Slashdot Mirror

← Back to Stories (view on slashdot.org)

Central Anti-Virus For Small Business?

Posted by kdawson on from the keeping-them-safe-despite-everything dept.

rduke15 writes "I'm trying to find a centrally managed anti-virus solution for a small business network, which has around 20 Windows XP machines with a Linux server. It is too big to manage each client manually. However, there is no no full-time IT person on site, and no Windows Active Directory server — just Linux with Samba. And the current solution with Symantec Endpoint Protection seems too expensive, and too complex for such a simple need. On the Linux server side, email is handled by amavisd and ClamAV. But the WinXP clients still need a real-time anti-virus for the USB disks they may bring to work, or stuff they download from their personal webmail or other sites. I'm wondering what others may be using in similar situations, and how satisfied they are with it."

8 of 359 comments (clear)

  1. We use Nod32 by Mark19960 · · Score: 5, Informative

    It works well, you just need a windows server/workstation to push it to clients and for clients to get updates from.
    It's also not very resource hungry.

    I think 30 seats was around $1000

    1. Re:We use Nod32 by JWSmythe · · Score: 4, Informative

      I hear and find the same thing true with AVG. :) People bring me malware infested machines, so I uninstall AVG and install Avast Home (Free), which takes care of the problems, and protects them in the future.

          I'd highly recommend Avast. It does have a management tool which is what the article is seeking (avast! Distributed Network Manager). The server is free, but it requires a paid version of their software to use with it. Bulk pricing information is here: http://www.avast.com/eng/pricelist-avast-professional.html

      --
      Serious? Seriousness is well above my pay grade.
    2. Re:We use Nod32 by bflong · · Score: 4, Informative

      We did something close to this, actually. We run Linux on all our workstations (with NFS shared home directorys). Then we run VirtualBox with immutable hard drive images. Every time Windows is closed, all the changes made to the system are thrown out. All documents are stored on the server. When new software or updates are needed, the administrator can run the VM with a changeable disk.

      Now we're almost completely weaned off of Windows. The VM's are hardly ever used.

      --
      Why is it so hot? Where am I going? What am I doing in this handbasket?
  2. Sophos by nevhan · · Score: 4, Informative

    Both my university and workplace (of similar size to yours) use Sophos. They provide a number of centralised management tools, centralised update servers etc. Check them out, www.sophos.com.au.

  3. Kaspersky - Support for Windows & Linux by Swampcritter · · Score: 5, Informative

    Kaspersky Enterprise Space Security is comprised of components for the protection of Linux and Windows workstations, file servers and mail systems.

    Samba File Servers are also fully supported!

    More Information -- http://usa.kaspersky.com/products_services/business/open_space_enterprise.php

  4. Re:ClamWin by Anonymous Coward · · Score: 4, Informative

    From clamwin.com website:

    Please note that ClamWin Free Antivirus does not include an on-access real-time scanner. You need to manually scan a file in order to detect a virus or spyware.

    This assumes that the users remember to scan everything before they run.
    (I personally do the clamwin thing for my personal machine, haven't found anything yet)

  5. AV-Comparatives Corporate Report by Ralish · · Score: 4, Informative

    AV-Comparatives recently released their May 2009 Corporate AV Report, which sounds like it may be right up your alley.

    It's fairly large, but reviews a large number of AV products with a corporate focus, contains lots of screenshots, and even grades them on their appropriateness for Small, Medium and Large networks. Sounds like it would definitely be worth a look in your case.

  6. Re:Start with sensible policies. by mlts · · Score: 4, Informative

    For a school setting, (and this is IMHO, so take it for what its worth), I highly recommend these tried and true protection mechanisms for a lab:

    1: DeepFreeze with the enterprise console to allow updating when the lab is closed to the public or students.
    2: Physical case locks.
    3: BIOS set to disallow booting from anything but the hard disk, and each box set with a different password (the list kept somewhere safe)
    4: An enterprise version of Norton Endpoint Protection configured to delete hacking tools (so someone can't load a popular serial number recovery program and have the organization's volume license keys to Office and other utilities.)
    5: 1-2 cameras on the lab.

    DeepFreeze isn't a silver bullet, but it at least makes people take an effort to bypass, even if they have administrative rights. The best advantage of this setup is that you can give users admin access to install whatever chat programs they use during a session, then a reboot cleans all their crap off.