Results 1 to 9 of 9

Thread: Anti-virus support

  1. #1

    Anti-virus support

    I know this is boring, but come on. Really, no support for ANY anti-virus software? For an edit system that is designed for web-casting that should be a NO-BRAINER. I've been patient since 4.0. I've even been pretty loyal, but I'm really leaning toward Adobe Premiere Pro.
    I have been using a work around of a private wireless router networked to company computers on the web, but that is going away. My company is instituting a policy of "if it's a computer, it will be on their network."
    If anyone can write a malicious script then you're investment is TOAST. That's crazy. Why not make the software a little more flexible and work with maybe the top 10 anti-virus programs or something along those lines?

  2. #2
    'the write stuff' SBowie's Avatar
    Join Date
    Feb 2003
    Location
    The stars at night are big and bright
    Posts
    19,886
    Quote Originally Posted by BizZack View Post
    I know this is boring, but come on. Really, no support for ANY anti-virus software? For an edit system that is designed for web-casting that should be a NO-BRAINER.
    Where did anyone say you can't run a virus checker on an edit system?

    Now, clearly allowing a virus checker to run freely during a live production when reliable video output is critical would be brainless - but many VT users have used virus checking judiciously to protect themselves from threats from external media, etc. There are threads here discussing this. And there is little objection to virus checking related to editing or other post production tasks (with the natural caveat that some virus software is just plain nasty all on it's own).

    Here's the latest official text on the topic (taken from the TCXD850 manual, which could as easily apply to VT):
    A.5.5 INSTALL VIRUS PROTECTION?

    Virus and malware protection applications can dramatically impact system performance (this is true even for Windows Defender™, which is deliberately disabled for this reason). In general, once additional software or services are enabled on TriCaster, real-time performance cannot be guaranteed.

    In a perfect world, we'd love to recommend that you do not install virus and/or malware protection software on TriCaster. Certainly you should always take sensible precautions to avoid introducing infected files into TriCaster by rigorously virus-checking media you plan to connect or import beforehand. Realistically though, in some settings you may feel the need for protection outweighs the risk.

    If you really feel you must install virus protection, switch all of its ‘active scanning’ operations off so that nothing can occur in the background while TriCaster’s Live Desktop is running. Anything that provides full-time protection will dramatically reduce memory and disk speed on your system, so you should disable those features. Then, only when you need to do so (perhaps on a daily or weekly schedule), perform a manual scan.
    Never let scanning continue into a live switching event, and do not assume that you can now omit pre-checking files and external media for nasty surprises. (In the unfortunate event that a contaminant does evade your defensive measures, you can always use TriCaster’s Restore TriCaster function to completely rehabilitate your system.)
    --
    Regards, Steve
    Forum Moderator
    ("You've got to ask yourself one question ... 'Do I feel lucky?' Well, do ya, spammer?")

  3. #3

    Any other ideas?

    Well, our IT department is not exactly local. So, they have the Admin rights and set them to real time scanning. Since it is one of the largest companies in the US, I don't get much say so on settings for the anti-virus. Their new policy is if it's a computer it will be on our network, period.
    I found out two weeks ago from Newtek what their stance was on this. Here's my quote from Michael Parkhill: "I have one opinion that the Microsoft Security Essentials can be used - with Real-Time Scanning turned OFF. Just about any other anti-virus I'm aware of has a provision to run scheduled scans, which could be scheduled on some off time when you are not in production."
    So, since I will be on a network always and I cannot turn off real time scanning, I guess that means I have to scrap all of my VT systems. That's not a very good answer.

  4. #4
    'the write stuff' SBowie's Avatar
    Join Date
    Feb 2003
    Location
    The stars at night are big and bright
    Posts
    19,886
    Quote Originally Posted by BizZack View Post
    Here's my quote from Michael Parkhill: "I have one opinion that the Microsoft Security Essentials can be used - with Real-Time Scanning turned OFF. Just about any other anti-virus I'm aware of has a provision to run scheduled scans, which could be scheduled on some off time when you are not in production."
    In other words, he is saying exactly the same thing I did. Use it if you must, but prevent scanning from interfering with live events.

    Seems like a perfectly reasonable answer to me. Consider the alternative - install it, let it do whatever it wants by default, and suffer the consequences. These are the two possibilities you have. i like the first one better. If it's not available to you, your event is at risk, and this is not NewTek's fault.

    (There is one other alternative - remove the system from the network during production. This would require you to either use an isolated local network for any iVGA sources, or more likely, use scan converters to let you disconnect from the network.)
    Last edited by SBowie; 07-09-2010 at 12:41 PM.
    --
    Regards, Steve
    Forum Moderator
    ("You've got to ask yourself one question ... 'Do I feel lucky?' Well, do ya, spammer?")

  5. #5
    Consultant
    Join Date
    Apr 2008
    Location
    Greater Washington, DC Area
    Posts
    1,390
    This is a tough one. Similar to what Steve suggests, can you simply have the VT scanned only when it's hooked into the corporate network? Instead of loading antivirus software on the VT itself, have it set up as a shared device so it is one of many locations scanned when you perform a virus scan of devices hooked up to your network.

    For example, on my office PC I run a locally installed virus checker at 3am every morning (though too often I'm up working and have to stop it... but that's OT) - if my VT is plugged into the network, it will scan the drive on the VT computer as well. Obviously, if it's not hooked up to the network, it will not.

    If you're streaming only within your corporation, and they scan for whatever godly reason during the middle of the work day, you're stuck.

