Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Netapp: toasters

Filers and anti virus software benefit

  

 
Netapp toasters RSS feed   Index | Next | Previous | View Threaded


joelk at encs

Dec 8, 2009, 12:19 PM

Post #1 of 4 (1673 views)
Permalink
Filers and anti virus software benefit
Most of our clients (1000) accessing the filers for home directory
shares are protected with an anti virus tool that scans a file on
opening. There are unmanaged clients which have access to the filers and
they may or may not be protected with an anti virus that is up to date,
but they only risk infecting their own files in general.

Is there any real benefit to having virus checking implemented on the
filer as well. Given that zero day infections will not be stopped, the
additional cost of dedicated virus scanners and software licensing is
significant, the performance hit with thousands of users will be high;
what have other filer administrators used as arguments for or against
using these products.

Any experience from administrators where the product has been of value?


Joel


klises at caminomedical

Dec 8, 2009, 1:08 PM

Post #2 of 4 (1564 views)
Permalink
Re: Filers and anti virus software benefit [In reply to]
"Defense and Depth"..
http://en.wikipedia.org/wiki/Defense_in_Depth_(computing)


In my opinion, I have had viruses that were attempted to be uploaded to the
filer from users that HAD anti-virus protection, and after I implemented the
AV, I was able to scan some of the users shares, and found some viruses.
The problem was the users AV definition was out of date.

We use Trend and it is an inline scanner, as well as scans on a weekly
basis. I don't care for the trend product, but its what the org has paid
for, and it does work. The reporting for this product is very poor at best.

Hope this helps.


Joel Krajden wrote:
>
> Most of our clients (1000) accessing the filers for home directory
> shares are protected with an anti virus tool that scans a file on
> opening. There are unmanaged clients which have access to the filers and
> they may or may not be protected with an anti virus that is up to date,
> but they only risk infecting their own files in general.
>
> Is there any real benefit to having virus checking implemented on the
> filer as well. Given that zero day infections will not be stopped, the
> additional cost of dedicated virus scanners and software licensing is
> significant, the performance hit with thousands of users will be high;
> what have other filer administrators used as arguments for or against
> using these products.
>
> Any experience from administrators where the product has been of value?
>
>
> Joel
>
>
>

--
View this message in context: http://old.nabble.com/Filers-and-anti-virus-software-benefit-tp26700591p26700784.html
Sent from the Network Appliance - Toasters mailing list archive at Nabble.com.


xischaune at yahoo

Dec 9, 2009, 12:46 AM

Post #3 of 4 (1562 views)
Permalink
Re: Filers and anti virus software benefit [In reply to]
Hi...

Well...we dont use any antivirus at all in our environment...and yes some home directories do have viruses etc...but that doesn't affect other users...since as a policy .exe files are not allowed in home directories...so better let em have it who keep EXEs in their home directories... :)
instead of keeping dedicated virus scanner servers,occupying rack space and power coupled with overheads of file access performance etc, better is to have better performance for majority of users and let few have the viruses...
Thanx





________________________________
From: steve klise <klises [at] caminomedical>
To: toasters [at] mathworks
Sent: Wed, December 9, 2009 2:08:00 AM
Subject: Re: Filers and anti virus software benefit


"Defense and Depth"..
http://en.wikipedia.org/wiki/Defense_in_Depth_(computing)


In my opinion, I have had viruses that were attempted to be uploaded to the
filer from users that HAD anti-virus protection, and after I implemented the
AV, I was able to scan some of the users shares, and found some viruses.
The problem was the users AV definition was out of date.

We use Trend and it is an inline scanner, as well as scans on a weekly
basis. I don't care for the trend product, but its what the org has paid
for, and it does work. The reporting for this product is very poor at best.

Hope this helps.


Joel Krajden wrote:
>
> Most of our clients (1000) accessing the filers for home directory
> shares are protected with an anti virus tool that scans a file on
> opening. There are unmanaged clients which have access to the filers and
> they may or may not be protected with an anti virus that is up to date,
> but they only risk infecting their own files in general.
>
> Is there any real benefit to having virus checking implemented on the
> filer as well. Given that zero day infections will not be stopped, the
> additional cost of dedicated virus scanners and software licensing is
> significant, the performance hit with thousands of users will be high;
> what have other filer administrators used as arguments for or against
> using these products.
>
> Any experience from administrators where the product has been of value?
>
>
> Joel
>
>
>

--
View this message in context: http://old.nabble.com/Filers-and-anti-virus-software-benefit-tp26700591p26700784.html
Sent from the Network Appliance - Toasters mailing list archive at Nabble.com.


joelk at encs

Dec 19, 2009, 12:34 PM

Post #4 of 4 (1378 views)
Permalink
Re: Filers and anti virus software benefit [In reply to]
Thank you for the feedback Glenn.

We have decided that the overhead does is not worth the benefits. We
have hundred of students compiling executables on a daily basis which
would end up being scanned.

Joel

Quoting Glenn Walker <gwalker [at] aetas>:

> We use it extensively, but I swear I think it's only added overhead.
>
> There are lots of issues wrt size of container, type of data, etc. In many
> cases, the files need to be excluded (PST for example). Our particular
> environment has virus scanning on laptops, servers, mail gateways, mail
> servers, etc, so there seems to be little added benefit (as you mentioned,
> zero day infections will not be stopped). That said, while we employ
> several devices to perform this function (3 per cluster for home\shared - we
> do _not_ scan application data), there seems to be no performance impact.
> It's really an insurance policy, which is very cheap compared to how much
> money is spent on all other infrastructure combined. But actually
> beneficial? I don't really think so...
>
> Glenn
>
> On Tue, Dec 8, 2009 at 3:19 PM, Joel Krajden <joelk [at] encs>wrote:
>
>> Most of our clients (1000) accessing the filers for home directory shares
>> are protected with an anti virus tool that scans a file on opening. There
>> are unmanaged clients which have access to the filers and they may or may
>> not be protected with an anti virus that is up to date, but they only risk
>> infecting their own files in general.
>>
>> Is there any real benefit to having virus checking implemented on the filer
>> as well. Given that zero day infections will not be stopped, the additional
>> cost of dedicated virus scanners and software licensing is significant, the
>> performance hit with thousands of users will be high; what have other filer
>> administrators used as arguments for or against using these products.
>>
>> Any experience from administrators where the product has been of value?
>>
>>
>> Joel
>>
>>
>



--
| Joel Krajden | Rm: EV-7105, Tel: 514 848-2424 3052 |
| Core Services Manager | |
| Engineering & | Email: joelk [at] encs |
| Computer Science | www.encs.concordia.ca/~staffcs/joelk |
| Concordia University | In a circus, the clowns are supposed |
| Montreal, Canada | to make you laugh, not cry. |

Netapp toasters RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.