Need advice for anti-virus strategy for small Windows NT/2000 network

  • Thread starter Thread starter Mail Ias
  • Start date Start date
M

Mail Ias

I need an anti-virus strategy for a small network. The network consists of 14
Windows 2000 workstations and two NT4 Server machines in a single domain
environment.

Here a few questions and concerns:
1.) How much should I expect to spend, both initially and ongoing?
2.) How easy is the software to use?
3.) Can it be managed from a single station?
4.) Will the AV software break more things than it fixes?

P.S. - I've already spent a considerable amount of time using Google and
Google Groups to research this. I have a few ideas for solutions but wanted to
get some input from others. Therefore I've left this question very
open-ended.
 
Mail Ias said:
I need an anti-virus strategy for a small network. The network consists of 14
Windows 2000 workstations and two NT4 Server machines in a single domain
environment.

Here a few questions and concerns:
Click to expand...

Before we dive deep, a couple of questions:

- What is your business purpose?
- Do you have a firewall and mail gateway?
- Which specific areas do you consider to be at risk today and in the
future?
- Are all the devices desktop or any laptops?

Cheers,

..\/.artin
 
Before we dive deep, a couple of questions:
- What is your business purpose?
Click to expand...
Manufacturing company, low tech products
- Do you have a firewall and mail gateway?
Click to expand...
Firewall - Linksys wireless router/gateway. It's at a smaller remote office
with 24/7 Internet connection. We get feed over ISDN BRI nailed up to that
office. Each office has a "non-routable" subnet and a WAN IP config between
the two.

Mail Gateway - POP mail provided by major ISP. No mail servers running in
house.
- Which specific areas do you consider to be at risk today and in the
future?
Click to expand...
I'm mostly concerned about a virus or worm destroying data or just wreaking
havoc on our systems. I'm sure there are plenty of other things to be
concerned about too.
- Are all the devices desktop or any laptops?
Click to expand...
Three laptops. They generally do not connect to the network. I'll probably
need to lock those down too however.
 
Mail Ias said:
Manufacturing company, low tech products
Click to expand...

OK,

Sorry for the delay in responding... My wife (yes a geek with a wife ;) )
had an operation on Tuesday, so I have been busy with the kids and
everything...
Firewall - Linksys wireless router/gateway. It's at a smaller remote office
with 24/7 Internet connection. We get feed over ISDN BRI nailed up to that
office. Each office has a "non-routable" subnet and a WAN IP config between
the two.

Mail Gateway - POP mail provided by major ISP. No mail servers running in
house.
Click to expand...

OK, so you have a boundary, with general access to the rest of the
company... Though from what you are saying the remote office is ISDN linked
- assumedly point to point?

If so, your company boundary is wherever your Internet connection is.
I'm mostly concerned about a virus or worm destroying data or just wreaking
havoc on our systems. I'm sure there are plenty of other things to be
concerned about too.
Click to expand...

Backups would be an idea :)
Three laptops. They generally do not connect to the network. I'll probably
need to lock those down too however
Click to expand...


There *are* small scan central management systems for organisations such as
yours which you can check out if you want to go down the central reporting
and management route...

But based on the low number of machines, I think you are not going to
benefit significantly from a management perspective from large amounts of AV
infrastructure e.g.: Central Management, gateway Mail/HTTP scanning... Of
course you can do this with products that allow scanning of HTTP, POP3 and
SMTP for your machines should you wish, but my guess is you will not be
working with a huge budget.

I would suggest that standalone machines with their own (very!) regular
updates and a documented procedure on how to update the signatures/engine in
an Emergency scenario, and how to distribute new versions would suffice...

Also consider upgrading or changing ISP to one that provide AV scanning of
incoming mail... Or go to the solutions such as Postini or MessageLabs who
will scan your incoming email from the Internet.

You may also like to look at Managed Service solutions such as the McAfee
VirusScan ASAP which will provide updates over the web, with central
reporting... These solutions are aimed at organisations such as yours for
servers and clients - regardless of if they are at your office on mobile
(which would work for your three laptops too) as long as they have a link to
the Internet...

Hope that helps...

Cheers,

..\/.artin
 
Back
Top