Security Basics mailing list archives
Re: Antivirus on intranet network
From: Charalabidis Theodoros <labmice.list () googlemail com>
Date: Wed, 30 Nov 2005 17:29:04 +0200
Steven Meyer wrote:
hello, I have a "Working" network who is totally disconnected (physically) from the Internet. people do the "search" on the "Internet " computers and then go on the "work" computers for analyse and the store the data. The Question is: I would need a anti virus on the "work" computers and I should be able to update the virus database daily without connecting any computer to the Internet. Which anti virus should I use and How could I do the update. Thanks for any help. Steven Meyer
Dear Steven..... I had exactly the same problem with "offline-updating" my intranet network. I found many solutions with AV products (...well.... not with "home-user" versions") I will try to describe my solutions using the following products: 1) McAfee VirusScan Enterprise ver 8.0i (near 11 MB) 2) Symantec Antivirus Corporate Edition ver 9.x or 10.x (near 28 MB for ver 10.0.2) 3) F-Secure Antivirus Client Security ver 6.01 (near 39 MB) *1st solution*: McAfee VirusScan Enterprise ver 8.0i (http://www.mcafee.com/us/products/mcafee/antivirus/desktop/vs.htm) *-For a Workgroup:* (Notes: before installing the McAfee VirusScan Enterprise ver 8.0i in your Workgroup you might want to install McAfee Installation Designer (sold separately) to make an installation that suites your needs (password-protected,settings etc) and also McAfee Alert Manager (sold separately) to receive alerts to a single computer) a)Install AV to all the computers you want to protect (manually or with remote control). I don't recall if the installation ships with .msi files (u can convert .exe to .msi with other programs) b)Install (if you want) the McAfee module which offers Antispyware protection to the main AV (sold separately) c)Download the signatures update file from http://www.mcafee.com/us/downloads/updates/default.asp it is a single exe file (for example 4400eng.exe from http://download.nai.com/products/licensed/superdat/engine/intel/4400/4400eng.exe d)Run this single exe file to every computer.This update file (from mcafee) support command line parametres for silent installation (no user interaction).I update my intranet running this file to every computer in the network with freeware command-line psexec from www.sysinternals.com (or GFI N.S.S which supports software distribution with no user interaction) e)DONE *-For a Domain: *(Notes: You can still use all the above steps in your domain and have the desired result. The following steps are only another method that works in a domain env.) a)Install McAfee ePolicy Orchestrator 3.x.x from http://www.mcafee.com/us/products/mcafee/mgmt_solutions/epo.htm (sold separately) in one of your servers in the domain. With ePo (short for ePolicy Orchestrator) you can pre-config and distribute the installation to all your computers. b)Get the signatures update file from the McAfee site (see above) c)Distribute the update to the domain with ePo (and scan all computers,get reports,change settings....whatever) d)DONE *2nd solution: *Symantec Antivirus Corporate Edition (http://enterprisesecurity.symantec.com/products/products.cfm?productid=155) a)Install product to computers b)Get the updates from Symantec site (http://securityresponse.symantec.com/avcenter/download/pages/US-SAVCE.html) You can download either the file that looks like vd1efa10.xdb or the one that looks like 20051129-016-x86.exe c)Install the signatures update file in all your computers. (The .exe file is easier imho. I use psexec from sysinternals.com for "destributing".Worked fine.) d)DONE You can also install Symantec Client Security 3.x and have a central console for reports,alerts,signatures updating (offline,once you get the .exe file) and more. These methods work both in workgroup and domain env. *3rd solution:* F-Secure Antivirus Client Security ver 6.x (or earlier) (http://www.f-secure.com/products/anti-virus/fsavcs).You also will need to get F-Secure Policy Manager 5.x or 6.x (sold separately) (gives you reports,alerts, etc,etc) a)Install product to computers. b)Get the av signatures update file from F-Secure site (http://download.f-secure.com/latest/latest.zip) and/or the latest anti-spyware signatures (http://download.f-secure.com/latest/asw-latest.zip) c)Import the new signatures to F-Secure Policy Manager and destribute the updates to all your computers. d)DONE Works for both workgroups and domains. ps: For prices, installation, how-tos, documentation, configuration and other questions please see the sites of each company :-) ps2:Sorry for my bad english This is my little experience from different companies I have worked with I hope you didn't fall asleep from my big e-mail Charalabidis Theodoros
Current thread:
- Re: Antivirus on intranet network Charalabidis Theodoros (Dec 01)
- Re: Antivirus on intranet network shrek-m () gmx de (Dec 02)
- RE: Antivirus on intranet network Ryan Kubiak (Dec 02)
- <Possible follow-ups>
- Re: Antivirus on intranet network Mircea MITU (Dec 01)
- RE: Antivirus on intranet network Hartmann (Dec 02)
- RE: Antivirus on intranet network Avila, David J (Dec 02)
- Re: Antivirus on intranet network shrek-m () gmx de (Dec 02)