We disable on access scanning on our Windows SBS 2008 & Server 2003 with SQL 2005. This was a recommended setup from our IT provider that I inherited and decided to keep. We do have PureMessage running on there so I suppose we are doing at least some on access scanning on the SBS server.
Instead we do a full scan every week during off-peak hours, prevent server access to all but a few employees, regular patch and update, enable Internet Explorer enhanced security configuration, physical lock of the tower doors to prevent device connection.
We've had Sophos break on the application server due to a forced reboot which meant it was out of action for 8 months and couldn't be uninstalled due to file corruption. Finally fixed it and the scheduled scan has come back negative. Consequentially I'm still none too worried about having on access on either server.
Of course I am no expert so don't take me as such!
We disable on access scanning on our Windows SBS 2008 & Server 2003 with SQL 2005. This was a recommended setup from our IT provider that I inherited and decided to keep. We do have PureMessage running on there so I suppose we are doing at least some on access scanning on the SBS server.
Instead we do a full scan every week during off-peak hours, prevent server access to all but a few employees, regular patch and update, enable Internet Explorer enhanced security configuration, physical lock of the tower doors to prevent device connection.
We've had Sophos break on the application server due to a forced reboot which meant it was out of action for 8 months and couldn't be uninstalled due to file corruption. Finally fixed it and the scheduled scan has come back negative. Consequentially I'm still none too worried about having on access on either server.
Of course I am no expert so don't take me as such!
