Anti-Virus and SQL Server Exclusion Recommendation

passwords

Anti-virus software is useful for scanning systems for infected files. Anti-virus software basically works by scanning files as they are accessed, looking for “signatures” of known viruses. The issue with this process is SQL Server is very heavily a disk-based storage system, and anti-virus solutions will have to essentially scan the files associated with your databases all the time. This will slow down your server performance, maybe just a second here or there, but that could be the difference in your overall server performance.

Here is my recommendation on what files to exclude from standard anti-virus scanning. Before you implement these changes to seek faster performance, you also need to make sure your server is protected from general internet access. Exclude these files in the configuration of your anti-virus software:

Files:

  • SQL Server data files – Including *.mdf, *.ldf, and *.ndf files.
  • SQL Server backup files – *.bak, and *.trn files.
  • Trace files – *.trc files.
  • SQL audit files (for SQL Server 2008 or later versions) – *.sqlaudit files.
  • SQL query files – *.sql files.
  • Analysis Services data – by default the files are located in the “Program Files\Microsoft SQL Server\MSSQL.X\OLAP\Data” folder.
  • Full-Text catalog files – by default located in the “Program Files\Microsoft SQL Server\MSSQL\FTDATA” folder for default instances and “Program Files\Microsoft SQL Server\MSSQL$instancename\FTDATA” for named instances.

You may need to tweak the list based on your configuration or security concerns, but some basic testing and analysis will tell you if the effort is worth the boost in server performance. Some of the common anti-virus vendors agree with this recommendation. Even Microsoft recommends these exclusions.

Advertisements

One thought on “Anti-Virus and SQL Server Exclusion Recommendation”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s