Neverfail and Anti-Virus Tools - General Advice Regarding Interoperability with Anti-Virus Scanners

Follow

Summary

This Knowledgebase article provides general information about interoperability with anti-virus scanners.

 

More Information

In general, Neverfail recommends where possible using one of the supported Anti-Virus products. Please see Knowledgebase article #2 - 'Third-Party Applications Supported by Neverfail' for a list of specific Anti-Virus products supported by Neverfail. If using an unsupported Anti-Virus product, the general advice below should be followed. However, the Neverfail Group may be unable to resolve support calls arising out of interaction with such products.

Please consult and implement the Anti-Virus manufacturer’s advice, as Neverfail guidelines will often follow these recommendations.

General Principles

  1. File Level Anti-Virus should not be used to protect application server databases; for example, Microsoft Exchange databases, and Microsoft SQL Server databases. The nature of database contents can cause false positives in virus detection leading to failure of database applications and data integrity errors. Performance will also be affected. See the Microsoft knowledge base references at the end of this article.
  2. Neverfail recommends that when implementing Neverfail Heartbeat, File Level Anti-Virus temp files should not be replicated by Neverfail Heartbeat.
  3. The File Level Anti-Virus software running on the Primary server must be the same as the software that runs on the Secondary server. In addition, the same File Level Anti-Virus must run during both active and passive roles.
  4. The File Level Anti-Virus should be configured to use the management IP address on the passive server for virus definition updates. If this is not possible, it may be necessary to update Virus Definitions manually on the passive server.
  5. After installation of Neverfail Heartbeat, any changes made to the configuration of file level scanning on the active server must be repeated manually on the passive server.
  6. If File Level Anti-Virus is installed with Exchange components and they share the same common virus definitions, then the plug-in for the Application Anti-Virus should be set to exclude the virus definitions.
  7. The following Neverfail directories ( C:\Program Files\Neverfail is the default installation directory) must be excluded from File Level Anti-Virus Scans:

C:\Program Files\Neverfail\R2\logs and C:\Program Files\Neverfail\r2\log
C:\NFPAGFIL.sys Note: This file does not exist post version 4.4 of Neverfail Heartbeat.
C:\Program Files\Neverfail\R2\FSMTemp Note: This directory and its contents are deleted by the File State Manager when not in use.

Additional References

See Knowledgebase article #146 - How to retrieve the Neverfail Heartbeat logs and other useful information for Support purposes, for further information on log files.

The following Microsoft knowledge Base articles should also be consulted:

Neverfail Knowledgebase articles relating to specific Anti-Virus products

 

Applies To

All Versions

 

Related Information

None

 

KBID-104

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.