I have rewritten this post now that there are more solutions available on the market. See links below:
Microsoft ForeFront for SharePoint (with SP1)http://www.microsoft.com/technet/prodtechnol/eval/fssp/default.mspx
TrendMicro PortalProtecthttp://us.trendmicro.com/us/products/enterprise/portalprotect/
Symantec Protection 5.1 for SharePoint Servershttp://www.symantec.com/business/products/overview.jsp?pcid=2241&pvid=829_1
McAfee PortalShield for Microsoft SharePointIt does not list SharePoint 2007 under the system requirements on their site but it does in the datasheet PDF so who knows...http://mcafee.com/us/enterprise/products/email_web_security/portalshield_microsoft_sharepoint.html
Jeff
Update: I spoke with a Symantec rep last week and they stated there would be a Symantec antivirus solution available for MOSS sometime during Q1 2008.
McAfee have released PortalShield 2.0 that supports MOSS 2007. The product info is not available on their website yet but an eval. copy can be downloaded from secure.nai.com/.../default.asp
AVG supposedly provides Anti-Virus support for Sharepoint. The two products are listed on this chart
www.grisoft.com/.../3
Very useful post.
Is there a business case for an antivirus solution for MOSS when the SharePoint sites are only internal and there is already an entreprise AV solution in place?
I assume that the files that would be uploaded to MOSS libraries would be scanned previously by the Enterprise AV??
Neo,
This assumption would be incorrect. Files that are uploaded through the web front ends are sent directly to a SQL database so no file level scanning takes place. Granted, machines on your network should have AV installed locally and would have already scanned the files but can you be sure that all systems have updated AV signatures? In addition, if you have enabled Incoming Email to Document Libraries this is another potential risk for viruses. AV solutions installed on the servers themselves that are not MOSS-aware are basically worthless for protecting content within SharePoint.
Lets say, an infected .doc was uploaded to the site and is stored in SQL; how can it corrupt MOSS environment? It only affects clients that download the document; and their client AV will catch the infected doc. Am I missing other potential risks?
You are assuming that all client machines have updated antivirus. If you are comfortable with this assumption, then you are probably ok. I just never recommend it to my clients.
Not scanning files uploaded to MOSS has been a major security concern. we run client AV throughout the corporation, that doesnt stop us from putting AV on our file servers, why would we treat MOSS differently? I do not feel comfortable running the risk of having infected files uploaded to my MOSS database.
Good post. Any feedback based on actual product use?
PFM:
We are running Forefront internally within our organization and have not seen any issues. I did have a client that was using the McAfee solution state that scanning on upload only and not on download gave them a serious performance increase.