Home page logo

basics logo Security Basics mailing list archives

RE: Exchange server & Web Security for mid size company.... Need advise.
From: "Collier, Simon" <simon.collier () ualberta ca>
Date: Tue, 10 Jan 2006 08:30:48 -0700

I'm an advocate of AV at the gateway, mail server and desktop. In fact, I'd
argue that if a virus gets as far as the desktop, something went wrong.

Here is an option, if cost is your problem:

1. At the gateway, you can use DNS blacklists like Spamcop to drop
connection from "known bad" sources. This will remove most bad traffic.
(This can also be done at the mail server, of course.)

2. Exchange 2003's own spam filter is pretty good, and free (and is
essentially what they use for Hotmail, so it has millions of users "giving

3. AntiVirus on the Exchange server will take out a LOT of "virus" messages
in times of outbreak, which fill users' mailboxes.

Between the three, you should have a pretty decent "free" AS solution.

Simon Collier

-----Original Message-----
From: phunked up! [mailto:phunkodelic () gmail com] 
Sent: Monday, January 09, 2006 8:14 AM
To: security-basics () securityfocus com
Subject: Exchange server & Web Security for mid size company.... Need

Am getting ready to run install a complete email system (Exchange
server) for approximatley 175 users.  For antivirus we are currently
running Trend company wide and it has served us well.  We currently
have no spyware solution to filter web traffic.  My plan is to
purchase Norton 8200 Antivirus & Antispam firewall (applicance) and to
put Trend Scanmail for exchange  on our server.  Figured that that
might be overkill int the antivrus department and here is why:

Clients-Trend Micro
Exchange Server - Scan Mail for Exchange
Gateway Solution - Norton 8200 Spam-Virus Firewall.

What I was thinking of doing was just puttting regular antivirus
client on Exchange and using the saved money to purchase an
anitspyware appliance from Barracuda Networks.  I would think that two
layers of virus protection (gateway, client) would be fine and three
layers (gatway, email server, client) may be a bit much for a
small-medium environment.  In my last exchange deployment several
years ago I had it set up with regular cleint on exchange server and a
gatway solution.  Of course years ago things were a bit different.

Any opinions would be much apprecaited.

The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning,

Computer Emergency Response Teams, and Digital Investigations. 


Attachment: smime.p7s

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]