Let me point out one side of the story first. WHS is a file server. You DO NOT execute software on it (except updates, patches etc). You do not open your files on it. Therefore save yourself some money. As long as you have client antivirus, everything you transfer in and out of WHS was checked at one point or another. Thats one arguement. I do not want to say this is right or wrong.
Let's takea look at the other side of the story. WHS is essentially Windows Server 2003 R2 (SBS Edition). Lets consider the following :
1. WHS is connected to the internet. Otherwise whats the point of "accessing it anywhere".
2. WHS is subjectable to server vulnerabilities similar to WS2003.
3. WHS requires patching. Some patches can be delivered automatically, others have to be manually put in. Therefore you need to execute some form of software once in a while.
4. WHS has software running in the background which arefrom 3rd party and can be subjected to infection. Especially if you have chosen to download it from untrusted sources.
5. You network firewall (if you have one) or router will not protect you from malware in general. If you do, you are pretty rich, I guess :P
6. Non of the default malware (if any) such as Window defender etc works on WHS. In short, you are short of arsenal against malware.
7. WHS can be attacked and WILL be attacked. If you do not believe me, look at your log in verbose mode.
8. Are you pretty sure your WHS is 100% free of trojans, spyware etc? Remember the point where you needed to have some software on your WHS and you actually launched IE to download them. Ok, maybe not cos in the default lockdown mode, you will get annoyed within 30 seconds. Mayeb you installed firefox? Now, thats a evil way to use Firefox. :) Back to the point, you probably downloaded something with it. Scan it with Spybot or Spyware Terminator and you will know the answer.
9. Do you want to risk corrupting (please dun even bring up the MS bug...) due to malware? Do you want to have unrestorable backup or unopenable files after investing so much on WHS? If you do, you should go ahead and get linux. Its cheap and probably not worth the effort protection. :)
10. Do you want someone else not on your list to access all your naked photo (of your pets) and other previous moments (with your family) all over yourtube and photosharing portal? Or your latest resume with your boss and payslip all over IRS?
11. Do you want to use the restore disk soon? Lost all your data?
In short, I sided with the 2nd camp. I believe whatever reasons it may be some form of antivirus is required. While it's not as critical as a real commercial server, you probably still want to put in some form of antivirus (of a suitable value) to protect it.
I would want to put a deeper discussion on another post, but lets run through some choice here first. ClamWin (free) is one which requires $0 but its a on demand scanner with no active component. Avast WHS edition is the only WHS "certified" antivirus of date. avast has already processed my request for an extended trial for this purpose. There are many others.
While I do not want to criticize a certain brand, I feel its fair to mentioned that its all due to my faut for trying to "hack" it to work. I tried Eset Business Suite. Its an excellent antivirus for server, but not for WHS. The firewall totally screwed up my WHS. To get it to work, I almost had to tear it down to minimum (which is probably not worth the money you pay for now).
OK, I will come back to this again when I have more concrete testing results.
No comments:
Post a Comment