On Thu, Feb 28, 2008 at 4:46 PM, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > I don't care for the idea of AV software on a server being setup for "On > Access" so that everytime someone accesses/reads a file, AV checks it. > Especially on ANY server that has a DB such as Exchange, SQL, MSDE, etc.
Certainly, if you're going to be running AV on a server, it should be set to exclude all the "hot" files, like databases for Exchange, SQL, Active Directory, etc. There's an MSKB article that addresses this specifically. If configured properly, the AV shouldn't hurt anything on the server. Whether it's a security benefit/risk/whatever depends on the environment and personal preference. Personally, I like to run the AV on the servers, as it provides another layer (belt-and-suspenders). Maybe a client's AV is somehow broken in a way that isn't showing up. Maybe someone manages to attach their worm-infested home laptop to the LAN. Whatever. YMMV, etc. -- Ben ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
