How to install antivirus software?

  • Hi,

    first, I´m new to the hardware-firewall-thing, and have not much experience, yet. My question: I want to install an antivirus software. How would you recommend me to install it?

    Should I install it directly on the firewall, or on the server behind the firewall?
    If it´s better to install it on the firewall, is there something special to keep in mind, or is it the same setup process like on an usual linux OS?

    What antivirus software can you recommend?

    Thank you in advance

  • Rebel Alliance Moderator

    Before thinking any further you should notice, pfSense does not run on a "usual linux OS". It runs FreeBSD (6).
    Besides that, the question is quite vaguely. What do you want to scan with you AV?

  • I want to avoid viruses on the server´s system files and in E-Mails, sent and received over the server.
    I don´t know what is more effective, to scan the files on the server, or to scan the data transfer to and from the server….

  • If you have a mail server then AV for emails should be on the mailserver. It can take emails, put them in a queue and scan them. A few seconds delay is not noticeable. Of course if the server is running windows then you want to clean things up before they get  there.

  • Rebel Alliance Moderator

    Without knowning more details (what server- and what firewall-arch) I would respond to

    I want to avoid viruses on the server´s system files and in E-Mails, sent and received over the server

    Scan e-Mails on their way to the server via a mailgateway. It wouldn't be the first time there was some strange side effect when doing the scanning on the same system having the normal mail service on. Get them out before they reach the final destination server (and the user) and run an additional AV on the normal filesystem of the server for file services.
    But I would not run that kind of thing on the firewall itself. Keep the firewall architecture as clean as possible and don't mix it with further services if they don't have necessarily to do with it. E.g. split the fw-arch into three nets, WAN, DMZ and LAN and setup the mailgateway in the DMZ area. So you don't have any probably "bad things" in your LAN before it passes all your desired tests.

    Just my thoughts on this :)

Log in to reply