I assume that your advisors are concerned about performance and/or the security risk of overloading your firewall with functionality. If someone sends a bunch of virus-loaded e-mail to your network, your firewall could choke from all of the traffic. Your best bet is to put antivirus solutions not on the firewall itself, but on your mail server and http/ftp proxy box. If these are separate machines from your firewall, a flood of viral traffic won't kill all of your Internet connectivity, but only those components being attacked. It's a pretty good idea from an architecture perspective to remove these functions from your firewall. Let the firewall focus on firewalling... other systems can do virus protection better.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Firewalls
Best Web Links: Secure Messaging
Dig Deeper on Malware, Viruses, Trojans and Spyware
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.