Excluding Microsoft SQL Server files and folders using Centralized Exceptions

book

Article ID: 151557

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection (SEP) clients scan Microsoft SQL Server files and folders by default.

  • This increases the amount of disk IO on the computer and can cause slower performance in the installed SQL server instances.
  • The SEP client is not able to scan the data structures within the Microsoft SQL Server database files, and cannot detect threats or risks inside them.
  • It is possible, though highly unlikely, that IO conflicts between the SEP client and the SQL server could cause data corruption.

Resolution

To minimize the impact of SEP client AutoProtect and scheduled scans, exclude the folders housing Microsoft SQL Server database files. For more information on configuring exclusions, see Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager 11 or Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager 12.1.

Note: It is necessary to exclude the folders containing these files for maximum effectiveness. Folder based exclusions are processed before AutoProtect or scheduled scans access a file where file name or extension based exclusions are processed after the scan happens.

For more information on recommendations for Microsoft SQL server, read the following Microsoft article: How to choose antivirus software to run on computers that are running SQL Server.