ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    AntiVirus on Servers?

    Scheduled Pinned Locked Moved IT Discussion
    42 Posts 17 Posters 3.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • dafyreD
      dafyre @Emad R
      last edited by

      @emad-r said in AntiVirus on Servers?:

      @nerdydad said in AntiVirus on Servers?:

      @black3dynamite said in AntiVirus on Servers?:

      Windows Server 2016 comes Windows Defender Antivirus
      https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016

      And then I install the real antivirus onto the server.

      @dafyre

      But does Windows server allow you to install AV on the server with Defender ? feels like it this day an age it will penalize any 3rd party software.

      I know some AV programs clash, but I don't know about Windows Defender. It's all I'm using at home and a few of my servers (Server 2016) at work.

      1 Reply Last reply Reply Quote 0
      • thwrT
        thwr @scottalanmiller
        last edited by thwr

        @scottalanmiller said in AntiVirus on Servers?:

        Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.

        And in case of a Linux fileserver? I did that, not a big problem.

        scottalanmillerS 1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @thwr
          last edited by

          @thwr said in AntiVirus on Servers?:

          @scottalanmiller said in AntiVirus on Servers?:

          Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.

          And in case of a Linux fileserver? I did that, not a big problem.

          ClamAV if you feel the need 🙂

          thwrT 1 Reply Last reply Reply Quote 0
          • thwrT
            thwr @scottalanmiller
            last edited by

            @scottalanmiller said in AntiVirus on Servers?:

            @thwr said in AntiVirus on Servers?:

            @scottalanmiller said in AntiVirus on Servers?:

            Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.

            And in case of a Linux fileserver? I did that, not a big problem.

            ClamAV if you feel the need 🙂

            Yeah, I know, but would you do it?

            scottalanmillerS stacksofplatesS 2 Replies Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @thwr
              last edited by

              @thwr said in AntiVirus on Servers?:

              @scottalanmiller said in AntiVirus on Servers?:

              @thwr said in AntiVirus on Servers?:

              @scottalanmiller said in AntiVirus on Servers?:

              Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.

              And in case of a Linux fileserver? I did that, not a big problem.

              ClamAV if you feel the need 🙂

              Yeah, I know, but would you do it?

              Not normally, the end points do it already.

              thwrT 1 Reply Last reply Reply Quote 0
              • thwrT
                thwr @scottalanmiller
                last edited by

                @scottalanmiller said in AntiVirus on Servers?:

                @thwr said in AntiVirus on Servers?:

                @scottalanmiller said in AntiVirus on Servers?:

                @thwr said in AntiVirus on Servers?:

                @scottalanmiller said in AntiVirus on Servers?:

                Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.

                And in case of a Linux fileserver? I did that, not a big problem.

                ClamAV if you feel the need 🙂

                Yeah, I know, but would you do it?

                Not normally, the end points do it already.

                But wouldn't that mean that you actually trust your endpoints? 😉

                /me takes cover

                scottalanmillerS travisdh1T 3 Replies Last reply Reply Quote 1
                • scottalanmillerS
                  scottalanmiller @thwr
                  last edited by

                  @thwr said in AntiVirus on Servers?:

                  @scottalanmiller said in AntiVirus on Servers?:

                  @thwr said in AntiVirus on Servers?:

                  @scottalanmiller said in AntiVirus on Servers?:

                  @thwr said in AntiVirus on Servers?:

                  @scottalanmiller said in AntiVirus on Servers?:

                  Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.

                  And in case of a Linux fileserver? I did that, not a big problem.

                  ClamAV if you feel the need 🙂

                  Yeah, I know, but would you do it?

                  Not normally, the end points do it already.

                  But wouldn't that mean that you actually trust your endpoints? 😉

                  /me takes cover

                  I don't trust anyone using legacy file serving 😉

                  1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @thwr
                    last edited by

                    @thwr said in AntiVirus on Servers?:

                    @scottalanmiller said in AntiVirus on Servers?:

                    @thwr said in AntiVirus on Servers?:

                    @scottalanmiller said in AntiVirus on Servers?:

                    @thwr said in AntiVirus on Servers?:

                    @scottalanmiller said in AntiVirus on Servers?:

                    Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.

