Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Need info on Firewall or Security Sofware 4

Status
Not open for further replies.
sqladmin99

sqladmin99

IS-IT--Management
Nov 14, 2002
47
0
0
US
Hi,

I work in a small company with 25 to 30 computers. We have windows 2000 single domain network with one exchange server and one file server. We use Integrated T1 line for phone system and Internet connection. T1 line comes out of router that is maintained by ISP. We use Norton Anti-Virus Enterprise Edition for protection against viruses.

Since last few months I have been spending more and more time in supporting desktop. Even though all of the users in organization have restricted access, everyday bunch of spyware get installed on these desktops. I also noticed that every employees uses either windows media player or RealPlayer to listen to live music that takes up lot of bandwidth.


Is there any program or hardware firewall that can take care of Spyware, Viruses and Spam all together?

Or

If we have to buy separate solution for each task (Virus, Spyware and Spam) than which programs do you recommend?

My company wont spend lot of money but I can convince our management team to spend 2 to 3 thousands dollars. What would be the best solution that can fit our budget?


I appreciate your help regarding this issue.

Thanks

RS
 
Sort by date Sort by votes
for my 2-cents i would suggest:

barracuda spam firewall on the inbound (it can use active directory and do ldap lookups before forwarding emails on exchange - which will accept just about anything...)this feature alone is worth a million because of the reduced amount of garbage into your network.

a firewall is a must with a persistant connection. there are many to choose from. i manage 5 different units. many reason why or why not... look at watchguard fireboxes for easy config types. pretty affordable too. cisco pix are great, but a bit complex to setup if you are not accustomed to cisco products. nokia and checkpoint ... the list goes on. ISA works too, and you can use it as a proxy server for outbound web access. (2 for 1 on that..)

if you set up your rules correctly, your only real threat would be with inbound emails carrying viruses, ect. and you
can (and should) block or quarrentine by extension type on inbound mail and downloads....

take some time to speak with reps, get reviews and opinions and most of all, if you have to manage it, don't purchase something that will be way out of your league to manage.

(watchguard and barracuda are very easy to build)

just my 2-cents

scottie
 
Upvote 0 Downvote
Thanks scottie for your help.


So barracuda or watchguard will take care of spam and malicios software.

And

We can just buy Norton Anti-virus for client computer and Exchange server for viruses from inbound messages.

Is this what you are suggesting?



thanks

Rajan



 
Upvote 0 Downvote
I am managing the same size of network and for the anti virus, nortons corporate edition is ok but the 9.0 version I have is very great because it has the ability to sense mails that appears threat and you can configure it to send the mail back to the sender.If you use the 7.0 or 8 version and you decide to use the 9.0 you may need to uninstall the old version before you apply the 9.0 and you may need to edit the registry for items that could not be uninstall.
But I will advise you to visit Nortons site to learn much about that.
For spams try mozilla browser that works fine with spams etc; or just type mozilla in google search engine
 
Upvote 0 Downvote
sqladmin99,

just for clairity, the barracuda only tackles inbound mail. it scans for virus and extensions right out of the box, but you can config it to check subject,content,and just about anything else. it self updates the virus defs and firmware updates. as i mentioned above, the ability to use ldap queries to active directory is great because if the mail is not heading to a valid user, it gets dumped before entering the network. as well as many other features and a good price for the unit and a subscription to the updates, ect.

the watchguard is a firewall appliance. you would put this in line right after your router from the internet. when you set it up, rules are configured to allow specific protocols (http, smtp, https, ftp, ect.. ) and deny all else. you can also filter and allow by extension type, so as to keep most of the stuff off the network. again, there is alot more that this product can do (and some things it can't) but generally speaking, it is affordable and dependable and writes off good logs for reviewing.

security is best approaced in multiple layers of different products. this makes it more difficult for hackers, ect, to navigate and footprint.

