Security setup for a business

Hey guys, I posted something similar to this a long time ago, but software and companies have changed..so I was wondering what you guys thought of my security setup, and what can be done to increase security.


Everything will be running on Win7, and obviously, everything will run with a limited account. All webbrowsing will be sandboxed (i read somewhere that sandboxie was sold, hopefully they still sell the stand alone).

I have setup a computer with linux to essentially be a storage server. Daily backups will be made on that computer with something similar to Acronis. Another offsite server will be setup to contain the backups as well.

I think the owner said they purchased Eset (though im not sure), so hopefully that'll be on there. The one main issue that I have is 64bit. I use to use malware defender back when 32bit was what most people had, however, that wont work. Neither does defensewall.

What alternative hips would one suggest? Also, are there are pre configurations that are available that I can tune to my liking?

Finally, i will be running pfsense as a firewall for the entire network, which includes antivirus, firewall, spam filter, and more.


is there anything missing from my setup? Anything I can add to better the security?


tl;dr will sandboxie, eset, pfsense, and acronis be a good enough security setup for a business?

 

Hello!

I don't see much room for any improvements in your setup.
I do wonder how you managed to install and configure Malware Defender and avoided constant calls from users complaining about things not working. I guess you have some disciplined users over there.

If you would like classical HIPS on 64 bit system there is not much to choose. COMODO FW with Defense+ comes to my mind. I don't know about pre-configurations as I never really tested it.

Sandboxie has been sold and we are waiting to see what will happen with this software.

I really like your setup and wouldn't add anything.

 

Comodo is free for small business, and it has a sandbox so probably you won't need sandboxie, although sandboxie is better comodo sandbox could be enough.

I would add Hitman Pro Alert, although I don't know if there is any compatibility with sandboxed browsers

 

Pretty much set it up as an anti executable. Everything they were allowed to use would function just fine.

I did get a few complaints about how IE wouldn't run, or, games wouldn't work...but, after a while, they got use to it. Especially since infections would go down to 0, for a couple years. lol

 

How large of a business?

From a corporate standpoint that setup is way to system intensive.

You need something you can manage from a central admin panel so you can deploy patches, updates, scans, removal if necessary, etc.

Do you really want to run to every PC in the office to run scans manually or perform removal?

 

+EMET
+SRP/AppLocker or similar

 

And what software would do that?

 

Perhaps Windows Intune from Microsoft.

 

Except for the patches almost everything related to security can be done with the business versions of any antivirus

Comodo Endpoint Security Manager 3 Professional Edition
10 free business licenses
http://www.comodo.com/business-ente...12=2034&key7sk1=29&key1sk1=ors&key1sk2=Google

Probably the cheapest solution for patch management would be Secunia
https://secunia.com/products/smb/smallbusiness/

 

Hello.

Just a suggestion here...

http://www.kaspersky.co.uk/small-office-security

 

Almost any enterprise or business AV solution has an endpoint manager. Even Windows has Forefront.

Our business runs Kaspersky with Kaspersky Security Center for the central management. It even offers the ability to find other software vulnerabilities like Java, Flash, etc. and patch them for you.

 

So just to be sure, its suggested to install the endpoint versions of the antivirus then install a console management program to monitor all the systems, correct?

I'm curious if esets management console needs to have its own server, or, if it can be installed on just any other computer. Should be interesting. I shall google around.

 

I know Kaspersky requires SQL server and a server OS.

 

+1. OP already set LUA so it's a step away.