                    And in case of a Linux fileserver? I did that, not a big problem.

                    ClamAV if you feel the need 🙂

                    Yeah, I know, but would you do it?

                    Not normally, the end points do it already.

                    But wouldn't that mean that you actually trust your endpoints? 😉

                    /me takes cover

                    Or... maybe it is that I don't care, let the helpdesk deal with those issues 😉

                    1 Reply Last reply Reply Quote 1
                    • stacksofplatesS
                      stacksofplates @thwr
                      last edited by

                      @thwr said in AntiVirus on Servers?:

                      @scottalanmiller said in AntiVirus on Servers?:

                      @thwr said in AntiVirus on Servers?:

                      @scottalanmiller said in AntiVirus on Servers?:

                      Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.

                      And in case of a Linux fileserver? I did that, not a big problem.

                      ClamAV if you feel the need 🙂

                      Yeah, I know, but would you do it?

                      I think it's only useful if the server is hosting files that Windows clients will be using. If it's non-windows from file storage to clients then I don't think it will make much difference.

                      1 Reply Last reply Reply Quote 0
                      • RojoLocoR
                        RojoLoco @Emad R
                        last edited by

                        @emad-r said in AntiVirus on Servers?:

                        @nerdydad said in AntiVirus on Servers?:

                        @black3dynamite said in AntiVirus on Servers?:

                        Windows Server 2016 comes Windows Defender Antivirus
                        https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016

                        And then I install the real antivirus onto the server.

                        @dafyre

                        But does Windows server allow you to install AV on the server with Defender ? feels like it this day an age it will penalize any 3rd party software.

                        Defender plays nice with webroot, can't speak for other AV programs.

                        1 Reply Last reply Reply Quote 0
                        • momurdaM
                          momurda
                          last edited by

                          I run Webroot on some http, Exchange, CRM, MSSQL, file servers here without issue.

                          1 Reply Last reply Reply Quote 0
                          • travisdh1T
                            travisdh1 @thwr
                            last edited by

                            @thwr said in AntiVirus on Servers?:

                            @scottalanmiller said in AntiVirus on Servers?:

                            @thwr said in AntiVirus on Servers?:

                            @scottalanmiller said in AntiVirus on Servers?:

                            @thwr said in AntiVirus on Servers?:

                            @scottalanmiller said in AntiVirus on Servers?:

                            Depends, if it is a Windows file server, I would generally like to have it. Other than that, I normally don't. We rarely run Windows on servers, so that generally solves the problem right there.

                            And in case of a Linux fileserver? I did that, not a big problem.

                            ClamAV if you feel the need 🙂

                            Yeah, I know, but would you do it?

                            Not normally, the end points do it already.

                            But wouldn't that mean that you actually trust your endpoints? 😉

                            /me takes cover

                            Nope, that's why I run an IDS like Wazuh everywhere I can.

                            1 Reply Last reply Reply Quote 0
                            • ObsolesceO
                              Obsolesce
                              last edited by

                              AV on a file server only protects against users stashing malware on there.

                              For example, if someone's homedrive has malware.exe in it, the AV running on the file server will kill it.

                              This is file server OS agnostic, and should be on there regardless of OS. Simply being Linux does not protect against this.

                              You can't count on client OSs to keep fileservers free of malware, so you definitely need it on every fileserver.

                              thwrT 1 Reply Last reply Reply Quote 1
                              • thwrT
                                thwr @Obsolesce
                                last edited by thwr

                                @tim_g said in AntiVirus on Servers?:

                                AV on a file server only protects against users stashing malware on there.

                                Well, my point was simple: If you don't protect your server too, you automatically trust either your clients, your IDS or both, whatever applies. If you put AV on a fileserver, you don't need to worry about proper AV - in terms of malware - on your IDS or clients, you check the files on your own.

                                For example, if someone's homedrive has malware.exe in it, the AV running on the file server will kill it.

                                This is file server OS agnostic, and should be on there regardless of OS. Simply being Linux does not protect against this.

                                You can't count on client OSs to keep fileservers free of malware, so you definitely need it on every fileserver.

