I've got Smart Security...Now what?

Discussion in 'ESET Smart Security' started by CFisher, Dec 5, 2008.

Thread Status:
Not open for further replies.
  1. CFisher

    CFisher Registered Member

    Joined:
    Dec 3, 2008
    Posts:
    5
    Running a small business network as follows;

    Linksys router - running NAT

    Main Server - SBS2003 SP1

    15 client seats all running WinXP

    I've got Smart Security installed...what else do I need (should I have)? I'd like something remotely manageable/business level vs. the onesy twosey type installs where it becomes difficult to manage.

    I see posts with laundry lists of everything under the sun - I need security but don't want an Army of IT personnel required and that doesn't drive the users nuts.

    Is SS covering 99% of what I need? Or only 33%?

    Thanks!
     
  2. ASpace

    ASpace Guest

  3. CFisher

    CFisher Registered Member

    Joined:
    Dec 3, 2008
    Posts:
    5
    Great - as I said, looking at everyone's laundry list of 'security' applications tends to make one feel um, inadequate, if you're "only" running a suite.

    I suppose the caveat is making sure policies are crafted properly.

    Let's delve into the hypothetical and say we're aren't Policy-based...are we saying that there are holes better filled by some other apps (appropriate for our network use)?

    Thanks for the links!
     
  4. ASpace

    ASpace Guest

    If the firewall is running in Automatic mode , it provides no outgoing control of the applications used . If you have no other way to block/control applications , employees may use IM programs or some other software you may not want to see running in your network . Additionally , if there is a trojan that ESS somehow misses , there will be nothing to stop it .

    Running in Policy-based mode is not for everyone but can be quite secure because you have the ability to whitelist or blacklist any application's network activity (incluing the application , local and remote ports used , incoming/outgoing IP address) . This way you can allow your employees only use browsers and mail clients (for e.g.) . Any other application will be blocked (including a RA trojan, for example) , Using the Bluecoat's product I gave you link , you can also limit the sites the staff visits and minimise the sourses of infection to zero.

    ESET Smart Security v4 , currently in beta , introduces some new feautures including blocking of USB devices.

    If you are going to use ESS in Automatic mode , then you should think of educating the staff of good practises . I think that a software or hardware based tool in limiting access to some sites will be a good additional investment.
     
  5. DesertRat

    DesertRat Registered Member

    Joined:
    Jul 12, 2008
    Posts:
    32
    Since you're running Small Business Server 2003, you have a number of good options. You don't mention if you Standard or Premium; this is worth knowing because the Premium edition includes Internet Security and Acceleration Server 2004 (if you are using SP1). That's a pretty heavy duty firewall if you set up your server to be multi-homed.

    With either version, you get Exchange Server. This is kind of cool because you can check everyone's email for "problems", such as malware, right on the server before making it available for download to workstations. It also includes a pretty good junk mail filter, not to mention a larger variety of other tools for tuning what you are willing to receive or send.

    You didn't say where you installed Smart Security. I know it will install on SBS, but personally, I'd choose NOD32 A/V Business Edition in conjunction with NOD32 A/V for Microsoft Exchange to protect the server. The Business Edition will give you the capability to to "push" installations, as well as configurations, of NOD32 to each workstation. This would eliminate your onsey/twosey approach to setting up A/V on each workstation.

    You could, however, also purchase Smart Security Business Edtion. I think the firewall is a complication for SBS and it's definitely not as robust as ISA Server. I don't think Exchange A/V integrates as nicely with it as it does NOD32, either. Nevertheless, if it was installed (but not necessarily monitoring the server) you could also push Smart Security to each workstation as well. If you are using SBS Standard (not Premium) then maybe Smart Security will be right up your alley since you won't have ISA Server.

    Check what you have. If you have SBS Premium, it's a very, very nice product. Take advantage of Exchange and ISA Servers if you haven't yet.
     
