[Novalug] Windows and Linux in the Antivirus World

Ken Kauffman kkauffman@headfog.com
Sun Jul 22 10:14:46 EDT 2007


Sorry I wasn't too clear.  Hopefully this adds some clarity...

The two main criteria are these:

1) push signatures to clients
2) force scheduled scans (within a time window and "missed time" window)
3) capture/report client detections

I installed F-Prot for windows and did not see a way to link it to the 
Linux F-Prot server for this type of functionality.  I'm certainly aware 
that products exist that work on both platforms, it's the integration 
piece that I'm not too clear on.

Without installing every product, does anyone have specific experience 
with the reference configuration?

Ken

Scott Musman wrote:
> Ken,
>
> I can't quite figure out exactly what you're wanting to do yet? If
> you're not only just interested AV signature pushing but are more
> concerned with policy enforcement across multiple hosts (windows/Linux)
> take a look at:
>
> http://otto-mate.aug-sys.com
>
> I'm going to be giving a NOVALUG presentation on Otto-Mate in Sept, but
> feel free to jump the gun if you wish. A download is available off the
> WIKI. We'd be happy to work with you to configure it to do what you need
> it to do.
>
> Take a look and feel free to ask questions if you got 'em. The price is
> right :)
>
> 		-- Scott
>
> On Sun, 2007-07-22 at 00:30 -0400, Ken Kauffman wrote:
>   
>> Do these all allow me to enforce client policies the same way as SAV?
>>
>> Ken
>>
>> Kevin Chin wrote:
>>     
>>> There are several that will do what you're looking for.
>>>
>>> F-Prot
>>> http://www.f-prot.com/products/
>>>
>>> Kaspersky
>>> http://usa.kaspersky.com/
>>>
>>> McAfee
>>> http://www.mcafee.com/us/enterprise/products/anti_virus/file_servers_desktops/linuxshield.html
>>>
>>> Panda Software
>>> http://www.pandasoftware.com/download/linux/linux.asp
>>>
>>> Sophos
>>> http://www.sophos.com/products/enterprise/endpoint/security-and-control/linux/
>>>
>>> Trend Micro
>>> http://us.trendmicro.com/us/products/enterprise/serverprotect-for-linux/index.html
>>>
>>> List of commercial Anti-Virus software compatible with SUSE Linux 
>>> Enterprise:
>>> http://www.novell.com/partnerguide/section/481.html#c_486
>>>
>>> Although not exactly what you're looking for, I stumbled across this 
>>> "cousin" of ClamAV as well.  Anyone have any experience with it?  Does 
>>> it work well?   ClamWin - http://www.clamwin.com/
>>>
>>> TTYL.
>>> --Kc
>>>
>>>
>>>
>>> On 7/21/07, *Ken Kauffman* < kkauffman@headfog.com 
>>> <mailto:kkauffman@headfog.com>> wrote:
>>>
>>>     Ok peeps.  Gotta question.
>>>
>>>     If I want to have a Linux server but the workstations must be
>>>     windows.
>>>     What offering exists that would allow me to run managed clients from
>>>     Linux?  For instance, Symantec AV is currently used on
>>>     server/workstations.  Symantec can push the definition updates and
>>>     client application updates.  It can also mandate scans at specific
>>>     times.  How would I manage to do that with a Linux backend?
>>>
>>>     Clear as mud? Good.  Thanks for any advice you can offer.  I'm open to
>>>     any packages even commercial.
>>>
>>>     Ken
>>>     _______________________________________________
>>>     Novalug mailing list
>>>     Novalug@calypso.tux.org <mailto:Novalug@calypso.tux.org>
>>>     http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
>>>     <http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug>
>>>
>>>
>>>       
>> _______________________________________________
>> Novalug mailing list
>> Novalug@calypso.tux.org
>> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
>>     
>
>   



More information about the Novalug mailing list