frederick
Well-Known Member
- Reaction score
- 154
- Location
- Phoenix, AZ
I really didn't know where to put this. Linux, Servers, Security...I honestly did not know. So I threw a dart at my monitor and this is where it landed.
We have a client running various CentOS production servers. A BSD server (24TB), an Exchange Server (87 accounts), and a webserver (<1TB) that is linked to the BSD server. These are all onsite, not like that matters. They asked a great question when I showed a while back to assess their network and give them a quote: "Should we have AV on our File Server?" "HELL YEAH" I said. They receive a lot of uploads from clients via a web interface through their webserver, and our able to also leave files for clients to grab, etc.
When I noticed they were using Linux initially, I didn't consider AV for them, only making sure the Firewall was good given that 1) they are linux, 2) they are a server.
All 3 of these server sit in the DMZ, with adequate firewall protection. I looked around for the AV solution, and many said "ESET will do it". So we installed ESET initially on the File Server, this has been our experience so far.
The web interface isn't too bad at all. It's pretty easy to navigate and manage the software. Given that the servers have no graphical interface, it saves us time from having to enter line by line stuff. We've yet to have a single problem with the web interface. The installation of the software and configuration was really simple. I think I looked at the documents once and that was for the package information.
Once I got it setup, my biggest fear was performance, however, files that initially hit the system are placed in a folder named "unverified-in" and "unverified-out" for each user. Clients of the client go in the in folder, and our clients files go to the out folder. After being scanned, they all end up going to "verified-in" and "verified-out" under each user. We had to set this up ourselves. Scanning doesn't take long, as only files that are uploaded to the server are scanned. Once the files hit this server, in less than 5 minutes it's completed. Keep in mind that server is strictly an in between server sitting on the DMZ. Our clients employees pull files off this server and place them on their internal file server which originally used to scan the files, but this slowed the internal file server down as objects were never taken off these servers and placed on the workstations.
This was pretty simple to setup actually, the scanning part. So when the file initially gets uploaded to this server, it is labeled as not scanned, preventing access. Once it has been scanned, and found to be clean, the file is accepted. If the file is dirty/infected, it gets deleted immediately and we and the user are notified. Has performance taken a hit, nope. The server handles a lot of data daily, and we have not seen a single impact on the overall performance since implementing this. It's kicked back a few files already from the clients of the client, and the actual internal file server has actually improved in performance. Employees have stated they are opening files quicker, and save times have decreased. Overall, much happier.
There is a mail security feature as well, which we have not decided yet to implement as they currently are using our solution for mail filtering. But I can only assume that it is just as good.
We have a client running various CentOS production servers. A BSD server (24TB), an Exchange Server (87 accounts), and a webserver (<1TB) that is linked to the BSD server. These are all onsite, not like that matters. They asked a great question when I showed a while back to assess their network and give them a quote: "Should we have AV on our File Server?" "HELL YEAH" I said. They receive a lot of uploads from clients via a web interface through their webserver, and our able to also leave files for clients to grab, etc.
When I noticed they were using Linux initially, I didn't consider AV for them, only making sure the Firewall was good given that 1) they are linux, 2) they are a server.
All 3 of these server sit in the DMZ, with adequate firewall protection. I looked around for the AV solution, and many said "ESET will do it". So we installed ESET initially on the File Server, this has been our experience so far.
The web interface isn't too bad at all. It's pretty easy to navigate and manage the software. Given that the servers have no graphical interface, it saves us time from having to enter line by line stuff. We've yet to have a single problem with the web interface. The installation of the software and configuration was really simple. I think I looked at the documents once and that was for the package information.
Once I got it setup, my biggest fear was performance, however, files that initially hit the system are placed in a folder named "unverified-in" and "unverified-out" for each user. Clients of the client go in the in folder, and our clients files go to the out folder. After being scanned, they all end up going to "verified-in" and "verified-out" under each user. We had to set this up ourselves. Scanning doesn't take long, as only files that are uploaded to the server are scanned. Once the files hit this server, in less than 5 minutes it's completed. Keep in mind that server is strictly an in between server sitting on the DMZ. Our clients employees pull files off this server and place them on their internal file server which originally used to scan the files, but this slowed the internal file server down as objects were never taken off these servers and placed on the workstations.
This was pretty simple to setup actually, the scanning part. So when the file initially gets uploaded to this server, it is labeled as not scanned, preventing access. Once it has been scanned, and found to be clean, the file is accepted. If the file is dirty/infected, it gets deleted immediately and we and the user are notified. Has performance taken a hit, nope. The server handles a lot of data daily, and we have not seen a single impact on the overall performance since implementing this. It's kicked back a few files already from the clients of the client, and the actual internal file server has actually improved in performance. Employees have stated they are opening files quicker, and save times have decreased. Overall, much happier.
There is a mail security feature as well, which we have not decided yet to implement as they currently are using our solution for mail filtering. But I can only assume that it is just as good.
