What AV solution does your Company use - KiXtart.org - official site

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Lounge » What AV solution does your Company use

Page 3 of 5

3

Topic Options

#206113 - 2012-11-03 03:34 PM Re: What AV solution does your Company use [Re: Robdutoit]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	Originally Posted By: Robdutoit Oh Lonkero, you might want to amend your signatur statement - Firefox no longer uses 50% cpu while idle. My cpu is on 0% on idle with the latest version of firefox lol. I will fix my sig back to 100% as if I had a single core on my laptop, that's what it would be pulling. yes, they said they fixed it, but leave your firefox running for couple of days and that's what you end up with. simple taskkill and firefox restart fixes the issue for the next few hours or if I'm lucky, day or two. at work I've been trying to use IE again and I have to say it's even worse. $\:\)$ it's slow as a snail. but with IE the hogging is a single tab doing something funny and I can end it by killing that offending tab. there is no such option in firefox. _________________________ ! download KiXnet
Top

#206114 - 2012-11-03 03:52 PM Re: What AV solution does your Company use [Re: Les]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	and that's why still my browser of choice is firefox with ABP and Flash Block. might need to take a look at the noscript too. but with these 2 addon's browsing is already blazing fast. $\:\)$ Robdutoit, the referer I used to block too, but not anymore. I don't see it as a privacy issue if a site knows which site's link you clicked to get on their page. even on korg udf collection you are missing out when you have referer disabled $;\)$ bet you never used it though :p _________________________ ! download KiXnet
Top

#206115 - 2012-11-03 05:16 PM Re: What AV solution does your Company use [Re: Lonkero]
Robdutoit Robdutoit Hey THIS is FUN Registered: 2012-03-27 Posts: 363 Loc: London, England	Lonkero I would endorse NTDOC. Noscript is I think a brilliant way to secure your computer. Most of the malware makes an entry point through scripts running from each webpage, therefore its logical to block it. But it is a pain to train Noscript, and I just ran out of time. I was quite busy back then when I tried it out. Noscript should speed your browser up slightly, but its not about speed, but rather security. I give you that one - I normally switch my baby computer off each night, so don't experience the issue o firefox hogging the cpu over some days. Agreed, blocking the referrer does break some functionality, but I consider the gain to outweigh the loss. I considered trying out ad block, but for some reason or another, just never got around to it. I think noscript disables the ads anyway if I remember rightly. But you have hit the nail on the head. This is why I like Firefox. The extensions make it so customisable. I was looking into the issue of using Sandiebox, but I think if I put noscript back on, it would just be overkill to use a sandbox as well. I have not had an infection on my computer in I don't know how many years! Edited by Robdutoit (2012-11-03 05:17 PM)
Top

#206116 - 2012-11-03 11:47 PM Re: What AV solution does your Company use [Re: Robdutoit]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	endorse NTDOC? I didn't know he was running for president... _________________________ ! download KiXnet
Top

#206117 - 2012-11-04 02:08 AM Re: What AV solution does your Company use [Re: Lonkero]
ShaneEP ShaneEP MM club member Registered: 2002-11-29 Posts: 2127 Loc: Tulsa, OK	He would probably be a better candidate than the current options haha.
Top

#206118 - 2012-11-05 09:41 AM Re: What AV solution does your Company use [Re: Les]
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11625 Loc: CA	ROFL - Yep isn't that the truth for candidate choice with almost all elections. But on another level isn't that part of why we have so much political chaos here when you run 2 apposing parties as the basis for your Government. Oh well.... it is what it is I suppose. Yes NoScript does provide support for cross site but even the author says that if you want to view and manage it that RequestPolicy is a much better tool than his is, and no it does not inherently block ads like AdBlock Plus does. I use a Cisco IOS firewall for all traffic as well as the built-in Windows 7 firewall. But the vast majority of stuff used and targeted are legitimate processes so both firewalls will let them in and out. That and most infections already have admin rights and can disable or bypass any local software firewall if they want. @Les Yep, there are plenty of people that operate and feel the way you do too. I'm just not one of them. If they actually had a history of verified security then maybe I'd feel differently but that's not the case. I'm also not a CLOUD lover. There is no database, no connection that sooner or later given the resources that cannot be compromised - that includes a local computer but at least with a local computer your target surface is a lot less than it is on a public cloud system. It's good for computing power when needed but for data storage - I'll leave mine within my own network thank you.
Top

#206119 - 2012-11-06 01:07 AM Re: What AV solution does your Company use [Re: NTDOC]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	cisco as a firewall is useless. you can have excellent router/switch/nat functionality with a cisco but for firewall, you need something that actually does something. _________________________ ! download KiXnet
Top

#206120 - 2012-11-06 10:16 AM Re: What AV solution does your Company use [Re: Lonkero]
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11625 Loc: CA	Well I'm not a certified Cisco Analyst but it seems to work just fine for me. What beef or issue do you have with it? http://www.cisco.com/en/US/prod/collater...008010a40e.html
Top

#206121 - 2012-11-06 01:57 PM Re: What AV solution does your Company use [Re: NTDOC]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	again, as a router and nat device, you can have your IOS box. there is no beef to be had. you just said it yourself. you have your device and the bad boys still get you. yes, because you don't have a real firewall. _________________________ ! download KiXnet
Top

#206124 - 2012-11-07 03:07 AM Re: What AV solution does your Company use [Re: Lonkero]
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11625 Loc: CA	Please provide information on any device that can block 80 and allow 80 at the same time and accurately snoop the traffic to know it's a threat. I'm not aware of any product that fits that bill. The best antivirus program cannot always determine if a file is a threat or not how the heck is a firewall that rarely gets updates going to be able to manage that trick?
Top

