MS koupil RAV?

[Rybarik, Michal]

> > to ze vypadla "niektora komponenta" stalo asi 5x. a ked vam 
> > na druhy den 
> > zacne byt podozrive ze nechodi ziadna posta, musite zohnat 
> > admina alebo 
> 
> 	Mozna je na case zmenit admina, pokud neni schopen delat svoji
> praci kvalitne - asi takto - systemy v ruznych kombinacich (vzdy se

dostal som do spravy niekolko roznych serverov s roznymi distribuciami, 
verziami, a roznymi antivirovymi rieseniami. niekedy su tie riesenia fakt 
strasne. potrebujem ich unifikovat, tak, aby to klienta nestalo majetok a 
aby som s tym nemal vela roboty pri instalacii, a idealne ziadnu robotu
pocas prevadzky, nakolko hodina mna alebo mojich kolegov zdaleka nie je lacna.


> 	???? co takhle pohledat na Webu, nebo poradne cist dobre minene
> ruzne utrusovane rady...?!
> 
> 	Vymenu AV engine je nutno provest 1x za 3 mesice a to jen z toho
> duvodu, ze je to jediny zpusob, jak debilni adminy donutit, aby
> aktualizovali - jednoduse pro starsi AV engine nejsou IDE... k cemu je
> Vam rok stary Engine a nove paterny, kdyz vir ma takovou podobu, ze ho
> nelze detekovat...- typicky AVG stare jak metuzalen, ale hlavne ze
> databaze je vcerejsi...:-)
> 
> > manager ktory tie updaty bude stahovat, skoda len ze existuje 
> > len pre win32 
> > a mailserver je na linuxe. skratka nepouzitelne riesenie, 
> > predate 5 takych 
> > rieseni a mozte zamestnat jedneho cloveka na updatovanie. 
> 
> 	Ano, toto je jedina relevantni vytka, kterou v pripade Linuxu
> prijimam - ale jak jsem rekl, je to nutnost (proc uvedeno vyse) a je
> nutno delat 1x za 2-3 mesice, to neni hruza, kterou by nekdo 
> nezaplatil
> (prace na 30 minut)

ak, aby sme sme sa bavili konkretne, cut'n'paste z SOPHOS ANTIVIRUS Unix Server Update Guide:
[komu sa nechce citat nech tento odstavec kludne preskoci, dalsi je zaujimavejsi]

A monthly update of the Unix server involves two steps.
- Update the IDEs (section 2.1.1).
- Update the Sophos Anti-Virus for Unix files (section 2.1.2).
2.1.1 Update the IDEs
1. At the Unix server, delete all the *.ide files from /usr/local/sav
2. Go to the IDE download page of the Sophos website (www.sophos.com/ downloads/ide).
3. Find the compressed IDEs file for the new version of Sophos Anti-Virus. Save
the file to your hard disk. Then extract the IDE files to usr/local/sav.
If you prefer, scroll down the page and download the IDEs one by one, to the
location above.
Now update the Sophos Anti-Virus for Unix files (section 2.1.2).
2.1.2 Update the Sophos Anti-Virus files
Update the Sophos Anti-Virus files as follows.
1. Log on to the server with root privileges or become superuser.
If you have downloaded a Sophos Anti-Virus archive file from the Sophos
website, go straight to step 6.
2. Insert the Sophos CD.
3. Mount the CD drive and list the contents of the unix subdirectory.
4. Select the appropriate archive file for your Unix platform.
5. Copy the archive file to the /tmp directory.
6. Untar the archive file into /tmp as follows
cd /tmp
tar -xvf [dist].tar
where [dist].tar is the archive for your platform.
The installation files are extracted to the directory sav-install in
the /tmp directory.
7. Run the installation script
cd sav-install
./install.sh -ni
If you want to include the InterCheck Server in the installation, do not use
the -ni option.
You may now see a warning about the MANPATH environment variable.
However, the update will be made correctly.
Sophos Anti-Virus is up to date on the Unix server.
Now replace out-of-date virus identity files in the Windows CIDs (section
2.2).


skutocne easy postup na mesacny update. ale kedze mesacny update nie je 
vsetko, a semtam sa vyskytne aj virus ktory treba updatnut hned, pojednava 
o tom dalsia kapitola

3 Updating when there is a new virus threat
This type of update is carried out between major monthly updates of Sophos
Anti-Virus. Whenever there is a significant new virus threat, such as a fast-spreading
email worm, you must download the virus identity files (IDE) for it
from the Sophos website.
To receive email notifications about IDEs and other alerts, register at
www.sophos.com/virusinfo/notifications.
Updating with a new IDE involves the following steps.
- Update the Unix server with the new IDE (section 3.1).
- Update the workstations with the new IDE (section 3.2).
3.1 Update the Unix server with the new IDE
1. At the Unix server, go to the IDE download page of the Sophos website
(www.sophos.com/downloads/ide). You see a list of the latest IDEs.
2. Click the name of the IDE file for the virus and save it to
/usr/local/sav
Sophos Anti-Virus can now protect your Unix server from the virus.

je mile, ze ponukaju za tie prachy aspon mailove notifikacie... :o/ takze 
sophos novy virus nechyti do najblizsej mesacnej aktualizacie, ak ho 
neupdatnem rucne (ked budem na dovolenke, a vyjde novy vir, mam siet v 
prdeli). RAV si stiahne nove signatury v priemere 2x denne... preboha, 
co je to za blaznovstvo, updatovat databazu rucne, ked je ten mailserver 
pripojeny na internet a moze to robit automaticky? to ze je sophos 10x 
drahsi ako RAV alebo NOD sa da pochopit, ale nie v kontexte ze si ho mate 
updatovat rucne stylom citujem "scroll down the page and download the 
IDEs one by one"... :o( (IDE je virova signatura, nie druh disku ani vyvojove 
prostredie)

> obecny zaver - ktery z Vami zminenych AV ma takove zazemi, takove
> uspechy v nezavyslych testech, takovy centralni management, takove
> multiplatformni nasazeni/podporu - ceske zastoupeni a ne jen
> preprodejce.... - divate se na to moc jednoduchym metrem...

meter je naozaj velmi jednoduchy... zakaznik chce spolahlivy antivir 
na linuxovy mailserver za rozumnu cenu. spolahlivy znamena to, ze 
bude stabilny, nezakusne sa na ziadnom maili, a ze chyti vsetky 
in-the-wild virusy. aj ked je admin na dovolenke..

okrem toho, mame niekolko serverov, ku ktorym neexistuje remote access.
je tazko predstavitelne, ze ked vyjde novy virus, aby som spravil 1000
kilometrov kvoli updatnutiu antivirov..

p