Search

GlobalSCAPE Knowledge Base

Antivirus Settings in WAFS v3.7.1 and earlier

Karla Marsh
WAFS and CDP

THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • WAFS/CDP, version 3.7.1 and earlier
For WAFS version 4.0 and later, refer to KB article #11016.

DISCUSSION

Your antivirus configuration can affect file-access performance when using the system. This article describes how to optimize your antivirus setup for use with WAFS/CDP.

Choose from the following antivirus configurations based on your particular needs:

Antivirus at each end-user's workstation - If each of your end-users' workstations are protected, the possibility of an infected file is eliminated and there is no need to run antivirus on the computer running an Agent. This is the most effective level.

Protection at the server running the Agent - Instead of managing antivirus software on each user's workstation, some IT managers prefer to run antivirus software on the servers that run the Agent. When not done properly, this can affect the performance of user file access. Refer to "To configure antivirus software at the computer running an Agent" below for important exclusion setup notes.

Protection at Server - All files move through the Server. You can, therefore, run antivirus software on the Server and scan the Server's root before propagating files to the Agents.

Running antivirus software on an Agent can degrade the performance if not properly configured. The performance hit is caused by the antivirus software thinking that multiple copies of a file are opening. It may scan the same file up to 3 times when a user opens the file once. It may also perform background scans that appear as regular CPU cycles (Norton, E-Trust, NOD32, etc), as well as process scans of the application. If the file is in a linked folder, then the antivirus software scans the file from the original location upon open, AND from inside the replicate drive (e.g., F:\_MySrv\MyVol). Finally, the file is seen internal to the engine (e.g., C:\WINDOWS\AVMF or D:\AVMF), and scanned again.

In addition to on-the-fly scan when a file is changed, some antivirus software includes a daily scan. In this case, if it is necessary to do this daily scan, it might be useful to do it when the Agent is offline. For example, you can schedule the Agent so that it is online 22 hours a day, and offline for two hours during times when users are less likely to use the Agent. During that time, the computer running the Agent can do backups, virus scans, and so on.

To configure antivirus software at the computer running an Agent

Virus checkers allow directories to be excluded from the antivirus scan (often called "exclusions"). The following exclusions should be made at each Agent:

  • Always exclude directories AVM0 and AVMF. All data mirrored on the C drive will be in C:\Windows\AVMF and all data on any other drive will be in <drive_Letter>:\AVMF (e.g., D:\AVMF).
  • Exclude the entire new drive letters (e.g., F:\_MyServer ).
  • If your antivirus scans processes (especially E Trust, Innoculan, Symantec Tamper Protection, Trend Micro OfficeScan/Server protect), always exclude AvlAgt.exe.

Some local server antivirus applications in corporate environments, like McAfee, are controlled by a central monitor service run by your IT at headquarters. Exclusions must be specified at that central console; the console then pushes them out. The exclude list you see at each remote site is ignored in these hierarchical topologies.

If slowness persists for user access to CAD files, exclude the CAD file extension from the workstation antivirus, and check the performance again.

Details
Last Modified: 8 Years Ago
Last Modified By: GlobalSCAPE 5
Type: INFO
Rated 2 stars based on 2 votes.
Article has been viewed 31K times.
Options
Also In This Category