AntiVirus on MS Server 08

Soldato
Joined
14 Mar 2004
Posts
8,040
Location
Brit in the USA
So we currently have Avast Server running on our RDP Sever. A couple of weeks ago all our e-mail went down. Our server support company looked into and it turns out that Avast was apparently corrupting our Exchange database (on a side note, has anybody heard of this before?) so it had to be disabled. Our license(s) were about to expire for Avast anyway, so right now I'm looking for alternatives.

Does MS Security Essentials work OK in a server environment? How does the licensing work - done a search and it's all a bit vague.

Anything else I should look at or avoid?

Ta! :)
 
Soldato
Joined
6 Jan 2006
Posts
4,663
Location
Newcastle
MS Security + Exchange I have not a clue however iirc its only licensed for 10 users / machines and theres no central administration sadly, MS do offer MS Endpoint Protection. Personally being an ESET partner Id vouch for them their central admin isnt the best IMO but its fairly good to say the least overall. My company is currently testing GFI Viper which so far its ability to config is phenomenal however as for detecting we havent tested long enough to say http://www.av-comparatives.org/ only lists two months of testing from what I remember but to me that isn't conclusive.

In an ideal world you should have 1 vendor for your servers and 1 for your end users, however to sum up pricing ease of use for the end user ESET all the way. There are many trials out there but Id imagine some one will say check the AV thread..... for more options

i have heard of mcafee doing this before locking up exchange after an av update, it took a good hour to find out why and was purely just a case of disabling the service which was a fluke
 
Last edited:
Soldato
Joined
27 Feb 2003
Posts
7,171
Location
Shropshire
Your RDP server is also your Exchange Server? I ask based on your previous thread. All sounds a bit strange.

I've never used Avast but MS recommend file level AV should be disabled on Exchange - more here for Exchange 2010.
 
Associate
Joined
22 May 2009
Posts
241
Location
Scotland
Yeah be very careful about your AV on the exchange server. A lot of AV is configured to look out for mass mailer malware and unless they have a pre-defined exclusion for exchange they'll block mailflow as I found out to my cost recently with McAfee.

I'd not have exchange on your RDP server, quite a security risk.
 
Soldato
OP
Joined
14 Mar 2004
Posts
8,040
Location
Brit in the USA
Thanks chaps. I'm trying to learn more about the server side but I've only been here a few months and basic tech support is only one of my duties.

OK, from what I can gather, we're running virtual servers. It seems our older servers were retired into a purely storage role. Then a new server was purchased and is setup with (ESXi?)virtual servers as follows...

TS01 - RDP

SBS01 - RDP gateway, DNS, DC, File, Exchange

SBS02 - Sage, print, DHCP

Avast seems to reside in SBS01. I don't really understand how everything interacts. Does the above setup make sense? We have 12 users btw.

Any advice would be much appreciated! I'd like to be able to understand this more so I can fix stuff myself and not have to rely on the support company as much!
 
Associate
Joined
22 May 2009
Posts
241
Location
Scotland
Thanks chaps. I'm trying to learn more about the server side but I've only been here a few months and basic tech support is only one of my duties.

OK, from what I can gather, we're running virtual servers. It seems our older servers were retired into a purely storage role. Then a new server was purchased and is setup with (ESXi?)virtual servers as follows...

TS01 - RDP

SBS01 - RDP gateway, DNS, DC, File, Exchange

SBS02 - Sage, print, DHCP

Avast seems to reside in SBS01. I don't really understand how everything interacts. Does the above setup make sense? We have 12 users btw.

Any advice would be much appreciated! I'd like to be able to understand this more so I can fix stuff myself and not have to rely on the support company as much!

TS01 - should have AV on it as it can be treated as any PC.

SBS01 - if it does have AV on it should be configured to leave certain folders alone. Different programs have tools specific to scanning Exchange like Groupsheild which is specifically designed for scanning incoming mail on an exchange server.

SBS02 - From the sounds of what this server does I'd say you could safely install antivirus on this.

What is the name of the avira product you are using specifically. i've never seen this used in a corporate environment or small business. I usually deal with McAfee, Sophos, Kapersky etc.
 
Soldato
OP
Joined
14 Mar 2004
Posts
8,040
Location
Brit in the USA
TS01 doesn't appear to have any AV installed - I'm only seeing it on SBS01. Is that because SBS01 is the RDP gateway maybe?

The exact product is Avast 4.8 Server.

Just had a quick look around and it seems there was a proper Exchange Server version released after 4.8, then the latest version is just called Email Server and specifically states it supports Exchange. I'm guessing our older version had issues with Exchange.
 
Associate
Joined
22 May 2009
Posts
241
Location
Scotland
Yup, I'd say it isn't fit for purpose. You maybe better directing your questions about the software at their forum as they'll have experience with it. http://forum.avast.com/index.php?board=8.0

The TS needs av asap depending on how it is used. If users are accessing it users tend to be the way systems get compromised. I'd get AV installed on that and some malware protection and do a scan overnight.

SBS01 has anyone got an explination to why it is setup as an rdp gateway? Does it have apps on it or something that access is required to? Those roles listed doesn't make sense for it to have RDP access. Here more info on RDP gateways - http://technet.microsoft.com/en-us/library/dd560672(v=ws.10).aspx
 
Back
Top Bottom