AntiVirus on Servers?
-
@irj said in AntiVirus on Servers?:
@rojoloco said in AntiVirus on Servers?:
@irj said in AntiVirus on Servers?:
You should always have AV. Proper configuration is the key. You dont want to hurt performance. In most cases, vendors have what exclusions should be set as they deal with this all that.
I really like that Webroot has built in templates for creating profiles... their server profile was 95% of what we needed, just a couple of tweaks and it works a charm.
I never got a chance to use their product at any of my employers
It has been my AV at home for awhile though
I've been 100% satisfied with their product and support. I use it at home too.
-
Windows Server 2016 comes Windows Defender Antivirus
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016 -
@black3dynamite said in AntiVirus on Servers?:
Windows Server 2016 comes Windows Defender Antivirus
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016We've done lab tests with Defender and without ATP, it isn't great. With ATP, it is really solid.
-
We are soon switching to Bitdefender for all of our Non-2016 servers. For our 2016 systems, we're just using the Windows Defender.
-
@black3dynamite said in AntiVirus on Servers?:
Windows Server 2016 comes Windows Defender Antivirus
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016And then I install the real antivirus onto the server.
-
@nerdydad said in AntiVirus on Servers?:
@black3dynamite said in AntiVirus on Servers?:
Windows Server 2016 comes Windows Defender Antivirus
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016And then I install the real antivirus onto the server.
Their ATP offering is really solid. Mainly because it isn't made by Microsoft
I forget who they bought it from, but our MS sales reps were telling us that they bought a complete product.
-
@nerdydad said in AntiVirus on Servers?:
@black3dynamite said in AntiVirus on Servers?:
Windows Server 2016 comes Windows Defender Antivirus
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016And then I install the real antivirus onto the server.
But does Windows server allow you to install AV on the server with Defender ? feels like it this day an age it will penalize any 3rd party software.
-
@emad-r said in AntiVirus on Servers?:
@nerdydad said in AntiVirus on Servers?:
@black3dynamite said in AntiVirus on Servers?:
Windows Server 2016 comes Windows Defender Antivirus
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016And then I install the real antivirus onto the server.
But does Windows server allow you to install AV on the server with Defender ? feels like it this day an age it will penalize any 3rd party software.
I know some AV programs clash, but I don't know about Windows Defender. It's all I'm using at home and a few of my servers (Server 2016) at work.
-
@scottalanmiller said in AntiVirus on Servers?:
Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.
And in case of a Linux fileserver? I did that, not a big problem.
-
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.
And in case of a Linux fileserver? I did that, not a big problem.
ClamAV if you feel the need
-
@scottalanmiller said in AntiVirus on Servers?:
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.
And in case of a Linux fileserver? I did that, not a big problem.
ClamAV if you feel the need
Yeah, I know, but would you do it?
-
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.
And in case of a Linux fileserver? I did that, not a big problem.
ClamAV if you feel the need
Yeah, I know, but would you do it?
Not normally, the end points do it already.
-
@scottalanmiller said in AntiVirus on Servers?:
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.
And in case of a Linux fileserver? I did that, not a big problem.
ClamAV if you feel the need
Yeah, I know, but would you do it?
Not normally, the end points do it already.
But wouldn't that mean that you actually trust your endpoints?
/me takes cover
-
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.
And in case of a Linux fileserver? I did that, not a big problem.
ClamAV if you feel the need
Yeah, I know, but would you do it?
Not normally, the end points do it already.
But wouldn't that mean that you actually trust your endpoints?
/me takes cover
I don't trust anyone using legacy file serving
-
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.
And in case of a Linux fileserver? I did that, not a big problem.
ClamAV if you feel the need
Yeah, I know, but would you do it?
Not normally, the end points do it already.
But wouldn't that mean that you actually trust your endpoints?
/me takes cover
Or... maybe it is that I don't care, let the helpdesk deal with those issues
-
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.
And in case of a Linux fileserver? I did that, not a big problem.
ClamAV if you feel the need
Yeah, I know, but would you do it?
I think it's only useful if the server is hosting files that Windows clients will be using. If it's non-windows from file storage to clients then I don't think it will make much difference.
-
@emad-r said in AntiVirus on Servers?:
@nerdydad said in AntiVirus on Servers?:
@black3dynamite said in AntiVirus on Servers?:
Windows Server 2016 comes Windows Defender Antivirus
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016And then I install the real antivirus onto the server.
But does Windows server allow you to install AV on the server with Defender ? feels like it this day an age it will penalize any 3rd party software.
Defender plays nice with webroot, can't speak for other AV programs.
-
I run Webroot on some http, Exchange, CRM, MSSQL, file servers here without issue.
-
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
@thwr said in AntiVirus on Servers?:
@scottalanmiller said in AntiVirus on Servers?:
Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.
And in case of a Linux fileserver? I did that, not a big problem.
ClamAV if you feel the need
Yeah, I know, but would you do it?
Not normally, the end points do it already.
But wouldn't that mean that you actually trust your endpoints?
/me takes cover
Nope, that's why I run an IDS like Wazuh everywhere I can.
-
AV on a file server only protects against users stashing malware on there.
For example, if someone's homedrive has malware.exe in it, the AV running on the file server will kill it.
This is file server OS agnostic, and should be on there regardless of OS. Simply being Linux does not protect against this.
You can't count on client OSs to keep fileservers free of malware, so you definitely need it on every fileserver.