wissel.net

Usability - Productivity - Business - The web - Singapore & Twins

Domino Servers and Anti-Virus

You have build your High performance Domino Server but it doesn't perform. Besides running a proper OS, you need to ensure the right anti-virus configuration. All big Anti-virus vendors have plug-ins that intercept documents before they saved into a database and checked for integrity. So you are save (as far as you can say that). However when using the scanners default configuration the NSF are scanned again when you want to access them. And this is a bad idea. Pointless and an I/O killer. So go check: Does the Virus On-Access-Scanner leave your Notes databases alone (*.NSF/*.NTF in the notes data directory)? Excluding the various tmp locations and the transaction log is also a good idea. Works wonders on performance.

Posted by Stephan H Wissel on 24 April 2009 | Comments (2) | categories: Show-N-Tell Thursday SYWTBADD

Comments

posted by Richard Schwartz on Friday 24 April 2009 AD:
Sorry, but this is not necessarily pointless. Virus definitions are updated constantly. A file can pass the initial scan, yet still contain an undetected virus. One could argue that the proper place to catch this is with desktop anti-virus software, but then why are you scanning on the server in the first place? (Answer: because desktop anti-virus is more likely to be compromised.)
posted by Stephan H. Wissel on Monday 27 April 2009 AD:
@Richard. I agree that a server side virus scan is necessary. But it should be done on a document basis not on a 'when Domino accesses the nsf' basis. This is what all these plug-ins into the virus scanners are for. They need to stay switched on. What I recommend is to switch off the scan-if-a-file-on-the-server-os is accessed.
stw