Viruses today are more blended and have a higher payload than ever before. This means that they are easier to distribute and can do greater damage. Viruses today can attack networks at even the lowest level which means they can bypass desktop and server antivirus software. Software antivirus no longer provides the complete protection that it once did.
So what is layered antivirus and network security and how should you approach it? Simply put, it is like placing a defense barricade at every possible entry point onto your network. A typical layered antivirus solution will include server AV, desktop AV, gateway AV, email AV, and sometype of intrusion detection/prevention service (IDS, IPS).
This approach will not only protect from threats that come in at the computer and file system level, but will also protect your network from denial of service and other network level attacks.
A layered approach also helps provide efficiency and load-balancing on your network. If you find that your email server is getting pounded by daily phishing or virus emails, then having gateway antivirus can help take some of the load off of your email server by stopping those emails from ever reaching the server.
It also provides greater security on desktops using gateway antivirus. If a user attempts to download a virus onto their computer, rather than letting the desktop AV software handle the quarantine/deletion, the gateway appliance will built the packet stream and scan it as the virus passes through. If the stream matches that of a known virus signature, then the stream is cut off by the gateway and the virus never reaches the desktop to begin with.
Protecting your network with a layered approach is now not just a security design for enterprise networks, it is a requirement for all business networks.
Aaron Guhl is an IT professional that specializes in security. He frequently writes on his blog regarding security issues to help IT professionals get a better understanding of security in their networks. Visit his website at: Multi-layered Antivirus
No comments:
Post a Comment