Pfsense - on access virus scanner



  • Hello

    Here is my present situation.

    There are 15 computers networked. The other 14 computers connect to the internet via a gateway computer

    computer15.

    Computer15 is running windows XP and it is running a proxy server also. So all 14 computers in LAN access computer15 to connect the internet.

    Why ?

    Because I have installed an excellent antivirus product in computer15 and I do not want to buy any more licenses of that antivirus So what computer15's antivirus does is, it processes all emails, webpages, files that are being downloaded to the other LAN computers..So since computer15 is the gateway and the proxy, it can scan all files that are downloaded "through" it and

    ALL the other 14 computers are AUTOMATICALLY PROTECTED.

    But windows xp has its own share of problems and it is becoming slower and slower to access the internet since I read somewhere that an windows XP computer can serve a maximum of 10 network connections at a time.

    =====================================

    I want to use PFSENSE for the gateway computer alone. All the other 14 computers will still use windows XP

    Can anyone please tell me

    1. So can I use all my individual existing applications like SSH, ftp, yahoo messenger, msn, mysql-front, windows remote admin etc as it is on the windows computers or should they need to be configured differently ?

    2. Here comes the main reason for my question I assume clamav can be installed with pfsense but what do I do or how to configure it such a way that each and every file or email or website that goes through the  pfsense proxy server gets scanned automatically ?

    This is important since none of the other 14 computers running windows xp will have any kind of antivirus installed . THEY all will depend on this PFSENSE gateway computer for their dear LIFE !!

    Chris



  • I think http://www.untangle.com/ will be a better fit.



  • Unless your proxy understands every IM client (and those IM clients aren't just using HTTPS CONNECT, making the content invisible) and you've banned all HTTPS pages (see previous comment) you're still vulnerable.  Heck, all it takes is a password protected ZIP file with malware inside, or just a piece of malware (maybe on a web page) that the AV on your proxy doesn't recognise.

    You should install suitable protection on every machine on the network.  There are a number of free (for non-commercial use) AV products out there if you're short of money.  Don't forget to cover the spyware front too, something very few AV products catch yet (because it's better business sense to sell 2 products).



  • There are ways to do such configs not from the pfsense gui!

    Search google if you want to do such a config but it just provides basic security and not a real protection.


Locked