Posted by drupac_shakur on February 19, 2013 at 7:09pm
Hello.
We are running Drupal 6 on IIS7 on Windows Server 2008 in Production.
There is some concern that our McAfee Enterprise AV setup is causing problems, though I cannot find hard evidence of this.
Was wondering what others used as their AV setup -- general tips or specific to McAfee.
Right now it does full scans at 3 AM locally (we're not a particularly global site).
This causes near 100% CPU usage during that time, but it's a low traffic period for us.
Our bigger concern is that On-Access scanning causes the site to choke periodically.
Does anybody have any insight into whether some process or file-scanning exclusions could be helpful?
Thanks in advance.
Comments
Not sure about McAfee
I use Sophos, and it never has a problem affecting performance. On access scanning and daily scans (also around 03h00) are no problem at all.
The clamav -
The clamav - http://drupal.org/project/clamav - module originally came with the File Framework module; James Andres and I ported it to be a stand-alone tool. It uses the open-source AV tool ClamAV either locally on the same server, or through a connection to a remote ClamAV service, and you can configure which files you want it to scan. The main use-case for the module is scanning user-generated files.
The module has been successfully put into production on global sites with very high traffic levels, although I don't know whether anyone's implemented it on a site that runs on IIS.
--
Marcus Deglos
Founder / Technical Architect @ Techito.
ClamAV for uploaded files
I definitely know ClamAV as it's useful for when you allow file uploads to a Linux server.
Hadn't heard of http://www.sophos.com before.
Does anyone use http://www.avast.com for Windows web servers?
Really not sure what the best practice is for Windows Servers is as far as virus protection.
I've certainly heard enough people have problems with both McAfee & Norton on the desktop.
--
OpenConcept | Twitter @mgifford | Drupal Security Guide