We used to run Norton AV Corporate on our servers. It noticeably slowed down the servers during a full scan. A couple Web servers routinely got so bogged down with the virus scanning that they started rejecting a large number of new Web connections until the scanning stopped. So I would not recommend using Norton AV on your Web servers, unless you only do limited scans of certain folders, such as folders people upload files to. I would imagine that there are better AV programs for servers. Leo Laporte recommended NOD32 over Norton AV on his KFI radio show last week, although he was talking about desktops.
We had been running these crippling virus scans for years, and there was not a single virus detected across 15 servers during that time. Our workstation computers had been routinely ransacked by viruses that came trough E-mail, but our servers never got infected. The main things to watch out for are these software vulnerability exploits, such as all the IIS hacks and the slammer worm. I am pretty sure most AV software does not help with these security exploits. If you want to reduce the CPU impact of virus scanning on your computers, below is my list of AV exclusion rules to minimize the amount of scanning that is done. Some files and file extensions to exclude: -Files that could not possibly contain a virus (log, txt) -Database files (mdb, ldb, mdf, ldf, ndf, trn, bak, fp5,fp7) -System event logs (evt) -Pagefile.sys should be automatically excluded by most virus scanners. -C:\Program Files\Microsoft SQL Server\MSSQL\FTDATA Some directories that should be excluded from real-time protection: -The Recycle bin (a waste of resources) -Folders used for logging (logging will be slowed) -Folder used in backup processes (a waste of resources) -Folder that are actively used that will never contain a virus As an aside, I would also not use screen savers on servers. I saw one server a few weeks ago that was running a fancy 3D OpenGL screen saver on a server attached to a 16 port KVM switch. The screen saver was taking up 70% of the CPU (because servers do not have 3D graphics cards in them), for something nobody ever saw because the monitor was turned off 99% of the time. It was crazy. Enjoy, Mike Chabot ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:216168 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