#206125 - 2012-11-07 04:23 AM Re: What AV solution does your Company use [Re: NTDOC]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	that's why you need an firewall that constantly updating av in it. and there are other 0-day protection tricks. I have my opinions of what firewalls actually do something useful at the border and in my opinion cisco devices just don't make the cut. _________________________ ! download KiXnet
Top

#206126 - 2012-11-07 05:34 AM Re: What AV solution does your Company use [Re: Lonkero]
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11625 Loc: CA	If it has AV in it then by description alone it is NOT a firewall it's some type of hybrid antivirus. So what do you consider a good device?
Top

#206127 - 2012-11-07 06:00 AM Re: What AV solution does your Company use [Re: NTDOC]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	what is your definition of a firewall? if it can not have av in it? _________________________ ! download KiXnet
Top

#206128 - 2012-11-07 08:24 AM Re: What AV solution does your Company use [Re: Lonkero]
Arend_ Arend_ MM club member Registered: 2005-01-17 Posts: 1896 Loc: Hilversum, The Netherlands	A hardware firewall.
Top

#206129 - 2012-11-07 03:25 PM Re: What AV solution does your Company use [Re: Arend_]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	arend, what you mean hardware? bricks? lets take watchguard for example. their appliances have so high level of filtering that it would take a day to explain it. instead of opening port 80, have some rules in it, scan the responses for thread factors, do av scan, classification (big brother) and so much more. watchguard is just one of them. fortigate the last time I used one lacked behind in the depth of control but tries to implement the same principals. real firewall actually blocks stuff. no matter which side of it has the fire. and all cisco setups I have seen have happily passed infections in and out. I have also witnessed on several occasions how devices like watchguard XTM's block bad guys even from infected laptops on the inner side. and in my opinion these are the differences between firewall and a nat box. back to arend's comment, isn't your pc a hardware device. so if you have winxp firewall turned on, you have a hardware firewall? again, that definition is so vague that it has no meaning. _________________________ ! download KiXnet
Top

#206134 - 2012-11-07 07:20 PM Re: What AV solution does your Company use [Re: NTDOC]
Glenn Barnas Glenn Barnas KiX Supporter Registered: 2003-01-28 Posts: 4401 Loc: New Jersey	I run TMG as my edge firewall and outbound proxy. Blocks 80 out for selected sites, blocks all traffic in from selected IPs (eg China), allows certain user accountss to all port 80 sites for blocking validation, and can snoop port 80 and (with certs) 443 traffic, blocking based on content. It is used to publish multiple web sites, listening on a single IP and spraying to a small farm in our perimeter network. By reverse-proxy, no traffic actually enters the perimiter network from the outside.. the TMG accept the request on behalf of the remote client, inspects the payload, makes the request from the internal system and returns the data to the client. The anti-malware component is free, but the reuptation and deep inspection services run by annual subscription, but are quite reasonably priced. Glenn _________________________ Actually I am a Rocket Scientist! $\:D$
Top

#206136 - 2012-11-07 08:51 PM Re: What AV solution does your Company use [Re: Glenn Barnas]
Robdutoit Robdutoit Hey THIS is FUN Registered: 2012-03-27 Posts: 363 Loc: London, England	I am going to be putting in a slackware box which will act as a firewall, proxy server, caching server, content filtering and AV/malware protection. Maybe I should get you guys to test the security of it once I have it up and running. Hopefully it will pass Lonkero's tough requirements lol. Hmm, Glenn might be an idea if I got my slackware box to block traffic from China as pretty much everything that way is usually malware.
Top

#206141 - 2012-11-08 12:35 AM Re: What AV solution does your Company use [Re: Robdutoit]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	robdutoit, your list is pretty good. let us know how many hours you got to use on it. $\:\)$ setup is some and actual config some more than more... _________________________ ! download KiXnet
Top

#206142 - 2012-11-08 12:36 AM Re: What AV solution does your Company use [Re: Robdutoit]
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11625 Loc: CA	Yes those (IMHO) are dedicated Intrusion Detection or Prevention devices Lonkero and not simply a firewall. Hardware as mentioned by Arend simply means that it is a dedicated device and not software driven from an installation of some type of software to handle firewall/threat detection. A dedicated hardware device can typically handle a much higher load of data traffic than a server that is also performing other functions. However - again I'm not a Cisco expert but I'm reasonably sure that they offer all those exact same things you're talking about. I do use a dedicated SPAM filtering Barracuda device for inbound/outbound email.
Top

#206149 - 2012-11-08 04:26 AM Re: What AV solution does your Company use [Re: NTDOC]
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	not really sure you can get any router nowadays that doesn't have nat and IPS of some sort. even the cheapest $10 dsl modems have "IPS firewalls" in that sense, they all can be called firewall. I guess it comes back to what set of features qualifies as a firewall. nat? routing? intrusion prevention? caching? av? i guess in traditional sense anything that can intervene with the free flow of traffic qualifies. but in that sense even spyware softwares are firewalls. modifying your host file would be a firewall. or cisco ASA would be a firewall. _________________________ ! download KiXnet
Top

Page 3 of 5

3

Previous Topic

Previous Topic View All Topics

View All Topics

Index Next Topic

Next Topic

Moderator: Arend_, Allen, Jochen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Mart

Hop to:

Shout Box

Who's Online

0 registered and 202 anonymous users online.

Newest Members

BeeEm, min_seow, Audio, Hoschi, Comet
17882 Registered Users

Generated in 0.077 seconds in which 0.03 seconds were spent on a total of 14 queries. Zlib compression enabled.

click tracking