Weapons: How to do the antivirus planning of the server?

Recently, I saw a discussion about server anti-virus planning in the forum. I feel that it is useful, so I will sort it out for your readers.

Q: If there are 11 workstations accessing the Internet through one server, how can I plan the antivirus system of the server?

Answer 1: With Avast, management is simple and there are no problems. The disadvantage is that the central control management only has an English interface. Fortunately, the client is a Chinese interface.

Answer 2: The company has used trends OfficeScan, Kaspersky, NOD32, Sophos. Currently using Sophos, it has recently changed to a trend. Compare the advantages and disadvantages of each family, OfficeScan service is good, ESO can master the company's computer poisoning situation, anti-virus skills are OK. Kaspersky anti-virus effect is good, the disadvantage is that the computer performance is strong, otherwise it will be slow. The overall evaluation of NOD32 is good. The disadvantage is that the price is very hard, the number of licenses is very dead, and there is no flexible space. Sophos is ok overall, but the service is not very satisfactory.

Answer 3: If the server is installed with Windows operating system, you can also consider Forefront products. Calculated by the lease method, the average monthly rent per point is about 40 yuan (the same authorization method as EA), and the server can open multiple anti-virus engines. Forefront has built-in scanning engines for nine well-known antivirus vendors, which can start up to five at the same time.

Answer 4: Personal preference McAfee AntiVirus Enterprise with AntiSpyware Enterprise. It allows you to customize the virus pattern by HTTP, FTP, and Network Neighborhood, so you can set the server to go online to update. If the server has an HTTP server, an FTP server, or a network neighbor share, it can be updated by clients that cannot access the Internet. In addition, it can also set multiple units. For example, the R&D department will go to the R&D dedicated host to update, and the business department will update to the service host to avoid overloading the network and server when everyone updates at the same time.

In addition to checking the virus signature, McAfee has another protection method that I particularly like, that is, where there are weaknesses, then to protect these weaknesses - no need to have signatures, you can block Virus Trojan. For example, you can set to not allow you to change the Hosts, or allow the program to write data to the system folder, or limit the browser cache directory to be executed.

Answer 5: If you only want the server version of the anti-virus software, everyone's advice is good, you can send it to the back-end computer by the front-end anti-virus host virus code update. However, according to past experience, if the information usage policy is not planned on the client side, the improvement of poisoning situation is limited. For example, the use of USB flash drive is often the biggest culprit in LAN poisoning.