any network today should have a good antivirus program running. i prefer norton enterprise. easy to setup and it takes care of it's self. you will also need the exchange antivirus software, cause you never run a file based virus scanner on the the exchange box. this all comes with the enterprise package. it is a cost, but the cost of downtime, lost productivity and lost data far outweighs this cost. it is the cost of doing business today...

so if i had to setup a small office and offer protection for the network, my first suggestion would be a cisco router at the internet point with a ACL configged to deny traffic in from private addresses (spoofs) and then block the know ports of trojans (all of this is available on the net or maybe the cisco forum) and filter then route the traffic to the watchguard. then config the firewall using the reasonable guide books that come with it, and some online assistance. maybe create a dmz for the mail (barracuda) and configure it (again resonable directions included). of course there is much more to this process, but in a nutshell, this is it. you will then have a pretty stout network defense posture. there are some great books available as well as endless products to work with. personally, i prefer a physical device (appliance) for each layer. check out the book "building internet firewalls". this book is a really good starting point for thinking and doing just what you need to accomplish.

do your homework, narrow down the costs and approach your manager or controller with some facts about the cost of downtime and data loss associate from the crap you want to keep out of the network. if you make an intelligent, informed presentation, you may just get the money you need to help you sleep well at night....


good luck

scottie
 
Upvote 0 Downvote
are you running VoIP on this T1? or is it a split pipe for data and voice?

this will weigh-in when you start denying packets...

scottie
 
Upvote 0 Downvote
Just for a few others to evaluate, I have a win2k network, same size as yours.

We run;

Norton enterprise, and norton for exchange
Symantec raptor firewall
Policy patrol (redearthsoftware.com) spam filter.

This all works really well together, we get no viruses, and very little spam.

You might consider changing to firefox too - having considered it to be just geeky in the past, I gave the new version a try and am convinced. The latest version is just about identical to IE (so not user probelms), and the security is better.
 
Upvote 0 Downvote
Thank you all for your suggestions.


I have one last question regarding aboved discussion.

Can nicely configured Firewall (either ISA or Hardware Firewall) take care of all spyware and adware problems on client computers? Or I should buy anti-spyware program for each client?




 
Upvote 0 Downvote
you can get free software like ad-aware or spybot, ect to run on the desktops. if you block .exe's and other file types at the firewall, then the user will have to bring the file in on a disk. email's will be your next biggest threat. look into a spam / email firewall to filter attachments comming in from mail.
 
Upvote 0 Downvote
For spyware the best thing is to install an alternate browser. I run a shop about the same size as yours and just using Firefox instead of IE has cleared up most of the spyware problems I had.

But you can and should still install spybot and adaware. They're free and, according to a recent study, they do a better job than the commercial anti-spyware apps.
 
Upvote 0 Downvote
Two cents...

I run both Spybot and Adware on all servers/wks machines and Norton CE AV.. between the three, my client's networks remain clean of Internet scum

With Spybot, add the Spybots S&D host list to the workstation and servers host file

With Adaware, get the Adaware plus or pro version which has adwatch.exe, a resident program which stops malware/popups software and registry entries.

Adware adwatch.exe takes a little time to adjust too, there are certain features which can block need functions within programs and on the Internet.. much better than adjusting to malware
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
116
Aquiles Vidal
Aquiles Vidal
ADB100
  • Locked
  • Question
Single Windows 7 Ultimate workstation not applying Registry, Drive Map or Printers GPO settings
Replies
1
Views
79
technome
technome
DrB0b
  • Locked
  • Question
Hybrid on prem AD with Azure AD
Replies
2
Views
84
DrB0b
DrB0b
StevenFromSouth
  • Locked
  • Question
VPN Connects but cannot access remote network computers or folders
Replies
1
Views
73
StevenFromSouth
StevenFromSouth
James281
  • Locked
  • Question
Enrolment agent (enrol on behalf of) stopped working
Replies
1
Views
61
mikehook
mikehook

Part and Inventory Search

Sponsor

Back
Top