Re: Symantec/Norton Real-Time Antivirus Considered Harmful on Exchange Servers

[Kenton Smith <listsks () yahoo ca>]

I'm sure your email will spawn a series of "Me too..."
and "But I've..." emails. My experience with Antivirus
software is that it is very much a "your mileage may
vary" situation. I've been running Exchange 2003 on a
Windows 2003 server with Symantec Enterprise A/V 10
and have not had any problems. The only issue is speed
and that would be solved by using a server that
exceeded Microsoft's Windows specs instead of just
barely meeting them.

Kenton

--- josh () securityfocus com, at
<jrandrews.net () securityfocus com> wrote:

> I've had to deal Symantec/Norton antivirus before on
> Exchange servers. This is a nightmare waiting to
> happen and certainly more then a simple performance
> issue.
>
> I have been through a case where our Exchange Server
> totally bombed and did not respond to requests for 8
> hours because of the Symantec Corporate Agent
> running on the Exchange Server. I did not originally
> know what the problem was and finally had to call
> Microsoft. We managed to figure out and turn off the
> Symantec AV Agent. Also, the issue did not manifest
> itself for a month or more and we never found out
> why it chose to happen then...
>
> MS recommends against running any filesystem AV on
> an Exchange Server and it can even corrupt your
> Information Store. We had lingering permissions
> issues afterwards that it took a while to clean up.
> And yes, the appropriate Exchange directories were
> in the exclusion list. It didn't matter.
>
> I know that the alternative of not running local
> filesystem AV is not particularly attractive, but
> it's better then crashing your Exchange server.
>
> Regards,
>
> Josh



        

        
                
__________________________________________________________ 
Find your next car at http://autos.yahoo.ca