Virus protection on a firewall |
 |
EXPERT RESPONSE FROM: Ed Skoudis
|
|
|
|
| > |
QUESTION POSED ON: 24 October 2002
I read you should not put virus protection software on a firewall (or
even a proxy) to avoid an denial-of-service attack. Why is that?
|
|
| > |
I assume that your advisors are concerned about performance and/or the
security risk of overloading your firewall with functionality. If someone
sends a bunch of virus-loaded e-mail to your network, your firewall could
choke from all of the traffic. Your best bet is to put antivirus
solutions not on the firewall itself, but on your mail server and http/ftp
proxy box. If these are separate machines from your firewall, a flood of
viral traffic won't kill all of your Internet connectivity, but only those
components being attacked. It's a pretty good idea from an architecture
perspective to remove these functions from your firewall. Let the
firewall focus on firewalling... other systems can do virus protection
better.
For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Firewalls
Best Web Links: Secure Messaging
|
|
|
|
|
|
|
|
Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and
answer pairs from more than 250 TechTarget industry experts.
|
|
|
|
|
|
|
|
|
|
|
|
