Is it recommanded to implemen a Virus Scanner on the SQL/NAS Server?

I need a recommadation. Thanks a lot

  • Normally I would disagree. If you want to do that, because of different reasons, then you have to setup the virus scanner in certain way.

    You should setup exceptions for all sql database / transaction logs (include tempdb) and the temp dir of the nst. If you dont do this, then you can create huge performance issue, because of the scanning of the virus scanner.

    I would recommend separate server with restricted access and no internet access. Then you dont need a virus scanner.

    best regards
  • virus scanners need often high cpu and ram amount. not good for an sql server.
    many add strange security rules to the firewall, control network stream and so on.
    so ... no good idea.
    but: set high security levels for the complete LAN against outside influences not for pcs/servers inside the LAN: firewall, etc.
    install virus scanners on the client pcs. the danger comes from the (internal) users, from internet browsing, external files, mails.
    also, on the servers: set high security levels. only 1 AD admin. never give admin rights to users! never give admin rights to service accounts, which run main services like sql server service, nav service, ... each account, each user gets exactly the rights, who he/she really needs. the AD/server/client rights have nothing to do with the role in the company. the CEO does not need admin rights!
Related
Recommended