Anti-Virus Support


#1

Most Trusts use Sophos. Will this distro come complete with Sophos?


(Marcus Baw) #2

No, NHoS does not come with Sophos. But neither does Microsoft Windows XP, 7 , 8, 8.1, or 10.

It’s worth remembering that our resources are distinctly limited, and we’re doing this largely for free in our own time, for the benefit of the NHS. Financial support from NHS organisations to develop the OS further, and pledges of sites for testing can help with this.

On the topic of AV, the absolute requirement for an aggressive antivirus solution is reduced (but not completely removed) when using a secure operating system with permissions-based file system (eg Linux). SELinux and apparmor adds further resilience. Windows is particularly difficult to secure. Antivirus is also a cure strategy rather than prevention strategy - by the time your AV software tells you that you have an infection, you already have an infection. And - if its a network worm - by then, so does your entire organisation.

There are free, open source antivirus suites available, which we can package in the base distro - would someone from the team at @NHS_Informatics like to review/trial the available ones? A pros/cons commentary in this thread would be really helpful for us as we decide what to package.

Marcus


(Rob Dyke) #3

Sophos has products for Linux.

/rob


(gary.kennington) #4

And they are Free!! However, if scaled at Enterprise level, and managed centrally, there will invariably be a cost


(Matthew Vi) #5

I can’t comment on Linux Desktop security solutions as I have always used sudo apt-get install selinux and simple caution when downloading things such as executables. However, when it comes to server-side systems, I have had success using ClamAV https://www.clamav.net/ for scanning files at the time of upload (for instance, it passed the https://en.wikipedia.org/wiki/EICAR_test_file test with ease). It is also a great solution for email security I hear.

ClamAV is a serious project that appears to be respected in the information security field. I wonder if the desktop client would be worth a look (may not be as user friendly as a non-free solution though).

Thanks,
Matthew Vita