Kill the virus on the Intranet.

Kill the virus on the Intranet

When try to protect a network against viruses, spyware, and malware source (in later virus) which is internet we have two main ways to do it:

1. Protect the recipients of the information; i.e. the own computers of the users. In this way the user receives everything and viruses are frequently deleted in hindsight, once they are in the team. With a real-time antivirus program, the user is informed of the detected viruses and cleaning/disposal.
2. Put barriers in the source of the problem to viruses, that is, in the internet or gateway server itself. With this approach the majority of viruses are eliminated unless they even realize the user (in the case of viruses from email, the most common way of dispersing today).

The option to choose is the one that best meets our needs for its price and efficiency.

Advantages of Antivirus clients facing anti-virus on server:

• It allows to detect those who are introduced by other means; by ej. floppies, memorias usb, cd-roms, etc.

Disadvantages of Antivirus clients with respect to the other option:

• Higher costs in licensing; because each computer must have its license. You can multiply by 5 cost perfectly, while the other way only the necessary number of concurrent licenses are purchased.
• Latest viruses detected and directly attacking the programs antivirus, disabling them and opening the doors to other viruses; thing that cannot happen on the server since they removed before even opens.
• Having a proxy with antivirus the connections to the internet in detail, get more control thanks to the proxy server, with a fully configurable firewall and shows in real time which allows us to know in advance if a customer uses programs that will collapse the network (famous P2P) or if a virus is trying to expand.
• Slows down the operation of the computer (can reach 40%) since it must analyze all open files in real time, consuming its resources.
• Unless you are using a server for updates, each client must update its virus database every few hours, overloading the internet connection.

Finally came to the conclusion that the most effective option is to prevent users install programs (for example giving them restricted permissions) and install an antivirus at the root of the problem, with what emails and files with viruses are eliminated before being received.

And experts in the field say the same thing:

Scanning for viruses at the gateway is an obvious and common technique that is utilized by most businesses worldwide (in BarracudaNetworks.com).

References:

ClamAV antivirus
WinProxy.com Antivirus for the internet gateway
Barracuda antivirus