I assume that your advisors are concerned about performance and/or the security risk of overloading your firewall with functionality. If someone sends a bunch of virus-loaded e-mail to your network, your firewall could choke from all of the traffic. Your best bet is to put antivirus solutions not on the firewall itself, but on your mail server and http/ftp proxy box. If these are separate machines from your firewall, a flood of viral traffic won't kill all of your Internet connectivity, but only those components being attacked. It's a pretty good idea from an architecture perspective to remove these functions from your firewall. Let the firewall focus on firewalling... other systems can do virus protection better.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Firewalls
Best Web Links: Secure Messaging
Dig Deeper on Malware, Viruses, Trojans and Spyware
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.