SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


McAfee VirusScan Enterprise 8.7.0i Running on Production Intranet Database Server


McAfee VirusScan Enterprise 8.7.0i Running on Production Intranet Database Server

Author
Message
MothInTheMachine
MothInTheMachine
Ten Centuries
Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)Ten Centuries (1K reputation)

Group: General Forum Members
Points: 1040 Visits: 319
I have always heard that the only thing that should be running on a SQL Server database server (or any make perhaps?) is SQL Server. No Microsoft Office, No Firewalls, No Antivirus. no other software period.

We have a Windows 2003 Enterprise server that we run our SQL Server 2008 Enterprise db on. It sits on a RAID 5 disk subsystem. It powers our intranet and is not accessible from the outside world as it is in a heavily fortified DMZ. There are no files that originate from a client machine being written to the server with the exception of small photographs of adoptable children that are moved from one or two desktop machines within our organization that are also running mcafee. All other files are written to a directory on the server from stored procedures. We push these to other machines within our intranet periodically.

About a year ago our IT department installed the McAfee VirusScan Enterprise 8.7.0i client on the database server. It performs an on access scan whenever a file is read or written to.

Performance slowed to a crawl and eventually it was discovered that we had to exclude certain DB files from being scanned. Once that was done performance improved. We then upgraded to 8.7.0 and performance once again improved.

I would like to hear from other professionals what their preferred method is for virus scanning a db server such as ours, one that never gets input from outside the intranet and rarely from within. Is it really necessary for this to be on our database server? Couldn't the one directory that has files orginating on a desktop be scanned remotely rather than having the app installed? Is it better to have this sitting on the DB Server itself? Does it provide a benefit that a remotely hosted scan can't provide? Can you think of any issues one way or the other?

Thanks for your input!

Love them all ... regardless.
- Buddha
Vikas S. Rajput
Vikas S. Rajput
SSC Veteran
SSC Veteran (201 reputation)SSC Veteran (201 reputation)SSC Veteran (201 reputation)SSC Veteran (201 reputation)SSC Veteran (201 reputation)SSC Veteran (201 reputation)SSC Veteran (201 reputation)SSC Veteran (201 reputation)

Group: General Forum Members
Points: 201 Visits: 192
I have experience in SQL Server 2005 Production environments, and on Oracle as well. You are right to anticipate that SQL Server shouldn't be having any other applications. AntiVirus retains a lock on the files if they find the file to be suspicious (and you definitely don't have much control on this definition). Even if the antivirus scans through the files remotely, even then this issue or concern would remain persistent.

You rightly said that there are minimal chances of database files receiving virus infection. Though if really is required, then I would suggest you get copied files in place and scan them, rather than scanning attached database files. If you find backup files infected, you always have an option of validating the original files.

On a side note, I never encountered situation where DB files were infected from virus.

Regards,
Vikas Rajput

_____________
Vikas S. Rajput
GilaMonster
GilaMonster
SSC Guru
SSC Guru (411K reputation)SSC Guru (411K reputation)SSC Guru (411K reputation)SSC Guru (411K reputation)SSC Guru (411K reputation)SSC Guru (411K reputation)SSC Guru (411K reputation)SSC Guru (411K reputation)

Group: General Forum Members
Points: 411886 Visits: 47116
MS recommendation is to exclude all SQL database files from virus scans. That's the mdf, ndf, ldf, trn, bak and the error log files at minimum.

Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability

We walk in the dark places no others will enter
We stand on the bridge and no one may pass


Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum







































































































































































SQLServerCentral


Search