J
Jørn Jørgensen
Hi,
We are a service management company currently operating among other things
antivirus services for a couple of dozen SMB clients. We are planning to
roll out SAV to all our customers shortly, but have some questions regarding
how we should plan the architecture.
The Scenario:
* One central Operations site connected to customers' sites over Internet
(some have VPN connections, others not).
* All customers' sites are organized as direct 'children' of the Operations
site, ie. if a customer has two sites, an HQ and a sattelite branch office,
management is handled from Operations directly to the HQ and SBO - SBO is
not managed through HQ.
* All customers have xDSL connections (minimum 1024/256) and the Operations
site has SHDSL 2312/2312.
* We are using Microsoft Operations Manager 2005 (beta at the moment) for
monitoring and Systems Management Server 2003 for software distribution.
* Some customer sites (and the Operations site) are 3-legged networks with a
DMZ and an internal zone.
What we are now looking for is a best practice on how to handle Symantec
Antivirus in this scenario.
* How wouold it be wise to build the client/server/server group/system
console hierarchy? We are looking to manage 100% from the top down from the
Operations site, nothing should be done onsite.
* In a setup with a DMZ and an internal network, in which zone should the
antivirus server be placed?
* Can SAV monitoring be easily set up to report to Microsoft Operations
Manager? We'd like to keep the number of monitoring consoles and alert
systems to an absolute minimum.
* What is the preferred distribution method for the antivirus client? Can we
use SMS server or are there any special reasons why we should consider using
the SAV servers themselves for deployment?
* Is SMS a viable distribution method for SAV servers?
* In the scenario with a 'parent' Operations site, what is the recommended
'flow' of virus update files? Symantec -> Operations server -> site
servers -> clients, or Symantec -> Site servers -> Clients?
* We are also looking to deploy Symantec Client Security to a subset of
clients at customer sites. Is this something we should do in conjunction
with deploying SAV, or can this just as easily be rolled out later?
Any feedback here would be greatly appreciated as we don't hav very much
experience with SAV at an enterprise level.
Thanks,
Jørn
We are a service management company currently operating among other things
antivirus services for a couple of dozen SMB clients. We are planning to
roll out SAV to all our customers shortly, but have some questions regarding
how we should plan the architecture.
The Scenario:
* One central Operations site connected to customers' sites over Internet
(some have VPN connections, others not).
* All customers' sites are organized as direct 'children' of the Operations
site, ie. if a customer has two sites, an HQ and a sattelite branch office,
management is handled from Operations directly to the HQ and SBO - SBO is
not managed through HQ.
* All customers have xDSL connections (minimum 1024/256) and the Operations
site has SHDSL 2312/2312.
* We are using Microsoft Operations Manager 2005 (beta at the moment) for
monitoring and Systems Management Server 2003 for software distribution.
* Some customer sites (and the Operations site) are 3-legged networks with a
DMZ and an internal zone.
What we are now looking for is a best practice on how to handle Symantec
Antivirus in this scenario.
* How wouold it be wise to build the client/server/server group/system
console hierarchy? We are looking to manage 100% from the top down from the
Operations site, nothing should be done onsite.
* In a setup with a DMZ and an internal network, in which zone should the
antivirus server be placed?
* Can SAV monitoring be easily set up to report to Microsoft Operations
Manager? We'd like to keep the number of monitoring consoles and alert
systems to an absolute minimum.
* What is the preferred distribution method for the antivirus client? Can we
use SMS server or are there any special reasons why we should consider using
the SAV servers themselves for deployment?
* Is SMS a viable distribution method for SAV servers?
* In the scenario with a 'parent' Operations site, what is the recommended
'flow' of virus update files? Symantec -> Operations server -> site
servers -> clients, or Symantec -> Site servers -> Clients?
* We are also looking to deploy Symantec Client Security to a subset of
clients at customer sites. Is this something we should do in conjunction
with deploying SAV, or can this just as easily be rolled out later?
Any feedback here would be greatly appreciated as we don't hav very much
experience with SAV at an enterprise level.
Thanks,
Jørn