Hello again,
Tomorrow I start the rollout of SEP at our client computers as first step and at the moment I'm thinking again what's the best practice for our Windows - File, DB, Web, Exchange and AD-Server.
I read a lot about but I'm still not sure what's the best for every type of server.
File-Server: Only AV without any other features and only scan modified files with AutoProtect? It has several volumes with more than 2 TB - is a monthly complete scan a good idea? Do you think I should install any of the other features like IPS and Firewall?
DB: I would only install AV, configure exclusions for the DB files etc and would also only scan with AutoProtect on modified files.
Web: I would install the complete package except SMTP, Outlook scanner etc. - Would you install Insight and Sonar?
Exchange: Only AV and exclusions for DB files or also Firewall and IPS because it's also hosting the Webmail?
AD-Server: Only AV?
TS-Server: I would install the complete package because users are using Outlook etc. - what do you think?
Normal member-server which are hosting several applications: Complete package except Outlook-Scanner etc.?
Generally on the servers I would install the firewall I would start with allow all inbound / outbound rules with enabled IPS and see what's happening.
How would you proceed?
The clients are all fine and not the problem... but the servers make me thinking.
Thank you! Every help is much appreciated.