[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Email Virus Protection
I second the vote for using A/V at the gateway and on the server. My organization is an academic institution, and I cannot install as "tight" a security policy as I would like. I have people reading external POP accounts from the same outlook profile as their exchange server. This bypasses the gateway A/V. We are also somewhat limited in the restrictions that I can place on attachments. I can block EXE,VBS, etc; but until last week, I was unable to block SCR. Once I realized what it was, I blocked it on the internal & external. It was already inside so having a gateway-only A/V solution would not have done much. Symantec for Exchange server can block attachments by name. (wildcards too). I was able to stop goner before it got to far. It didn't infect that many accounts (perhaps 100 out of 3000). We use Symantec's products for both gateway and on the server... Good Luck! _________________________________________________ Arron King Network & Systems Administrator Ohio Dominican College [email protected] http:\\www.odc.edu\~kinga -----Original Message----- From: Paul Toyne [mailto:[email protected]] Sent: Monday, December 10, 2001 7:21 AM To: [email protected] Subject: Re: [FW-1] Email Virus Protection BY wrote: > If you have a choice as an Exchange Administrator, would you prefer to > protect your Exchange environment by installing an e-mail > filtering product (gateway) at the DMZ area instead of installing an > anti-virus mail product on the machine running Exchange Server? I would recommend running both. In the past we have only had gateway protection (MailSweeper for SMTP) which worked fine until the recent proliferation of Outlook/MAPI aware viruses. These tend to swamp the Exchange server and consequently take e-mail down for all of your users. Just over 12 months ago, we installed Trend ScanMail for Exchange and have had less of a problem, however Trend seem to take several hours to get patches out for new viruses, such as the recent GONER virus, by which time most of the damage has already been done or your server has been offline for a long time which may or may not be acceptable depending upon your business. Regards, Paul Toyne Security / Network Management, ISAS De Montfort University, The Gateway, Leicester LE1 9BH ENGLAND ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] ================================================= ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] =================================================
|