point). As soon as we remove Endpoint, interconnect ping times go
> back to where they should be and we move on.
>
>
>
> We've just started a process of converting to Linux - supposedly we'll
> have all 240+ databases on 11.2.0.3 on Linux by the end of the year. We had
> somewhat assumed along the way that we would not be using AV software on
> our Linux DB servers: lower risk, fewer Linux viruses, &c.
>
>
>
> Our PCI auditor doesn't seem to agree. To satisfy his requirements, we
> need some form our AV software installed. Or some other form of protection...
>
>
>
> So - I guess my question is: people running production Linux environments
> - what do you do? How do you protect your servers?
>
>
>
> Thanks!
>
>
>
> *Stephan Uzzell*
>
>
>
Other related posts:
