Solved

AV for MSSQL

Posted on 2014-11-26
2
69 Views
Last Modified: 2014-12-03
I have seen a few articles about aligning the configuration of your servers anti virus with microsofts recommendations, namely MS recommend excluding certain paths and file types from you scanning process. Out of interest, what is the risk if you don't exempt such directories, what could go wrong? what file types and paths do you exclude?
0
Comment
Question by:pma111
2 Comments
 
LVL 45

Accepted Solution

by:
Vitor Montalvão earned 250 total points
ID: 40466695
Follow the Microsoft recommendations in 100%. The risk is the AV performing a full scan in a file that your application needs and would create locks. I saw that happening few times and trust me, isn't good to see hundreds of blocking processes and unhappy clients. It can also throw the CPU usage to 100% and that's no good either.
0
 
LVL 10

Assisted Solution

by:PadawanDBA
PadawanDBA earned 250 total points
ID: 40466784
So most of the proverbs around anti-virus on SQL servers revolve around performance.  One of the jobs of a DBA (especially ops DBAs) is to ensure that data access is provided with the lowest possible latency to satisfy business needs.  The impact of anti-virus on SQL Server is mostly performance.  To optimize performance you go without it - there really shouldn't be much in the way of an attack surface area on your SQL Servers, it should be abstracted from direct access via an application layer that controls public data access and you shouldn't be installing much/anything else beyond SQL Server on it.  That said, security-minded folks will skewer you alive for such statements and in some companies it may not be possible to go without anti-virus.  That said, you have to make the best of whatever world you live in.  That means optimizing anti-virus applications to have as minimal a footprint on the core performance-driving aspects of SQL Server.  I would propose that the driver is mainly performance.  As to what file types/paths do you exclude, this is a pretty exhaustive list: http://blogs.technet.com/technet_blog_images/b/sql_server_sizing_ha_and_performance_hints/archive/2014/01/16/sql-server-and-anti-virus-best-practices-recommendations-for-exlusion-lists-for-anti-virus-scanner.aspx
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Introduction SQL Server Integration Services can read XML files, that’s known by every BI developer.  (If you didn’t, don’t worry, I’m aiming this article at newcomers as well.) But how far can you go?  When does the XML Source component become …
JSON is being used more and more, besides XML, and you surely wanted to parse the data out into SQL instead of doing it in some Javascript. The below function in SQL Server can do the job for you, returning a quick table with the parsed data.
Using examples as well as descriptions, and references to Books Online, show the different Recovery Models available in SQL Server and explain, as well as show how full, differential and transaction log backups are performed
Viewers will learn how the fundamental information of how to create a table.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now