I heard an interesting conversation today about whether or not Antivirus Scanning exceptions (in this case provided by McAfee) are necessary or not.
The premise around saying "no" is that once SQL Server is up and running and the databases are online, SQL Server prevents an external program from directly accessing the datafiles directly hence preventing proactive antivirus scanning solutions from accessing the datafile. This is done by essentially "locking" the datafile in such a way so that only the SQL Server service user can access the files.
I come from the school whereby exceptions should be added in order to prevent performance problems resulting from constant threat scanning from an antivirus solution.
Does anyone have anything to say on the subject and any experiences one way or the other?