Anti-virus software on database servers?
I have a friend who's a database administrator is looking for guidance. He wants to know what the best practices are running anti-virus software on a database server.
The situation he recently found himself into was the IT department installed McAfee on one of his Oracle database servers and he's concerned (feels) there's been a performance hit. Even worse the install had nothing excluded and was scanning all files, etc.
I know that there is some AV software that have database server agents...least I've heard they do. But other than the file system I'm just wondering what the threat is and/or point of installing AV to scan the transactions for example.
Anyone out there have some thoughts, tips, experience with this sort of thing?
Re: Anti-virus software on database servers?
Quote:
Originally posted here by ric-o
I have a friend who's a database administrator is looking for guidance. He wants to know what the best practices are running anti-virus software on a database server.
The situation he recently found himself into was the IT department installed McAfee on one of his Oracle database servers and he's concerned (feels) there's been a performance hit. Even worse the install had nothing excluded and was scanning all files, etc.
I know that there is some AV software that have database server agents...least I've heard they do. But other than the file system I'm just wondering what the threat is and/or point of installing AV to scan the transactions for example.
Anyone out there have some thoughts, tips, experience with this sort of thing?
Use one -- it's another layer of defense against dumb admins browsing the web from the server (should never happen), or potentially catch something like Slammer down the line if the server ends up unpatched.
However, it should also be configured to be unobtrusive -- scanning executables is about it IMO. You should already be really picky about what gets onto a server, and you absolutely don't want it trying to scan backups, transaction logs, the databases themselves etc.