Is this even posible to do? Technical help PLEASE

5502george

So I have a question for someone that understands networking/server configurations enough to awnser.

So here are the requirements:

-I want to be able to remotely access an antivirus server "I OWN" to update antivirus on my devices

-I own both mobile and desktop devices

-I want to be able to type in the server web address and update the anti-virus on the devices

-I want to be able to update the anti-virus on the server and have the updated anti-virus available for the devices

-I want to be able to update the server from any location

....This may be a simple task but I am unfamiliar with server configurations aside from book knowledge.

....If this is possible can you provide me with detailed info on HOW TO?

thank a ton!

cyberguypr

You just describes how commercial AV works. Most antivirus products phone home for policy check. They can grab updates from the AV server but in its absence (remote users who do not VPN, etc) will default to grabbing updates from the online repositories.

An AV server has no reason to be exposed on the web. You can access your server securely via VPN and then RDP or web browser (if enabled).

5502george

So is it possible to take a free AV like AVAST and have it loaded to a server myself?

Would I have to take a remote tool and install a VPN client on the users computer before I can establish a VPN with the server?

How would I enable a function where a computer logs into the server and it auto updates its AV?

j23evan

cyberguypr wrote: »

You just describes how commercial AV works. Most antivirus products phone home for policy check. They can grab updates from the AV server but in its absence (remote users who do not VPN, etc) will default to grabbing updates from the online repositories.

An AV server has no reason to be exposed on the web. You can access your server securely via VPN and then RDP or web browser (if enabled).

You could do the above as the easy way out, or spend $50,000+ and get Microsoft SCCM 2012 with endpoint protection and mobile device manager, which would also require a SQL server (not express), an exchange server, and an active directory domain, so add some more servers for FISMO roles, a cisco ASA/Ironport/SonicWall, and throw in a RSA SecureID for good measure. Well we just went past the $50,000 mark.

Yeah you should probably just do what cyberguypr says. =D

cyberguypr

I am not familiar with avast, but for centralized AV management you will most likely need to pay for the commercial version. The business model seems to be the same across the board, free home use, upgrade/business version available for sale.

I am not sure I understand what you are trying to achieve. Is this for home use or a business? In a standalone scenario, AV updates itself and usually does a pretty good job at it. If you are talking about a home environment there's no use for centralized management, unless you want to get to know a particular product which will most likely cost some serious money. You could get away with it for a while with a trial license.

5502george

j23evan wrote: »

You could do the above as the easy way out, or spend $50,000+ and get Microsoft SCCM 2012 with endpoint protection and mobile device manager, which would also require a SQL server (not express), an exchange server, and an active directory domain, so add some more servers for FISMO roles, a cisco ASA/Ironport/SonicWall, and throw in a RSA SecureID for good measure. Well we just went past the $50,000 mark.

Yeah you should probably just do what cyberguypr says. =D

...And why would this need SCCM, AD, ES, SQLserv etc... if all the setup requires is the client to touch the server (initiated by the client)?

5502george

cyberguypr wrote: »

I am not familiar with avast, but for centralized AV management you will most likely need to pay for the commercial version. The business model seems to be the same across the board, free home use, upgrade/business version available for sale.

I am not sure I understand what you are trying to achieve. Is this for home use or a business? In a standalone scenario, AV updates itself and usually does a pretty good job at it. If you are talking about a home environment there's no use for centralized management, unless you want to get to know a particular product which will most likely cost some serious money. You could get away with it for a while with a trial license.

Well it would be more of a side project for a few home networks. I have received more than a couple of requests from acquaintances to check their AV because of issues they have on their PC's. So I figured I could just configure a server they could touch that has the latest AV they could download. I have tried pointing them to the free AV sites but they were confused lmao.


....and worst case scenario I would use a remote tool to help them out

cyberguypr

In that case your solution (centralized AV) makes no sense based on my previous points. Think about it as reinventing the wheel. If they can't download AVG and click NEXT a few times, there are bigger issues. Also, keep in mind that a lot of malware easily bypasses AV, so your main task will actually be assisting them cleaning up their machines.

You can use any free tool to connect to them, such as Join.me. If they really trust you you can install LogMeIn on their computers.

ccnxjr

Expanding on cyberguypr's post

Certainly technically possible.

However if the AV client in question is a commercial product (eg: norton, macafee), then , it depends.
In enterprise rollouts this is a common thing.
AV clients would connect to an enterprise AV server and receive updates as needed (AV engine or virus db) .
It would also produce reports on success/failure of clients .
In general the enterprise version are highly customizable.
You can configure push/pull models if needed, be selective on when and which databases should be deployed, etc.

If your using the "home" version, then it would definitely depend on the license agreement, otherwise you'll be doing some reverse engineering.
The AV Client for home use may have built in "safeguards" to make sure that it's point at a legit database, and will do some validation .
They usually take care of updates automatically unless otherwise configured to ask for permission or if there is some other firewall blocking it?
They may not be as flexible as the enterprise version.

There are freeware/opensource antivirus available , such as ClamShell , but not sure if it allows for centralized administration.
At least the source is available for you tailor to your needs.

In short, yes it's possible, but depends on how much engineering work you're willing to take on .

5502george

cyberguypr wrote: »

In that case your solution (centralized AV) makes no sense based on my previous points. Think about it as reinventing the wheel. If they can't download AVG and click NEXT a few times, there are bigger issues. Also, keep in mind that a lot of malware easily bypasses AV, so your main task will actually be assisting them cleaning up their machines.

You can use any free tool to connect to them, such as Join.me. If they really trust you you can install LogMeIn on their computers.

on a side note have you tried teamviewer?

cyberguypr

Now I'm thinking the users will find it insanely difficult to run Join.me or Teamviewer.