Hi experts
Do we have any specific ODS scan setting for SQL servers? Let me know if any KB available ?
Does McAfee scan ldf/MDF/NDF files during the ODS scan?
Do we need to add any exclusion for MDF/LDF files in ODS exclusions?
Is it recommended to uncheck the scan archive files option in ODS task?
in our environment we ODS scanning lot of large zip files during the ODS and takign long time to complete. VSE 8.8 patch 9/ P11/P13 are installed.
Appreciate your help .
Thanks
Dileep
On demand scan #virus scan
Solved! Go to Solution.
Hi @dileepvn
Thank you for your post. Let me try answering your questions here.
First:
Do we have any specific ODS scan setting for SQL servers? Let me know if any KB available ?
Does McAfee scan ldf/MDF/NDF files during the ODS scan?
Do we need to add any exclusion for MDF/LDF files in ODS exclusions?
Since SQL is managed by Microsoft, exclusions to AV are also recommended by Microsoft. Meaning, We from McAfee would not recommend creating exclusions for anything unless support faces an explicit requirement to do so from the Customer. Hence we would always got with the Vendor and assist you with adding the exclusions. I am sure you would find this KBA useful in understanding the exclusions we can add for SQL servers.
I short, we do not decide "What to add". We only show "how to add" the exclusions using our product.
Here is Microsoft's recommendations for your kind reference.
Moving on to the second part of the question:
Is it recommended to uncheck the scan archive files option in ODS task?
in our environment we ODS scanning lot of large zip files during the ODS and taking long time to complete. VSE 8.8 patch 9/ P11/P13 are installed.
These are excellent questions TBH. Scanning of archives will definitely consume more time than normal. Un-checking archive scan is not a recommendation per se, but it is more fun to understand the logic behind archive scan and to make an informed decision of whether to enable it or not.
Directly quoting from this KBA:
Scanning an archive file type requires the product feature setting for Archive scanning to be enabled. If enabled, this flag is included in the scan request when telling the scan engine to scan the file object. If it is not enabled, the file object is still scanned, but not its contents.
NOTES:
Going by the above logic, Archive files are eventually required to be extracted before the actual files are used. and Extraction process will involve writing the files to the disk from the archived location and also reading the files from the archive itself.
Hence we are looking at a "access" operation which should definitely be taken care of "on-access" scanning feature. This is again well explained here.
I sincerely hope this helps!
Hi @dileepvn
Thank you for your post. Let me try answering your questions here.
First:
Do we have any specific ODS scan setting for SQL servers? Let me know if any KB available ?
Does McAfee scan ldf/MDF/NDF files during the ODS scan?
Do we need to add any exclusion for MDF/LDF files in ODS exclusions?
Since SQL is managed by Microsoft, exclusions to AV are also recommended by Microsoft. Meaning, We from McAfee would not recommend creating exclusions for anything unless support faces an explicit requirement to do so from the Customer. Hence we would always got with the Vendor and assist you with adding the exclusions. I am sure you would find this KBA useful in understanding the exclusions we can add for SQL servers.
I short, we do not decide "What to add". We only show "how to add" the exclusions using our product.
Here is Microsoft's recommendations for your kind reference.
Moving on to the second part of the question:
Is it recommended to uncheck the scan archive files option in ODS task?
in our environment we ODS scanning lot of large zip files during the ODS and taking long time to complete. VSE 8.8 patch 9/ P11/P13 are installed.
These are excellent questions TBH. Scanning of archives will definitely consume more time than normal. Un-checking archive scan is not a recommendation per se, but it is more fun to understand the logic behind archive scan and to make an informed decision of whether to enable it or not.
Directly quoting from this KBA:
Scanning an archive file type requires the product feature setting for Archive scanning to be enabled. If enabled, this flag is included in the scan request when telling the scan engine to scan the file object. If it is not enabled, the file object is still scanned, but not its contents.
NOTES:
Going by the above logic, Archive files are eventually required to be extracted before the actual files are used. and Extraction process will involve writing the files to the disk from the archived location and also reading the files from the archive itself.
Hence we are looking at a "access" operation which should definitely be taken care of "on-access" scanning feature. This is again well explained here.
I sincerely hope this helps!
Thanks @AdithyanT
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA