Two vendor strategy in virus protection

#1 (**permalink**) 02-27-2007, 09:40 AM

Hello NG

I heard from one key account manager of a anti-virus company that it is
no longer necessary to have two anti-virus vendors to secure your network.
What is your experience?
This could help us to save a amount of money by relaying only on the AV
on the client and getting rid of the AV on proxy and mail server.

JÃ¶rg

--
JÃ¶rg SchÃ¼tter http://www.schuetter.org/joerg
joerg@schuetter.org http://the-brights.net/
http://badvista.fsf.org/

#2 (**permalink**) 02-27-2007, 04:44 PM

From: "Joerg Schuetter" <nntp@schuetter.org>

| Hello NG
|
| I heard from one key account manager of a anti-virus company that it is
| no longer necessary to have two anti-virus vendors to secure your network.
| What is your experience?
| This could help us to save a amount of money by relaying only on the AV
| on the client and getting rid of the AV on proxy and mail server.
|
| Jörg
|

He';s wrong.

A good strategy is to have one vendor's solution on the email servers.
Another vendor's solution on the File and Print servers and workstations
Another vendor's solution on gateways and/or proxys.

This way one vendor may catch what another vendor may miss.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

#3 (**permalink**) 02-28-2007, 04:05 AM

David H. Lipman wrote:
> From: "Joerg Schuetter" <nntp@schuetter.org>
>
> | Hello NG
> |
> | I heard from one key account manager of a anti-virus company that it is
> | no longer necessary to have two anti-virus vendors to secure your network.
> | What is your experience?
> | This could help us to save a amount of money by relaying only on the AV
> | on the client and getting rid of the AV on proxy and mail server.
> |
> | Jörg
> |
>
> He';s wrong.
>
> A good strategy is to have one vendor's solution on the email servers.
> Another vendor's solution on the File and Print servers and workstations
> Another vendor's solution on gateways and/or proxys.
>
> This way one vendor may catch what another vendor may miss.

another reason he's wrong is the "getting rid of the AV on proxy and
mail server" part... client side security apps are good (necessary even)
but they're prone to failure due to such things as users turning them
off, mobile devices (laptops, pdas, smart phones, etc) connecting to the
network without adequate (or any) client security software, etc...

scanning at the mail server provides fault tolerance through redundancy
(though it should probably be part of a more general content filtering
effort so as to affect defense in depth)...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"