October 26, 2009, 3:47 PM — I was recently surprised when someone asked me what anti-virus programs they should be running. Note, he said 'programs,' not program, and that's what he meant. He thought that if one A/V (anti-viral) program would do him good then two or three would be even better.
Ah.... no, that's not how it works.
While it's certainly true that one A/V program will catching something that another program might miss, if you add layers of A/V software to one PC, you're asking for the two of them to clash with each other. The end result is a PC that will certainly run slower, and might very well stop working from time to time because of conflicts between them.
You're much better off if you just get one good A/V program and keep it updated.
The same is also true with firewall and other security programs. Multiple layers of the same kind of protection on a single PC just means that there are more ways for things to go wrong, not better, added protection.
It's a different story if you're running a network. Even on a small network you should have firewalls both on your PCs and on your server or device that stands between you and the Internet, like a SONICWall TZ or NSA Series appliance. You'll still need to make sure that everything works smoothly together. I can't count the number of times I've found that an Internet program was 'broken' because while one firewall let the software access its required port, another blocked it.
Finding and fixing that kind of problem comes with a network administrator's job. With so much malware and automated network attacks on the Internet, you have no choice but to block potentially dangerous connections from both your network as a whole and on each individual PC.
I also run a different A/V program on my servers, especially my mail server, than I do on my PCs. Since I'm not running the programs on the same box, I avoid the problems of conflicting programs, while making sure that I don't miss any problems on the servers.
Here again though I'm not going to run multiple programs to do the same job on the same box. If you try that, workstation or server, you're just asking for trouble. And, after all, the entire point of using security software in the first place is to avoid trouble.