Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Effective Policies?

Status
Not open for further replies.
jrjuiliano

jrjuiliano

MIS
May 1, 2001
447
US
I wanted to see what other people are doing and how effective their policies have been. This is for a networked environment, with NAV CE (or something similar).

Was wondering how you formed your policies for your machines. For example, do you install NAV on EVERY machine in your network? Do you do a full scan every day? Do you have it set to scan ALL files or just specific ones (specific extensions)?

This might help me (and others) form a plan of their own based on 'standard' implementations...

For my network, I have about 20 Win 2000 PC's, one Win 2000 server.

I have two Win 2000 Pro NAV servers, and split off clients based on need to update. The ones that use mail and Internet the most get to update their own defs if they think they are behind. The others are completely managed through policy.

ALL files are scanned as they go. This causes a little bit of drag, but could be worth it in the long run.

ALL PC's run a full virus scan daily. Seems like overkill but we haven't had a problem yet! Might even adjust to even or odd days. As it stands I think this is what is causing the drives to fragment the most.

I use the Live Update Administrator and all my machines get their updates through a local Live Update server.

I think that's about it. How 'bout you? :) J.R. Juiliano
Information Systems Specialist
Tri-City Emergency Medical Group
 
Sort by date Sort by votes
I take a 3 level approach.

I use the MessageLabs SkyScan service. It runs all incoming/outgoing email through 4 different AV engines.

Then I have a WatchGuard Firebox Firewall that denies practially all attachments, except .zip, and office documents. Since it looks at the actual data packets, it can determine if an attachment is buried in another attachment or hidden in some way.

Then I run NAVCE on all computers except the SQL Server. It checks ALL file types

All computers get a full scan nightly (4am)

I only exclude the recovery bin from daily scans and real time scanning.

Hope that helps!
 
Upvote 0 Downvote
Man, that's pretty serious!
Thanks for replying! J.R. Juiliano
Information Systems Specialist
Tri-City Emergency Medical Group
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

electricpete
  • Locked
  • Question
effective scanning of rar files
Replies
2
Views
39
paulhthomas
paulhthomas
MRoberto
  • Locked
  • Question
Content Filtering Rules / Policies -- What do you have setup?? 1
Replies
2
Views
33
MRoberto
MRoberto
tuliphead
  • Locked
  • Question
Templates for group policies in Symantec System Console?
Replies
0
Views
14
tuliphead
tuliphead
Frankenherder
  • Locked
  • Question
Norton Corp 8, priotiy of Policies
Replies
2
Views
26
Frankenherder
Frankenherder
Frankenherder
  • Locked
  • Question
Norton Corp 8, priotiy of Policies
Replies
0
Views
17
Frankenherder
Frankenherder

Part and Inventory Search

Sponsor

Back
Top