Hi, We are deploying an AutoScaling WEB Infrastructure (linux based) within RackSpace Cloud and want to install some kind of AV protection on the servers. Can you recommend any offerings from MacAfee that we could use ? As the setup will be auto-scaling, we won't know how many cloud servers will be active at one point in time at It will entirely depend on load but we can ensure that we won't ever exceed a set maximum number of servers. We are looking to have simple client only solution as we don't want to have and manage a separate AV server to attach the clients to. The clients can update themselves from internet directly for latest virus signatures. Ideally we will be burning in the AV client within an image and use that image to build the servers. The servers at boot could perhaps then download the latest AV signatures via internet.
What are you trying to protect - the servers from having malware dropped on them, or the content of the web farm from including malware?
If you want to lock down your servers so they can't get infected, maybe Application Control is a better option - it stops unauthorized change, so no new files or executables can be used.
If your web farm is hosting files, and you want to protect users from downloading malware from those servers, then you need a different AV offering.
PM me with some details of your project and I'll connect you with the right datacenter people.
Essentially our application is a standard PHP/MySQL , with Apache in front. We want to ensure that the webservers don't gets compromised via some vulnerability (SQL Injections etc). Essentially we need some kind of WAF (Web Application Firewall) type security where malicious code , if planted , can be prevented or atleast detected and quarantined.
Hope this helps.
@ Vineet: RedHat enterprise 6.x
@ Ssayeram: ePO looks promising. We can look into that. Can we use 1. without ePO i.e. as a stand-alone product ?
We are keen to talk further to understand the product better and potentially go-ahead with it. Any chance we could setup a WebEx or similar ? Please PM me.
Have you had a look at McAfee's Data Center Connector for OpenStack? It was designed to help you with your exact use-case (i.e. use ePO to centrally manage an auto-scaling web-app in Rackspace).
Since you are using the LAMP stack, Id recommend these McAfee components:
1. McAfee VirusScan Enterprise for Linux & McAfee Application Control - for your Linux layer (presuming your Linux distro/version is supported)
2. McAfee Database Activity Monitoring w/ vPatch - for your MySQL layer
3. ePO with Connector for OpenStack - for Central management
Let me know if you need any further assistance.