Win2k3 Server, MSSQL and Sophos Small Business Suite 2

[CHokKA]

Hello everyone. It's been a while since I've posted on these forums, I've been out of the game for a while but I'm back in again. I hope that some of the more experienced users out there can answer a few questions on the above subject. I'll give you a little background information so you have a better idea.

We run a Windows 2k3 server (Enterprise Edition) on a network consisting of less than 20 users. The server is a Dell PowerEdge 2600 RAID server with 1GB RAM (we're adding some more asap) and dual Xeon's. The server runs DHCP, DNS, Exchange, and also stores all our files etc. Not much else is enabled over the defaults (no IIS, ISA). Yesterday I obtained a trial version of Sophos Antivirus Small Business Suite and installed it on the server first so that I could deploy it on the workstations centrally. I got an email from the person that used to look after the server, telling me that I shouldn't be installing Sophos onto the server as it runs its own MSSQL server and that you should not put SQL server on an Active Directory RAID Schema as it will break the schema and require the RAID to be rebuilt. Now I know for a fact that Sophos is designed to be deployed on every PC in your organisation, from the most rudimentry workstations and servers all the way up to the big boys. So I honestly don't see how what he has said can be true since all Win2k and above servers implement Active Directory and will more than likely use RAID. Is this person clutching at straws or is what he is saying true? Am I going to damage something by installing Sophos Antivirus on the server? After all, what is the point in installing an antivirus on every PC on the network except the server? Wouldn't that just defeat the object of having antivirus protection?

Any answers to my above questions would be greatly appreciated. I will be running a full backup on the server but until I took it over there was no backup process implemented at all on our network, so the new backup kit should be here tomorrow. Hopefully some of my questions will be answered by then

 

[Jpoandl]

I'm not sure what the person is telling you is true..


"telling me that I shouldn't be installing Sophos onto the server as it runs its own MSSQL server and that you should not put SQL server on an Active Directory RAID Schema as it will break the schema and require the RAID to be rebuilt."

What is an Active Directory RAID Schema? I don't think this is even a term.

RAID has to do with data protection from a hard disk level. It doesn't matter what kind of data exists on a RAID volume (SQL, AD, Flat files, etc). There is no way that the type of information sitting on the hard disks will corrupt data. If your RAID protection is working properly, your Schema can not break. (There are two types of RAID: HARDWARE RAID and SOFTWARE RAID)

Although, technically you can install SQL on a domain controller, it is not recommended. This is because SQL on a domain controller is a potential security risk. Also, there is a performance hit when the two operate together. However, in a small organization it may be necessary as buying a new server just for SQL is expensive. Resource:

http://www.winntmag.com/Articles/Index.cfm?ArticleID=4536

As for the Antivirus question, I would think that you are right and that the antivirus software can exist on the server without any problems. It is very common to run antivirus software on servers. I am not familiar with your brand of software but I would assume that this can safely be run on the server (especially if the box says compatible with Windows servers). However, you may need to create special antivirus rules for the server. There are certain directories that you may want to skip scanning due to the performance problems that occur. The best source for this type of information will be the software companies web site.

-hope this helps...

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please check out

http://www.NJCOMPUTERNETWORKS.com

(Sales@njcomputernetworks.com)

 

[dkediger]

Agree with Jpoandl -

This person is blowing smoke. Is there a reason he is "the person who used to look after the server"?

You are correct in that Sophos is designed to be hosted on a server in order to protect workstations in the network. With 20 users, having everything on one server is usually not a problem, as long as the hardware is up to snuff. Indeed, Microsoft offers the Small Business Server suite which includes Exchange and SQL server in the Premium edition - they all run on one machine.

Sophos has an excellent AV reputation, and network AV is pretty much their only focus. They're a bit pricey, but the extras they offer can make it worth the extra license costs.

 

[CHokKA]

Thanks for the fast replies. It is nice to know that I am not the only one struggling to understand what he is on about, but unfortunately I am not certified so I don't have anything to back up my suspicions. For the moment I have just installed the basic version of Sophos (not the business suite) because some of our computers on the network are heavily infected. There was previously no AV installed on any of the PC's but I've sorted that now. I'll let you know anything else if it crops up. Thanks again