Security Basics mailing list archives
Re: Symantec/Norton Real-Time Antivirus Considered Harmful on Exchange Servers
From: Kenton Smith <listsks () yahoo ca>
Date: Fri, 4 Nov 2005 18:41:33 -0500 (EST)
I'm sure your email will spawn a series of "Me too..." and "But I've..." emails. My experience with Antivirus software is that it is very much a "your mileage may vary" situation. I've been running Exchange 2003 on a Windows 2003 server with Symantec Enterprise A/V 10 and have not had any problems. The only issue is speed and that would be solved by using a server that exceeded Microsoft's Windows specs instead of just barely meeting them. Kenton --- josh () securityfocus com, at <jrandrews.net () securityfocus com> wrote:
I've had to deal Symantec/Norton antivirus before on Exchange servers. This is a nightmare waiting to happen and certainly more then a simple performance issue. I have been through a case where our Exchange Server totally bombed and did not respond to requests for 8 hours because of the Symantec Corporate Agent running on the Exchange Server. I did not originally know what the problem was and finally had to call Microsoft. We managed to figure out and turn off the Symantec AV Agent. Also, the issue did not manifest itself for a month or more and we never found out why it chose to happen then... MS recommends against running any filesystem AV on an Exchange Server and it can even corrupt your Information Store. We had lingering permissions issues afterwards that it took a while to clean up. And yes, the appropriate Exchange directories were in the exclusion list. It didn't matter. I know that the alternative of not running local filesystem AV is not particularly attractive, but it's better then crashing your Exchange server. Regards, Josh
__________________________________________________________ Find your next car at http://autos.yahoo.ca
Current thread:
- Symantec/Norton Real-Time Antivirus Considered Harmful on Exchange Servers at (Nov 04)
- Re: Symantec/Norton Real-Time Antivirus Considered Harmful on Exchange Servers Kenton Smith (Nov 07)
- <Possible follow-ups>
- RE: Symantec/Norton Real-Time Antivirus Considered Harmful on Exchange Servers Roger A. Grimes (Nov 07)
- RE: Symantec/Norton Real-Time Antivirus Considered Harmful on Exchange Servers Mike Fetherston (Nov 07)