That is what we do here. Which was my point in the first place.
(that, and when we validate users to access the net thru the firewall,
their division manager has to ok the access with the proviso that
their division agrees to pick up the cost of network disinfection if
it is their workstation that introduces the virus. With 1200 pcs
on line, at an average of 30 min. to disinfect, at a billing rate of
135. perhour internally, that can add up quite fast. So, users
are well educated.)
Bryan D. Boyle |Physical: ER&E, Clinton, NJ (908) 730-3338
#include <disclaimer> |Virtual: bdboyle @
erenj .
com
World-Wide-Web: http://www.digimark.net/bdboyle/index.html
186,000 miles per second: not just a good idea, it's the law!
On Mon, 17 Oct 1994, John H. Kida wrote:
> I have tracking Viruses since 1989... and have only
> once seen a virus be introduced for the 1st time,
> soley via a network.
>
> I have to agree with Marcus on the point that the BEST
> place to scan is where the damage can occur. A virus
> scanner in firewall / router / gateway would slow things
> down considerabilily. Even the fast scanners I've seen are
> no match for the standard speeds of a router/firewall/gateway.
> The use of a scanner at this point would only serve to provide
> the users with a false since of security. When over 80% of all
> infections are shared floppy based.
>
> I would recommend a TSR scanner, with and active policy to scan,
> write protect and lable clean media as it is first introduced
> in the work area.
>
>
> John Kida
>
>
References:
|
|