  6. CFisher

    CFisher Registered Member

    Joined:
    Dec 3, 2008
    Posts:
    5
    Wow - Thanks DesertRat (I feel bad calling you a 'rat' after that).

    We are running SBS Premium - probably overkill - but we're runnning it. And I know enough to get myself into trouble...and sometimes just enough to get out of it.

    Sometimes having lots of options is great...other times (for example: policies) I'm worried about accidently opening up a larger hole.

    You've given me a lot to think about. And yes, at least initially, SBS doesn't seem to play nice with the Smart Security firewall - I haven't really messed with it though so it could really be some setting somewhere I haven't flipped. Never used ESET anything before...gotta say it's pretty slick.
     
  7. DesertRat

    DesertRat Registered Member

    Joined:
    Jul 12, 2008
    Posts:
    32
    I should add that ISA Server is not automatically installed during the installation of Small Business Server 2003. It's on the Premium Technologies CD (along with others) and you would have to specifically take action to install it. If you "built" your own server then based on your questions and replies I think ISA Server is not installed. For that matter, Exchange may not be installed, either. Installing it is a "checkbox" item during the original installation. If they're not installed, Smart Security Business Edition (you have Business Edition, right?) should install, configure, and do its job for you as you expect.

    I looked at your original post again and realized you had a few specific questions which ought to be answered. I'll try to keep my replies short and to the point. I'm not going to address hardware, routers, NAT, multi-homing, firewall appliances, etc.

    If you are not using Exchange, nothing by way of additional software (assuming ISA Server isn't part of the picture). Do your backups. Install and configure Smart Security on each workstation with Remote Administrator.

    Use the Eset Remote Administrator.

    Well. Software-wise, if you're only asking about A/V, 100% (I don't mean it catches 100% of malware. Nothing will. I'm saying you don't need additional A/V). For the firewall, hmmm, I guess I can't answer that with no knowledge of your access requirements and your network topology. You won't need to install yet another company's software to round things out. Security and recoverability-wise, less than 50%. Hardware, hardware and software configuration, backups, and user education and good judgement fill out the other half (more than half in fact).

    Listen, 15 workstations isn't huge, but it is a challenge if you're just becoming familiar with SBS. I wouldn't be afraid to spend some money for professional help. (In fact, I think the more expert one is with that system the more willing he is to get help when its needed). You're right to do one thing, and one thing only, test, and then take a long (days long!) breather before going on to something else. Document what you do.

    Also, there are some pretty good Eset Partners out there that have experience with SBS, ISA, and Exchange. I personally use one, a lot. They can save you a boatload of time. Check out this link for one:
    http://www.eset.com/partners/worldwide.php
    Check out this link for SBS partners:
    http://www.microsoft.com/sbs/en/us/partners.aspx
    and if you want an on-going lesson in SBS, check out this link:
    http://www.smallbizserver.net/ (not free, but very good and user friendly)
    All about ISA Server:
    http://www.isaserver.org/
    All about Microsoft Exchange:
    http://www.msexchange.org/ and http://msexchangeteam.com/

    DesertRat
     
  8. CFisher

    CFisher Registered Member

    Joined:
    Dec 3, 2008
    Posts:
    5
    Excellent - thanks. I was actually reading up on ISA Server and actually found the isaserver.org site and was reading the installation article by Tom Shinder...but it abruptly ends due to personal reasons! :eek:

    I haven't dug much around the site yet but it looks like plenty of good info.

    We're currently using Symantec's Backup Exec System Recovery to make drive images to a Snap Server...from there we go to tape as the SNAP gets full. Yes, we've had our share of major data loss in the past...don't want to do it again.

    We're a pretty unsophisticated bunch here...not much beyond email and web surfing. I maintain a VPN tunnel for myself at home. But with our growing network it's no long just myself and a few others in the same room - thus the more serious look at making sure we're not a playground for the world here...
     
Thread Status:
Not open for further replies.