Unsolved
This post is more than 5 years old
71 Posts
0
5748
Antivirus and NetWorker
Hi All
Just a general question - what's the general consensus about running an antivirus product on the backup server? I come from a background where we've never run AV on a backup server as it impacts the speed of the backups, etc.
But does it?
We're currently running NetWorker 7.6.3 on Windows 2003 32-bit and the organisation is looking to install Symantec Endpoint Protection 11. This has been running on other servers, but has never been installed on the NetWorker server.
Good idea to install it? Bad idea to install it?
Your comments are appreciated.
Thanks
Brian
crazyrov
4 Operator
4 Operator
•
1.3K Posts
1
November 19th, 2013 03:00
For me, this is a bad idea.
A common practice on a backup server is to leave the folders containing the backup metadata to be excluded from getting scanned by the anti virus. But I would support the "Don't install anti-virus on your backup server" slogan because (as far as i have come across) the antivirus is scheduled to run full machine scans that are very process intensive. When the scan runs there is minimum resources left out for the backup software to operate on, thus the performance impact.
I am sure there are different opinions here about this though.
ble1
2 Intern
2 Intern
•
14.3K Posts
1
November 19th, 2013 09:00
Avoid it on backup server.
Brian91_4544b4
71 Posts
0
November 20th, 2013 02:00
Thanks for your answers, guys.
Brian
CarlosRojas
1.7K Posts
1
November 20th, 2013 03:00
Hi all,
Definitely bad idea.
This will be doing real-time scan on every single file, will be checking NW processes and TCP connections, if snapshot involved it would also be scanning the SYTEM VOLUME INFORMATION folder where the snapshot is created.
Overall you will be facing issues, timeouts, backups "hanging" etc.
If eventually you have to install it I believe there are some technical documents that specify all the requirements for folders, processes etc that needs to be excluded from the AV scan.
Thank you,
Carlos
Brian91_4544b4
71 Posts
0
November 20th, 2013 03:00
Thanks, Carlos. One of our other customers uses CommVault Simpana and they insisted on having McAfee running on the backup server. Fotunately, the CommVault documentation tells you what processes as well as directories to exclude from virus scanning - but I'm still unhappy about running AV on it.
DataProtectxr
45 Posts
0
November 20th, 2013 04:00
Hi Carlos,
Please share any technical document mentioning files and folders to be excluded from the AV scan.
ble1
2 Intern
2 Intern
•
14.3K Posts
0
November 20th, 2013 04:00
Everything under Program Files\Legato (or EMC)\nsr. Also make sure save and recover are excluded from any checks. And avoid tampering service.
CarlosRojas
1.7K Posts
0
November 20th, 2013 05:00
Hi all,
I cannot find now the document I was talking about, but in the installation and administration guides you can find this:
Undesirable behavior might occur if the antivirus software installed on a Windows machine is not tuned for backup environments.
Configure the antivirus software to:
• Avoid scanning files that are opened for backup.
For example:
• Clear Opened for Backup in the Advanced Auto-Protect option for Norton Antivirus.
• Clear Opened for Backup in the Scan Items tab of McAfee’s On-Access Scan Properties window.
Not monitor the following directories:
• C:\Program Files\EMC or C:\Program files\Legato
• AFTD directories
Refer to the antivirus documentation for detailed information.
McAfee Knowledgebase article KB53787 provides information for McAfee 8.7i.
McAfee Knowledgebase article KB53781 provides information for McAfee 8.0i and 8.5i.
For Norton Antivirus, Norton knowledgebase article provides details on how to configure an exclusions list.
For McAfee, McAfee knowledgebase article KB50998 provides details on how to configure exclusions.
Some Symantec info about how to configure:
How to configure Tamper Protection in Symantec Endpoint Protection 11.0
Thank you,
Carlos