On Mon, 21 Oct 2013, unix_fan wrote:
Problem:
We are supposed to run an AV solution, where available for the OS we run.
The Enterprise choice we run on Windows - the vendor sort of rhymes with
"gigantic" - is .... "suboptimal" ... on Linux. It doesn't work for recent
kernels and they haven't updated it in a year. By contrast, ClamAV is easily
kept up to date, and it works well. But it is a "standalone" installation.
We don't have a problem running ClamAV on Linux, instead of the Windows
solution, but our Enterprise friends are wondering if anyone has a solution -
ClamAV or otherwise - that they are happy with that also includes an
Enterprise management component (e.g., reporting on deployment status,
controlled updates, etc). Bonus points if any solution involves the Trusted
Computing Module.
I volunteered to ask my community, ergo this message.
Searching the lopsa.org archives yields more discussions about the merits of
compliance ("just do it"). I did not find one where anyone discusses Linux AV
(ClamAV or any other AV engine) with an Enterprise management capability. So,
bottom line is anyone *currently* running a Linux AV solution that has
management capabilities and they are happy with the performance?
well, a little tongue in cheek, but a bit serious as well
what do you consider "enterprise management" to be?
what are you currently using to manage your Linux systems?
For example, If you are using Puppet as your management system for everything
else on your linux systems, why could you not use it to manage ClamAV as well?
There are many options for "enterprise management" of software on *nix systems,
in most cases you are better off picking one and managing everything through it
than you are using one tool to "enterprise manage" one part of your system and a
different tool to "enterprise manage" another part of your system.
Which system you pick is less important than picking one and using it.
Depending on your needs, it doesn't have to be a very complex system, just
defining a few scripts to report and apply distro auto-updates and then looking
at the output of these scripts and system logs can go a long way.
David Lang
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
