Todd Graham Lewis wrote:
Agreed, then. Virus scanners on firewalls != good decision.
For those ASM types out there: cmp virus scanners on firewalls, good
decision
jne
What you say is true, but it's the tep in the right direction. As an AV
software writer, I am SURE, that detecting virii on the network is the
FUTURE. It provides more "hygienic" conditions for "surgery".
Requests for further info are welcome.
Paul.
>
> On Thu, 27 Feb 1997, Lance and Christine wrote:
>
> > i was handed a product announcement yesterday about a symantec tool
> > which does virus checking on smtp packets on the firewall. i didn't
> > look very closely at it, but it raised a couple of points on which i
> > would like some feedback.
>
> (Lesson of successful computer administration #1: Never let marketing
> overcome your instincts)
>
> > first, is the firewall the right place to do this kind of checking?
>
> No.
>
> > on a fairly skinny host (in my case, a sparc 2 running firewall 1),
> > wouldn't the overhead of virus checking impact the flow of packets?
>
> Yep.
>
> > and finally, is smtp checking enough?
>
> Nope.
>
> > it seems inadequate.
>
> It is.
>
> > thanks for any feedback.
>
> You're welcome.
>
> Filtering SMTP might catch some viri, but the odds are humblingly low.
> Wouldn't that money be better spent on hardware for firewall redundancy,
> maybe? Howabout more disks for logging. The C/B is way too low to
> justify the product, and the costs are not merely monetary, but also
> operational in terms of latency of mail deliveries, sluggish performance,
> etc.
>
> I don't think the virus filters come close to being worth the cost.
>
> __
> Todd Graham Lewis MindSpring Enterprises tlewis @
mindspring .
com
References:
|
|
