What exclusions need to be in place if you are running antivirus in the performance management environment

What should be excluded for A/V software in a DX NetOps Performance Management install?

Exclusions for Anti-Virus software scanning DX NetOps Performance Management environments including a Portal web server, Data Repository cluster servers (DR), Data Aggregator (DA), and Data Collectors (DCs).

All supported DX NetOps Performance Management releases

Here are the documented exclusions that should be in place if you are running antivirus in your environment:

• Portal Web Server:
  • From the Prepare to Install NetOps Portal documentation section
  • Within it states:
    • To prevent scanning by a local instance of an antivirus client and scanning by a remote antivirus instance which can result in database corruption, you have excluded the installation directory for NetOps Portal, the default installation directory for the MySQL database, and the following MySql subdirectories, from antivirus scans:
      • <installation_directory>/PerformanceCenter/MySql/ (The default installation directory for the MySQL database.)
        
        • NOTE: You can select another directory during installation.
      • <installation_directory>/PerformanceCenter/MySql/bin
      • <installation_directory>/PerformanceCenter/MySql/data
      • <installation_directory>/PerformanceCenter/MySql/tmp
        
        • Note: /opt/CA is the default installation directory for NetOps Portal.
• Data Repository cluster servers (DR)
  • From the Prepare to Install the Data Repository documentation section
  • Within it states:
    • To avoid database corruption and to prevent scanning by a local instance of an antivirus client and scanning by a remote antivirus instance, you have excluded the installation directory, and the following subdirectories:
      • /opt/vertica/*
      • /opt/vconsole/*
      • The specified data directory. Default: /data
        • IMPORTANT: Ensure that the data directory is on a separate mount from the catalog directory. This isolates those file systems from performance and space interference so that they are unencumbered from any other disk usage or performance considerations, including each other.
      • The specified catalog directory. Default: /catalog
        
        • IMPORTANT: Ensure that catalog directory is on a separate mount from the data directory. This isolates those file systems from performance and space interference so that they are unencumbered from any other disk usage or performance considerations, including each other.
      • The Vertica /tmp/vbr/* temporary file.
      • The directory where you back up the data repository.
    • For more information about disk locations, see the Vertica 23.4 Prepare disk storage locations documentation.
• Data Aggregator (DA)
  • From the Prepare to Install the Data Aggregator documentation section
  • Within it states:
    • To avoid potential corruption of data, you have excluded the installation directory, the backup directory, and all subdirectories, from antivirus scans. You have prevented scanning by a local instance of an antivirus client and scanning by a remote antivirus instance.
• Data Collector (DC)
  • From the Prepare to Install the Data Collectors documentation section
  • Within it states:
    • To avoid database corruption of ActiveMQ broker files, you have excluded the installation directory, and all its subdirectories, from antivirus scans. Prevent scanning by a local instance of an antivirus client and scanning by a remote antivirus instance.

This exclusion list applies to anti-virus software and any end-point protection tools. Some common examples are Cisco AMP, Boks, puppet and crowdStrike.