                                OK, you basically wrote the same here 😉

                                1 Reply Last reply Reply Quote 0
                                • ObsolesceO
                                  Obsolesce
                                  last edited by

                                  Yeah, the fileserver being Linux has no bearing. A file server is a file server. Users can put whatever they want on there, if they have write access.

                                  Nobody plays on the fileserver itself, and most likely no GUI, so you don't need protections for that reason.

                                  You just need a way to keep your directories clean and free of infectious files. There shouldn't be because a users computer accessing the fileserver in the first place should have the same AV, so from that point of view I can see why the server itself wouldn't need anything.

                                  black3dynamiteB 1 Reply Last reply Reply Quote 1
                                  • black3dynamiteB
                                    black3dynamite @Obsolesce
                                    last edited by

                                    @tim_g said in AntiVirus on Servers?:

                                    Yeah, the fileserver being Linux has no bearing. A file server is a file server. Users can put whatever they want on there, if they have write access.

                                    Nobody plays on the fileserver itself, and most likely no GUI, so you don't need protections for that reason.

                                    You just need a way to keep your directories clean and free of infectious files. There shouldn't be because a users computer accessing the fileserver in the first place should have the same AV, so from that point of view I can see why the server itself wouldn't need anything.

                                    For file servers, do you have your antivirus set to on demand and have it on quick and full scan schedules?

                                    ObsolesceO 1 Reply Last reply Reply Quote 0
                                    • ObsolesceO
                                      Obsolesce @black3dynamite
                                      last edited by Obsolesce

                                      @black3dynamite said in AntiVirus on Servers?:

                                      @tim_g said in AntiVirus on Servers?:

                                      Yeah, the fileserver being Linux has no bearing. A file server is a file server. Users can put whatever they want on there, if they have write access.

                                      Nobody plays on the fileserver itself, and most likely no GUI, so you don't need protections for that reason.

                                      You just need a way to keep your directories clean and free of infectious files. There shouldn't be because a users computer accessing the fileserver in the first place should have the same AV, so from that point of view I can see why the server itself wouldn't need anything.

                                      For file servers, do you have your antivirus set to on demand and have it on quick and full scan schedules?

                                      I put AV on all file servers. It never fails that it eventually finds things. It has in every case so far, which it shouldn't because all endpoints connecting to the file servers have the same AV the file servers use.

                                      But to answer your question, it does different scans depending on the situation. I forget exactly what they are now without looking... But one is like after every definition update, a quick scan of some sort. A quick something after boot up, a full scan at some point. I'll have to look to get more specific.

                                      I could be completely off, I don't remember.

                                      1 Reply Last reply Reply Quote 0
                                      • bbigfordB
                                        bbigford
                                        last edited by bbigford

                                        It comes down to security vs. convenience. Performance is something completely different and can be tuned/scheduled.

                                        Do you leave your keys in your vehicles ignition? Do you leave your front door wide open? Do you write your personal identity numbers on your arm?

                                        No? Use anti-virus.

                                        NerdyDadN scottalanmillerS 2 Replies Last reply Reply Quote 1
                                        • NerdyDadN
                                          NerdyDad @bbigford
                                          last edited by

                                          @bbigford said in AntiVirus on Servers?:

                                          It comes down to security vs. convenience. Performance is something completely different and can be tuned/scheduled.

                                          Do you leave your keys in your vehicles ignition? Do you leave your front door wide open? Do you write your personal identity numbers on your arm?

                                          No? Use anti-virus.

                                          I actually have a family member that leaves their common door unlocked all of the time. Common door meaning the door that they use all of the time and not the front door.

                                          1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @bbigford
                                            last edited by

                                            @bbigford said in AntiVirus on Servers?:

                                            It comes down to security vs. convenience. Performance is something completely different and can be tuned/scheduled.

                                            Do you leave your keys in your vehicles ignition? Do you leave your front door wide open? Do you write your personal identity numbers on your arm?

                                            No? Use anti-virus.

                                            Do you still use it if you have servers that are not accessed directly or accessing anything? What will the AV be scanning?

                                            NerdyDadN NashBrydgesN 2 Replies Last reply Reply Quote 2
                                            • 1
                                            • 2
                                            • 3
                                            • 2 / 3
                                            • First post
                                              Last post