Brian91
2 Iron

Antivirus and NetWorker

Hi All

Just a general question - what's the general consensus about running an antivirus product on the backup server?  I come from a background where we've never run AV on a backup server as it impacts the speed of the backups, etc.

But does it?

We're currently running NetWorker 7.6.3 on Windows 2003 32-bit and the organisation is looking to install Symantec Endpoint Protection 11. This has been running on other servers, but has never been installed on the NetWorker server.

Good idea to install it?  Bad idea to install it?

Your comments are appreciated.

Thanks

Brian

0 Kudos
8 Replies
crazyrov
3 Zinc

Re: Antivirus and NetWorker

For me, this is a bad idea.
A common practice on a backup server is to leave the folders containing the backup metadata to be excluded from getting scanned by the anti virus. But I would support the "Don't install anti-virus on your backup server" slogan because (as far as i have come across) the antivirus is scheduled to run full machine scans that are very process intensive. When the scan runs there is minimum resources left out for the backup software to operate on, thus the performance impact.

I am sure there are different opinions here about this though.

Highlighted
ble1
5 Iridium

Re: Antivirus and NetWorker

Avoid it on backup server.

Brian91
2 Iron

Re: Antivirus and NetWorker

Thanks for your answers, guys.

Brian

0 Kudos
CarlosRojas
4 Tellurium

Re: Antivirus and NetWorker

Hi all,

Definitely bad idea.

This will be doing real-time scan on every single file, will be checking NW processes and  TCP connections, if snapshot involved it would also be scanning the SYTEM VOLUME INFORMATION folder where the snapshot is created.

Overall you will be facing issues, timeouts, backups "hanging" etc.

If eventually you have to install it I believe there are some technical documents that specify all the requirements for folders, processes etc that needs to be excluded from the AV scan.

Thank you,

Carlos

Brian91
2 Iron

Re: Antivirus and NetWorker

Thanks, Carlos.  One of our other customers uses CommVault Simpana and they insisted on having McAfee running on the backup server.  Fotunately, the CommVault documentation tells you what processes as well as directories to exclude from virus scanning - but I'm still unhappy about running AV on it.

0 Kudos
backupabhishek
1 Nickel

Re: Antivirus and NetWorker

Hi Carlos,

Please share any technical document mentioning files and folders to be excluded from the AV scan.

0 Kudos
ble1
5 Iridium

Re: Antivirus and NetWorker

Everything under Program Files\Legato (or EMC)\nsr.  Also make sure save and recover are excluded from any checks.  And avoid tampering service.

0 Kudos
CarlosRojas
4 Tellurium

Re: Antivirus and NetWorker

Hi all,

I cannot find now the document I was talking about, but in the installation and administration guides you can find this:

Undesirable behavior might occur if the antivirus software installed on a Windows machine is not tuned for backup environments.

Configure the antivirus software to:

• Avoid scanning files that are opened for backup.

For example:

• Clear Opened for Backup in the Advanced Auto-Protect option for Norton Antivirus.

• Clear Opened for Backup in the Scan Items tab of McAfee’s On-Access Scan Properties window.

Not monitor the following directories:

• C:\Program Files\EMC or C:\Program files\Legato

• AFTD directories

Refer to the antivirus documentation for detailed information.

McAfee Knowledgebase article KB53787 provides information for McAfee 8.7i.

McAfee Knowledgebase article KB53781 provides information for McAfee 8.0i and 8.5i.

For Norton Antivirus, Norton knowledgebase article provides details on how to configure an exclusions list.

For McAfee, McAfee knowledgebase article KB50998 provides details on how to configure exclusions.

Some Symantec info about how to configure:

How to configure Tamper Protection in Symantec Endpoint Protection 11.0

Thank you,

Carlos

0 Kudos