Is it safe to install Anti-virus software on a RHEV manager?

Latest response

We have a requirement to install Anti-virus software on all of our servers, even Linux servers, specifically Symantec Endpoint Protection.

To install SEP, it has prerequisites of installing Oracle java and the unlimited cryptography extensions. (open java doesn't work)

Is it safe to install these on a RHEV manager? In the install guide it specifically said not to have any 3rd party security software installed when building the server, but after the server is up and running correctly, is it safe to install it then?

Thanks,

Paul

Responses

Hi Paul, three words : definitely not recommended ! Installing Symantec Endpoint Protection is a very bad idea.
If you really want to install an anti-virus solution, you should better choose ClamAV from the EPEL repositories.
Learn more about how to install ClamAV in the Knowledgebase -> https://access.redhat.com/solutions/22007

Sorry Anand, but those three links appear to be related to SSH configuration not Symantec Endpoint Protection. I'm not sure their relevance?

Christian,

Trying to switch to a different product would be more complicated than it's worth. If there was an official Redhat recommendation to NOT use AV on a RHEVM manager, that might suffice to get an exemption for this one server. Do you know if such an official recommendation exists? Paul

Hi Paul, no, unfortunately I don't know if an official recommendation from Red Hat exists ... but I guess not. Anyway, AV tools such like (especially) Symantec Endpoint Protection are known to cause a lot of trouble and sometimes make systems even more vulnerable to security threads instead of providing advanced security. But of course, the decision is completely up to you if you want to install Symantec Endpoint Protection or not. Please also consider that removing it later might become a real pain, these kind of applications tend to integrate themselves deeply into the infrastructure of all operating systems. :)

Hi Paul,

We have installed Symantec Endpoint protection in our RHEV-Manager, RHEL based Hyerpvisors, Linux Guests, Windows guests. Till date working fine, It required 32 bit dependencies to install SEP. We have faced virus definitions update issues in RHEL 7, last month Symantec released a patch and it too fixed. To make sure free from any issues your mount points /tmp, /var should have minimum 2 GB free space. Symantec Updates are rapidly filling out disk.

Thanks & Regards,

Babin Lonston

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.