November 16, 2004 at 8:39 am
Does anyone hae any documentation or information regarding running Anti-virus on a SQL 2000 cluster environment (McAfee and Symantec). I heard some talking about negative impact, un-reliable and is a no-no. But, I need some written documentation to establish my case.
Thanks for any help in advance.
November 16, 2004 at 9:43 am
we run Mcafee on our Clusters but we have the following exclusions.
.mdf
.ldf
.bak
c:\winnt\cluster
The reason why anti-virus software is not recommended on SQL servers is if you have a big data/log file and if the file is marked to be scanned while open, this can result in higher cpu utilizations impacting performance. We haven't seen much issues after excluding the above.
November 16, 2004 at 10:31 am
Just to clarify what sa24 stated, it's not a good idea to run AV against bak/ldf/mdf/ (or whatever database data file extensions you use) on *any* SQL Server, not just clusters. It's a good idea to run it on the usual suspects, possibly at a lower priority - just avoid the data files.
I saw a problem a year or so back, a tech. support guy put it on a group of our servers over the weekend and it slowed them nearly to a halt. Worth educating your system administrators if they're over zealous in this area... most are, and with good reason.
You can find a couple of good articles on the subject at the following locations:
http://www.sqlservercentral.com/columnists/bkelley/sqlserversecuritydealingwithantivirusprograms.asp
This article references an MS article at :
http://support.microsoft.com/default.aspx?scid=kb;en-us;309422
Hope this helps...
Jon
November 16, 2004 at 12:47 pm
I think this drill to: should we install any software that is not 'cluster aware' on a cluster. As far as I know, none of the AV is cluster aware. I was told by my H/W vendor that if we install anything that is not cluster aware they will not support if cluster fail.
November 16, 2004 at 1:21 pm
When we had a cluster, we used Norton AV. Now that we can't use the cluster, we still use Norton AV.
When we first set it up, we had lots of problems. The issues were solved by making an exception and having Norton ignore .mdf and .ldf files.
AV programs do not interact well with open files. Since your database files are open, the AV program can't check them but it will try. This can cause a conflict.
So, my suggestion is use the AV. Put one copy on each node and have them ignore the .mdf and .ldf extensions.
-SQLBill
November 16, 2004 at 11:31 pm
On our clusters we have McAfee. No problems. Just, as mentioned above, exclude all the open files on the cluster (not just the ldf and mdf, but also some cluster log files) and configure the virus tool not to scan both incoming and outgoing files. Just use it during read and not write. This is better for performance.
January 13, 2005 at 8:54 pm
We McAfee Enterprise 8 (Patch9) installed on a Windows 2003 Enterprise Server Cluster w/ Enterprise SQL 2000 (Dell 6650 Quad Servers attached to a Dell/EMC CX500 SAN). The problem we are having is that when we use the "Move Group" to switch the resource groups to other node it works from node1 to node2. When we switch back from node2 to node1, node1 will restart with nothing being written in the event logs. The only way to failover back to node1 is ti either restart node2 or pull the patch cables from it. With McAfee uninstalled from both it works just find. We had the AV configured not to scan the SQL directories or any in the cluster. Any sugestion would be greatly appreciated.
Complost
Viewing 7 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic. Login to reply