Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

how does it handle file access

Status
Not open for further replies.
swabs

swabs

IS-IT--Management
Joined
Jul 28, 2003
Messages
155
Location
US
Hello,
Our company is about to implement Citrix MetaframeXp. What is the best way handle virus protection on a citrix server?
My main concern is that users who connect remotely are using machines that might have a virus on them. When a user connects to a citrix desktop they can see both their local drives and the citrix server drives. Can viruses move easily from the home machine to the citrix server?
Have any of you dealt with this scenario?

Any help would be greatly appreciated.

Thanks,
ben
 
Sort by date Sort by votes
Typically, you don't want to run antivirus on a terminal server if it is a application that runs a database engine that performs a lot of activity. However, you may have to if the users will be accessing the web/e-mail on that server.

What you really want to worry about is someone accessing the internet through the terminal server, and downloading spyware and virus that way. Each spyware and/or virus is going to affect every user that connects, and make it a really bad day if a virus wipes out that server.

My point is be more worried about users infecting the terminal server by their activities on the terminal server itself, and not their actual desktops. Ideally, you want a good combination of protection on both ends, but virus/spyware activity on the server itself should be the bigger concern.

Matt J.

Please always take the time to backup any and all data before performing any actions suggested for ANY problem, regardless of how minor a change it might seem. Also test the backup to make sure it is intact.
 
Upvote 0 Downvote
mattjurado has a good point. If your environment is restricted so that users cant download, open or execute harmful files then you shouldn't need any virus protection software. But having said that, I use TrendMicro for our virus protection solution on our Citrix servers.

This software works GREAT. I have tried CA's InnoculateIT and McAfee without any success. Those two products usually crank the CPU utilization very high. Trend is very friendly toward terminal service environments.
I have both a scheduled scan and Realtime scan engines on our servers.

(serverprotect)

hope that helps.
 
Upvote 0 Downvote
mattjurado and enigma99,
Thanks for the replies. I will take your suggestions.

Enigma99,
You stated "If your environment is restricted so that users cant download, open or execute harmful files then you shouldn't need any virus protection software"
Do you think it is best to do that through the local security policy or via Group Policy? What method have you used to lock the users down?

Thanks,
Ben
 
Upvote 0 Downvote
GPO is the best way to do it.
I have restricted users from using registry editing tools, command lind, control panel...etc..etc.
It is a very powerful utility that works great.

I guess the biggest thing is to have virus protection on the server(s) that is holding your profile and home directories. But having AVS on the app servers doesn't hurt either.

Hope that helps.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

P
  • Locked
  • Question Question
Recovery Disc failing to verify correct PC even though it is. 2006 Palvilion a1410y
Replies
0
Views
555
PalBadium
P
VicM
  • Locked
  • Question Question
Win7 backup on Win11 Pro box not completing as it had in the past
Replies
2
Views
983
VicM
VicM
gazonk.del
  • Locked
  • Question Question
How to Copy save_set from Tape to Disk -- Continuation
Replies
0
Views
565
gazonk.del
gazonk.del
bdeal4122
  • Locked
  • Question Question
Remote Access
Replies
2
Views
594
bdeal4122
bdeal4122
SBTBILL
  • Locked
  • Question Question
How to get to files
Replies
1
Views
534
Provogeek
Provogeek

Part and Inventory Search

Sponsor

Back
Top