Hello all,
I'm trying to decide the best standardized computer infrastructure for my company while still allowing users to use their computers however they please. (That in an of itself is a contradiction, but that's the route my boss wants to take...) There are multiple locations and I plan on connecting them all to the corporate office via VPNs eventually for file sharing. However, my issue more or less centered around two problems:

1) A good backup solution, and
2) A good virus solution.

I have a server with RAID 5 currently acting as an FTP server and file server, but soon to be an exchange server as well. It is simply hooked up as a node in the network, not streamlined as a firewall would be.

The urgency for these solutions recently stemmed from the MarioForever.exe virus on a co-workers computer. I couldn't delete the file by pressing the delete key, and the current internet security software couldn't remove the file. Upon rebooting, user32.dll was removed, and I had to hook up her hard drive to my computer to get the file copied.

Also keep in mind that many people in the office travel and are often not in the office.

I've been looking at the backup solution in a couple of ways:

1) I could have hard drive images of everyone's computer and do a daily incremental backup. Those files could be stored on the file server and could be restored as long as the computer is in the office. For those that travel, I could make them carry around an external I suppose, although I'm not sure that's a great solution for the folks that travel.

2) I could have physicaly hard drive replacements, each with a clone of the working computer at x time, and the other occaisionally cloned (say, weekly) as well as incremental backups made. I don't think that this is the best solution, as hard drive farms are expensive, although the beauty of being able to just plop another drive in is nice...

The right way to do this is to have all computers as exactly the same machines and images of each different line of computers along with scripts to configure each computer. We want to maintain individuality and freedom though .
I'd like it to have the most flexibility possible (like being able to restore the computer's files to an earlier date and not necessarily the documents).
I was contemplating using Acronis for this task in conjunction with the management console, but that still leaves out those who travel - potentially the most important folk.
Any ideas/recommendations?



Regarding the virus issue:

I've tried installing Avanquest System Security Suite on a few computers and it seemed to work well - telling users when things were changing in the computers and warning them about potential risks. It worked until I realized that that software is engineered more or less for system maintenance and not for good anti-virus removal. It worked GREAT for preventing users from coming down with dumb*** and doing dumb*** things. However it failed to protect my network from the MarioForever virus. As I'm writing this a couple computers are scanning with MBAM which I know will remove it. Is there a good solution out there for anti-virus that actually DOES do a good job? I'd like it if the software could also prevent the aforementioned idiosyncrasies that plague ignorant computer folk constantly, kind of like Avanquent does currently, except it'd have to have good detection. Ideally, I'd like both features to be in the same product considering pricing and the number of licenses required.