We're primarily a Citrix shop. The Citrix servers load apps locally and from file servers. The user's profiles are stored on file servers, along with their data. They browse the internet from their Citrix sessions. They access their email via Outlook in their sessions. Without AV on the Citrix and file servers, we'd be toast because of infections from malicious websites and other sources of bad stuff. We do exclude certain folders, depending on what's stored there. For example, we have to exclude the folder where we keep the "Sysinternals" files (now from MS, of course), since our AV doesn't like them, LOL.
-----Original Message----- From: Ben Scott [mailto:[EMAIL PROTECTED] Sent: Thursday, February 28, 2008 5:34 PM To: NT System Admin Issues Subject: Re: "On Access" AV scanning of servers On Thu, Feb 28, 2008 at 4:46 PM, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > I don't care for the idea of AV software on a server being setup for "On > Access" so that everytime someone accesses/reads a file, AV checks it. > Especially on ANY server that has a DB such as Exchange, SQL, MSDE, etc. Certainly, if you're going to be running AV on a server, it should be set to exclude all the "hot" files, like databases for Exchange, SQL, Active Directory, etc. There's an MSKB article that addresses this specifically. If configured properly, the AV shouldn't hurt anything on the server. Whether it's a security benefit/risk/whatever depends on the environment and personal preference. Personally, I like to run the AV on the servers, as it provides another layer (belt-and-suspenders). Maybe a client's AV is somehow broken in a way that isn't showing up. Maybe someone manages to attach their worm-infested home laptop to the LAN. Whatever. YMMV, etc. -- Ben ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
