Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 3600 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

multiple vendors AV on single user device

fox

hi 

I have a requirement to have two layers of AV on a single user device.  I already use a different vendor to sophos for the primary solution but was wondering if sophos would be a good pick for the secondary check.

Obviously not all AV products can sit together on a single windows desktop and may cause performance problems

my thinking was to have the second product as a command line only solution, this being called from a script after the first vendors sweep has executed.

I know sophos has a command line tool and I hope this could be used, before I can test this I have the following questions...

1) How would a command line only sophos solution stay up to date signature wise, alot of command line only AV products are for a standalone  environment and do not have a backend infrastructure.  I would prefer a pull solution from the desktop to check for dat updates ETC, I don't want our sys man solution pushing this.

2) Is the sophos signature digitally signed?

thanks all

fox

:1868


This thread was automatically locked due to age.
Parents
  • 0

    Yep, Christian is right, but it doesn't need to script.

    You could have a "designated running Sophos" machine, that has the full AV client on it (Autoupdate, AV, RMS?, running up to date, etc) and then just share out the c:\program files\sophos directory, run sav32cli.exe with some parameters from there.


    It seems to take a bit (im guessing its copying the .ide and .vdl files over the network, it needs to load them locally in order to scan) but it does work, and you're not needing to use some bodgy script to do ad-hoc updating.

    And as far as the signed question goes, all binaries, executables, dll's etc are digially signed.

    The updates themselves are also verified by the engine as they are loading to make sure they haven't been tinkered with, or corrupted in transit.

    :1878
Reply
  • 0

    Yep, Christian is right, but it doesn't need to script.

    You could have a "designated running Sophos" machine, that has the full AV client on it (Autoupdate, AV, RMS?, running up to date, etc) and then just share out the c:\program files\sophos directory, run sav32cli.exe with some parameters from there.


    It seems to take a bit (im guessing its copying the .ide and .vdl files over the network, it needs to load them locally in order to scan) but it does work, and you're not needing to use some bodgy script to do ad-hoc updating.

    And as far as the signed question goes, all binaries, executables, dll's etc are digially signed.

    The updates themselves are also verified by the engine as they are loading to make sure they haven't been tinkered with, or corrupted in transit.

    :1878
Children
No Data
Unfiltered HTML