Re: Virus Scanning Busy Web Server
- From: "Anthony [MVP]" <anthony@xxxxxxxxxxxx>
- Date: Mon, 10 Aug 2009 22:38:37 +0100
I think this is a fault, rather than your AV settings.
If you don't mind experimenting, try taking McAfee off; you can either leave it off for a while, or install a different AV.
If its an AV fault then I think you will need to take it up with McAfee (try different patch levels etc)
"Brock Hensley" <Brock@xxxxxxxxxxxx> wrote in message news:1C5A2CCF-22D5-4342-97A0-EB5B6E1EF60F@xxxxxxxxxxxxxxxx
I have configured the on-access scanner with minimal options; checking only files on Write as well.
Yes, the actual McAfee process doesn't pass 25% CPU, however, when OAS is enabled, several application pools start using the rest of the CPU, causing 100% pegged CPU. These site's are probably just writing more, but I'm not sure why the application pool is affected rather than McAfee.
"Anthony [MVP]" <anthony@xxxxxxxxxxxx> wrote in message news:7AEC6735-7A71-43D4-ADE6-5828FC8EFE72@xxxxxxxxxxxxxxxxBrock,
McAfee should not be running at 100% even if the server is heavily used, so maybe the problem is not the settings.
You'd expect the server to have very few writes, so it should be possible to set the on-access scanner to scan on writes and not reads; but I don't think that should be necessary,
"Brock Hensley" <Brock@xxxxxxxxxxxx> wrote in message news:ED4AD753-EC43-4CCD-B1EA-88627FC6A500@xxxxxxxxxxxxxxxxHello,
We have McAfee Enterprise v8.7i installed on a Win2k3 STD 32bit Web Server.
I've been playing around with the On-Access Scanner settings to try to get the virus scanner to scan files only when being written to, but no matter what settings I adjust, it seems the web server just has too much going on for McAfee not to run at 100% CPU to monitor all the changing files.
My question is, what are the essential/best Anti-Virus settings for busy web servers?
Should I just monitor the C: system drive, or the D: data drive?
Should I worry more about changing files on the C:\WINDOWS folder vs the D:\Inetpub folder?
Should I exclude Temp folders? (or is this a prime spot for viruses to create themselves?)
Thanks for any input in advance,
- Prev by Date: Re: Virus Scanning Busy Web Server
- Next by Date: Re: Strange failed logon attempts
- Previous by thread: Re: Virus Scanning Busy Web Server
- Next by thread: Windows CA Server dBase maintenance