[Leaplist] Enterprise AV for Linux
Hank Lambert
hank at hanklambert.com
Mon Dec 15 19:38:20 EST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I haven't deployed any anti virus for Linux, but I have deployed
Kaspersky for a Microsoft WAN spanning 19 sites and 6 states. Having
deployed Symantec in the past, the Kaspersky deployment was painless;
everything worked the way it was supposed to, and the overhead was
minimal compared to others.
- --Hank
William Warren wrote:
> tony_l_turner at yahoo.com wrote:
>> Antivirus is just another layer of security. Unless you plan on
>> telling me that a Linux machine can't get a virus then it needs
>> mitigating controls. I understand about the use of SELinux and
>> non UID 0 accounts and realize that its a much different
>> environment but if I can remotely exploit a Linux machine in a
>> pentest I fail to see why a virus can't do the same thing in an
>> automated fashion. In addition, a good antivirus suite often has
>> firewall, IDS, endpoint controls and network access control
>> client built-in. Yes I know I can do these things with iptables
>> and snort and what not, but not from a centralized management
>> interface (at least not that I'm aware of)
>>
>> I understand Linux is not Windows but we have a policy that we
>> MUST abide by that requires AV on every computer that touches our
>> network. Since I work for a state government agency, this is not
>> something that I can just send a memo to the CIO and get
>> changed. Many of our requirements come from the Agency for
>> Enterprise IT, AEIT (What used to be the State Technology Office,
>> STO) and are out of our control. This is why I need to find a
>> decent solution.
>>
>> Sent from my Verizon Wireless BlackBerry
>>
>> -----Original Message----- From: Phil Barnett <philb at philb.us>
>>
>> Date: Mon, 15 Dec 2008 03:54:56 To: <leaplist at leap-cf.org>
>> Subject: Re: [Leaplist] Enterprise AV for Linux
>>
>>
>> _______________________________________________ Leaplist mailing
>> list Leaplist at leap-cf.org
>> http://lists.leap-cf.org/mailman/listinfo/leaplist
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>>
>>
>> _______________________________________________ Leaplist mailing
>> list Leaplist at leap-cf.org
>> http://lists.leap-cf.org/mailman/listinfo/leaplist
>>
> kaspersky has an enterprise suite that handles Linux
>
> http://usa.kaspersky.com/products_services/enterprise-space-security.php
>
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFJRvh7BEC44ZbTPXERAhX1AKCUwHxOEzQGK8zUjLLdjeSPr1QZ+ACghWM7
ex6hWmsKDY6Id+5PNzDbU3c=
=yP98
-----END PGP SIGNATURE-----
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Leaplist
mailing list