Anti-Virus

Discussion in 'Computer Support' started by joehoff@gmail.com, Aug 24, 2007.

  1. Guest

    I was recently told that the company I work for would need to have
    computers not allowed on the network if they didn't have the most
    recent .dat (virus definition) files. I have Norton Corporate Anti-
    Virus. My question is it is even possible to bar access to a network
    to a computer that does not have the most recent anti-virus
    definitions? If it is possible, can Norton manage that (server\client)
    - or is some other solution needed. I'm in a peer-to-peer network with
    no domain. Any advice would be appreciated! Thanks!
     
    , Aug 24, 2007
    #1
    1. Advertising

  2. Bert Hyman Guest

    In news:
    wrote:

    > I was recently told that the company I work for would need to have
    > computers not allowed on the network if they didn't have the most
    > recent .dat (virus definition) files. I have Norton Corporate Anti-
    > Virus. My question is it is even possible to bar access to a network
    > to a computer that does not have the most recent anti-virus
    > definitions? If it is possible, can Norton manage that (server\client)
    > - or is some other solution needed. I'm in a peer-to-peer network with
    > no domain. Any advice would be appreciated! Thanks!


    My employer has similar requirements. The in-house machines are all
    remotely managed using SMS (or something like that), so they know what's
    installed and running on them.

    For off-site machines that access the corporate network via VPN, like
    the machine I'm using right now, they supply Symantec Anti Virus and
    Symantec Protection Agent. The "protection agent" is a firewall which
    has a "Host Integrity" check feature which makes sure the firewall is on
    and the anti-virus is on and up to date. If there's a problem, I get
    warnings and popups, and I guess if things get seriously out of hand,
    the corporate network cops would give me a call.

    Whenever I connect to the corporate network through the VPN, the
    firewall hooks up with a "policy manager" which automatically updates
    the firewall config and initiates the "integrity check", but I still
    have to use the anti-virus update process manually.


    --
    Bert Hyman St. Paul, MN
     
    Bert Hyman, Aug 24, 2007
    #2
    1. Advertising

  3. John Holmes Guest

    "contributed" in 24hoursupport.helpdesk:

    > I was recently told that the company I work for would need to have
    > computers not allowed on the network if they didn't have the most
    > recent .dat (virus definition) files. I have Norton Corporate Anti-
    > Virus. My question is it is even possible to bar access to a network
    > to a computer that does not have the most recent anti-virus
    > definitions? If it is possible, can Norton manage that (server\client)
    > - or is some other solution needed. I'm in a peer-to-peer network with
    > no domain. Any advice would be appreciated! Thanks!
    >
    >


    Norton AV Corporate Edition *is* a server/client edition. But you'll need
    to run the NAV server on a server OS as far as I know. An Active
    Directory domain would be the best to work with (Windows 2000, 2003), as
    you can can alter settings on the server which the clients pick up
    automatically. NAV CE integrates flawlessly with AD. NAV Server does the
    updates and propagates them to the clients immediately, or (when a client
    PC is shutdown) as soon as the client starts up. It would take too much
    typing to explain everything in a single usenet poast, but I'd suggest
    you start with a google search on "understanding active directory" first
    and do some reading. Poast back if you have any questions.

    HTH

    --
    Your mother was a churlish petrol-pump attendant who paraded herself nude
    on tramp steamers.
     
    John Holmes, Aug 24, 2007
    #3
  4. why? Guest

    On Fri, 24 Aug 2007 09:55:41 -0700, joehoff@ wrote:

    >I was recently told that the company I work for would need to have
    >computers not allowed on the network if they didn't have the most


    Sort of a nice idea, but a bit too high handed. The risk of getting
    something on a just outdated .dat weighed against trying to disable the
    network connection.

    Force all .dats to the same version to start off with and look at why it
    perhaps is't working.

    Have a good firewall if the LAN has an external connection.

    >recent .dat (virus definition) files. I have Norton Corporate Anti-
    >Virus. My question is it is even possible to bar access to a network


    It's better then something else?

    All sorts of things, in the push of dats out log which machines you can
    write to, which didn't. Either NAV deployoent, SMS or maybe MoM or vis
    WSUS or whatever it's called nowdays.

    Oops no domain, would be easier with one.

    Login scripts that check a dat repository and fetches the update.

    Or an updater client that runs on the PC and checks at every interval
    you specify.

    >to a computer that does not have the most recent anti-virus
    >definitions? If it is possible, can Norton manage that (server\client)


    No more appropriate newsgroup or vendor support?

    >- or is some other solution needed. I'm in a peer-to-peer network with
    >no domain. Any advice would be appreciated! Thanks!


    If it was me, I would do something like looking at the dat update log,
    extract the info, find the PC and disable the port on the switch by a
    script.

    Me
     
    why?, Aug 24, 2007
    #4
  5. Guest

    Thanks all for the information - It appears that there is no quick
    fix; local security policy; domain security policy; or setting in
    Norton Antivirus Server. I did a bit of research and found that
    Symantec and other companies do provide a network appliance that can
    integrate with Norton Antivirus and provide end-point security by not
    allowing unknown computers (computers without antivirus programs) and
    computers that will not update their virus-definitions successfully.
     
    , Aug 24, 2007
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Trax
    Replies:
    1
    Views:
    665
    All Things Mopar
    Feb 12, 2006
  2. Replies:
    0
    Views:
    776
  3. The Master of The Known Universe

    Top 3 firewalls, anti-virus apps, anti-spyware apps

    The Master of The Known Universe, May 9, 2006, in forum: Computer Support
    Replies:
    10
    Views:
    1,057
    clouds
    May 13, 2006
  4. marjun

    free anti-spam/anti-virus

    marjun, Apr 28, 2007, in forum: Computer Support
    Replies:
    7
    Views:
    766
    Toxic Beth
    May 1, 2007
  5. PAM.

    anti-virus virus

    PAM., May 18, 2005, in forum: NZ Computing
    Replies:
    20
    Views:
    1,058
Loading...

Share This Page