    If not, this solution may work for you.
    Sandy Audio Visual LLC
    NewTek Certification Testing Center
    Twitter @DCTriCaster

    TriCaster: All Models
    Cameras: Sony HDC-P1, X300

    My opinion, uncensored. The blog at www.sandyaudiovisual.com.

  6. #6
    Registered User rbartlett's Avatar
    Join Date
    Feb 2003
    Location
    West Midlands, England
    Posts
    399
    On the assumption that you've had admin rights removed from you (thereby you are now unable to turn off realtime protection without calling someone else who'd be expected to be inflexible, to request it):

    Also, on the assumption that you've got your Windows installation discs (and your VT suite discs depending on how you implement the split):


    So you could install Windows again in a different directory to C:\Windows and select which one it is at boot time.

    The VT suite isn't completely wrapped around the registry for the large part of the entirely NewTek written elements. The main benefit being to drop the right bits on your desktop or into Programs/Program Files/All Programs. Personally, I'd also re-install the VT suite on the 2nd instance - but you needn't if you couldn't.

    So what remains to be solved to satisy I.T. ?

    Well, I'd give the machine limited visibility on the realtime tuned version. For this you might need to gather some information and adjust the Internet Protocol filters on the machine.

    1. Remove your default-gateway and move to a static IP configuration.
    2. Add a manual DNS
    (the above may need to be gleaned from what you receive via DHCP (ipconfig /all from cmd.exe should be useful here. You need your IP, your DNS, your gateway).

    You'll need routes now.

    route add dns1-ip(w.x.y.z) gateway-ip(a.b.c.d) -p
    route add streaming-host-ip gateway-ip(a.b.c.d) -p

    You could still receive spurrious packets from anywhere on your intranet and you could still engage in a networking dialog with anyone in your same IP subnet. For which you could adjust the basic windows packet filter. If you use TCP80 or a specific UDP port for streaming then you can block everything else except UDP/TCP port 53 (DNS-lookup). The packet filter always is running anyway (no change) and dropping packets is usually low in overheads compared to other protection mechanisms.

    If you can't fathom IP filters you could make your IP mask 255.255.255.252 and add a route to your gateway-ip via your (now static) IP address. This mask would extend the risk of another PC at your facility infecting you or vice versa to just just the three adjacent IP addresses in this pseudo subnet.

    Windows updates would be a problem but you might be able to get the latest patch version of your Windows OS from your IT department.


    -------------------------------

    It is probably a dismissable offence to not clear this with the powers that be. Now, I've faced many IP security problems that have become completely moot when I've simply mentioned that I was using X.25 (even without encryption on the line). So you might be missing another trick here! It maybe that you could go completely off the ethernet at your facility and instead have the facilities people there rent and convert your VT-output to a DVB-ASI leased line access into their point of presence (often an end-point in an MPLS network cloud) that doesn't use IP at all. Then have the rebroadcaster ingest that. You may need a DS3(colloquially, T3) or OC3-c or higher speed line depending on the rebroadcasters DVB requirements. Your end may already have the capacity to add such a port/channel onto something already at your site, so a keen price maybe possible at your end of things. It would likely restrict you to a smaller number of Internet rebroadcasters.

    (Or you could in the same 'separacy' vein, use Todocast but you'd probably have to hand over the protection side of things to your IT department as the Internet Protocol is probably the nature of the beast with that also).

    This needn't be about being devious, rather you'll be working towards a risk free harmony with other office automation technologies. It can just seem that way when you've been brow beaten before you pick yourself up to try to work with these security responsible individuals.

  7. #7
    We've got it simple. Jim_C's Avatar
    Join Date
    Mar 2003
    Location
    Thee cool evening breezes of Anytown, USA
    Posts
    4,028
    fwiw.. I had the free Avira antivirus running with standard default install settings on our VT5 live switching boxes and never had any problems with it at all. Only thing I turned off was it's autorun.inf protection, but I do that with every system I put Avira on.


  8. #8
    'the write stuff' SBowie's Avatar
    Join Date
    Feb 2003
    Location
    The stars at night are big and bright
    Posts
    19,886
    also fwiw ... here is the latest documentation on the topic for TriCaster, which I think you could apply equally in a VT environment:

    A.5.5 INSTALL VIRUS PROTECTION?

    Virus and malware protection applications can dramatically impact system performance (this is true even for Windows Defender™, which is deliberately disabled for this reason). In general, once additional software or services are enabled on TriCaster, real-time performance cannot be guaranteed.

    In a perfect world, we'd love to recommend that you do not install virus and malware protection software on TriCaster. Certainly you should always take sensible precautions to avoid introducing infected files into TriCaster by rigorously virus-checking media you plan to connect or import beforehand.

    Realistically though, in some settings you may feel the need for protection outweighs the risk. If you really feel you must install virus protection, switch all of its ‘active scanning’ operations off so that nothing can occur in the background while TriCaster’s Live Desktop is running. Anything that provides full-time protection will dramatically reduce memory and disk speed on your system, so you should disable those features. Then, only when you need to do so (perhaps on a daily or weekly schedule), perform a manual scan.

    Never let scanning continue into a live switching event, and do not assume that you can now omit pre-checking files and external media for nasty surprises.
    --
    Regards, Steve
    Forum Moderator
    ("You've got to ask yourself one question ... 'Do I feel lucky?' Well, do ya, spammer?")

  9. #9
    Old Dog w/new tricks! tfrank's Avatar
    Join Date
    Mar 2003
    Location
    Twin Falls, Idaho
    Posts
    331

    How I did it

    I handled house IT intrusions into a VT a few years ago by just unplugging it from the house intranet when I was editing.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •