Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Antivirus ON the firewall itself

To: "Ed Davidson" <[email protected]>, <[email protected]>
Subject: Re: [FW1] Antivirus ON the firewall itself
From: [email protected] (Carl E. Mankinen)
Date: Tue, 6 Mar 2001 16:51:04 -0500
References: <[email protected]>
Sender: [email protected]

Why run AV software on your firewall?

1) It should be extremely locked down and not subject to infected programs being run..
2) It should have all forms of network file system access disabled, and all uneccesary executables quarantined.
3) No software should EVER be loaded on it except for CheckPoint and Host based IDS.
4) Anti virus software requires updates. Your firewall should be stealthed to not allow any sort of connection to it over the
network anyway.

I can't see any reason why you would want to run AV software on a firewall.

Host based IDS like Intact or TripWire is a different matter.
Your firewall should have very very few filesystem changes occuring and running something like tripwire would be a good measure to
catch anyone that might have compromised the security of your firewall itself.

----- Original Message -----
From: "Ed Davidson" <[email protected]>
To: <[email protected]>
Sent: Tuesday, March 06, 2001 4:15 PM
Subject: [FW1] Antivirus ON the firewall itself


>
> What are problem/good AV software to run on the actual firewall itself?  Not CVP, but on the NT Server?
>
> I have ran into issues with AV and software of this nature before and want to stear away from know issues..
>
> Also -- is there a package that gives a good bundle deal on NT 4.0 SERVER AV & CVP Antivirus?
>
> Thanks
>
> Edwin Davidson
>
>
> http://www.primeinc.com
> **********************************************************************
> This email and any files transmitted with it are confidential
> and intended solely for the use of the individual or entity to
> whom they are addressed.  If you have received this email
> in error please reply to the sender of the message.
>
> The views expressed in this correspondence may not
> reflect the views of Prime, Inc.
>
> This footnote also confirms that this email message has
> been scanned for the presence of computer viruses.
> ***********************************************************************
>
>
> ================================================================================
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
> ================================================================================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] Antivirus ON the firewall itself
  - From: "Ed Davidson" <[email protected]>

Prev by Date: [FW1] DMZ: can't connect to web server from outside
Next by Date: RE: [FW1] DMZ: can't connect to web server from outside
Previous by thread: [FW1] Antivirus ON the firewall itself
Next by thread: [FW1] what licences of checkpoint i need for stonebeat
Index(es):
- Date
- Thread