Question about my Exchange server

I have an Exchange 2003 Enterprise server SP2 that has about 320 mailboxes on it, I have an SSL certificate installed for OWA and have it confgured for outlook over https RPC. the server is a Dell PE 2950 Quad core with 4 gigs of RAM running Server 2003 Ent SP2. The server is routinely backed up by Backup Exec and resides in a CO LO that provides us their firewall protection. We also Have our incoming mail going through Postini for spam and virus protection. We used to also have Symantec Mail Security for Microssoft Exchange 5.0 running on the server as well, it has expired so I unistalled it and the company doesn't want to pay the $8000 to renew it. So should I just install a regular server antivirus client on it and leave it to rely on that and Postini or is there some other cheap suggestions to improve the security on it and what threats am I open for with that config.

Comments

  • royalroyal Member Posts: 3,353
    A regular antivirus as you are referring to it is properly known as a file level antivirus. "Regular" doesn't mean anything. With that aside, make sure the proper file level exclusions are set up on Exchange 2003.

    http://support.microsoft.com/?kbid=823166
    http://support.microsoft.com/?kbid=328841

    Personally, if it were me and cost was not so much of an issue, I'd have a dedicated appliance in addition to your Positini which then sends it off to a FE that does SMTP and then sends it off to your BE. BE and FE would have file level antivirus both no Exchange aware antivirus.

    But that's just me.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • HeroPsychoHeroPsycho Inactive Imported Users Posts: 1,940
    You need an Exchange specific AV scanner. No appliance or hosted filtering solution stops internal emails being sent with infected attachments.
    Good luck to all!
  • blargoeblargoe Self-Described Huguenot NC, USAMember Posts: 4,174 ■■■■■■■■■□
    My preference:

    + SMTP filtering outside of exchange (Postini or other appliance, or a hosted service)
    + Something exchange specific on the mailbox server, if something gets through you don't want it sitting in the store...
    + A "traditional" A/V client like you would normally install on a computer, with the appropriate exclusions set for exchange server directories
    + A/V at the desktop with an Outlook plug-in

    Preferably, you wouldn't want all layers of protection from the same vendor either.
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
Sign In or Register to comment.