Antivirus Configuration for dedicated SQL and dedicated IIS Servers

Posted by Wayne Arthurton on Server Fault See other posts from Server Fault or by Wayne Arthurton
Published on 2010-04-29T15:29:18Z Indexed on 2010/04/29 23:07 UTC
Read the original article Hit count: 671

Filed under:
|
|
|
|

Our corporate standard is McAfee Enterprise, unfortunately this is non-negotiable.

On two types of servers I'm responsible for, SQL & Web, we have noticed major performance issues with the corporate standard setup.

  • Max scan time 45sec
  • One policy for all processes
  • Scan ALL files on write, read and open for backup
  • Heuristics: Find unknown programs, trojans and macros
  • Detect unwanted programs
  • Exclude: EVT, LDF, LOG, MDF, VMD, , windows file protection)

This of course still causes major slowdowns. IIS .NET recompiles are slow especially with SharePoint, SQL backups and restores, SQL Analysis Services, Integration Services and temp data from them as well.

I have looked from time to time, for some best practices on setting up McAfee of SQL & SQL Analysis Service, SQL Integration Service, Visual Studio, Sharepoint, and .NET web servers in general.

How do people setup McAfee enterprise on their corporate serves keeping security intact, but affecting performance as minimally as possible?

Has anyone run across white papers on these setups? Obviously some are case by case, but there must be some best practices out there somewhere.

© Server Fault or respective owner

Related posts about mcafee

Related posts about sql-server