Knowledge Base : Glossary : Suggest a Question
Search The Knowledge Base
Browse The Knowledge Base
Knowledge Base : General : SQLServer

Performance Tips(SQL database) for Antivirus enabled RayMedi Customers environment

SQL Server in Anti-virus Enabled Environment

If antivirus software is installed on the computer running SQL Server, disable real-time scanning of the data and transaction files (.mdf, .ndf, .ldf, .mdb).
Real-time scanning of the SQL Server data and transaction files can increase disk I/O contention and reduce SQL Server performance.

Directories to exclude from virus scanning

When you configure your antivirus software settings, make sure that you exclude the following files and directories from virus scanning. Doing this improves the performance of the files and helps make sure that the files are not locked when the SQL Server service must use them. However, if these files become infected, your antivirus software will not be able to detect the infection.

* SQL Server data files
These files usually have one of the following file name extensions:
o .mdf
o .ldf
o .ndf
* SQL Server backup files
These files frequently have one of the following file name extensions:
o .bak
o .trn
* Full-Text catalog files
* The directory that holds Analysis Services data

Virus tool types
* Active virus scanning: This type of scanning checks incoming and outgoing files for viruses.
* Virus sweep software: Virus sweep software scans existing files for file infection. It detects files after they are infected with a virus. This type of scanning may cause the following SQL Server database recovery and SQL Server full-text catalog file issues:

o If the virus sweep has opened a database file and still has it open when SQL Server tries to open the database (such as when SQL Server starts or when SQL Server opens a database that AutoClose has closed), the database to which the file belongs might be marked suspect. The SQL Server database files typically have the .mdf, .ldf, and .ndf file suffixes.

o If the virus sweep software has a SQL Server full-text catalog file open when the Microsoft Search service (MSSearch) tries to access the file, you may experience problems with the full text catalog.
* Vulnerability scanning software: The Microsoft Security Tool Kit CD includes best practice guidelines, information about securing your system, and service packs and patches that can protect your system against virus attacks. It also provides Microsoft tools to help you secure your systems and keep them secure. To download it, visit the following Microsoft Web site: (
* Antispyware software: Spyware and unwanted software refers to software that performs certain tasks on your computer, typically without your consent. For more information about how to help protect the computer from spyware and unwanted software, visit the following Microsoft Web site: (

Additionally, Microsoft has released the Microsoft Windows Malicious Software Removal Tool to help remove specific, prevalent malicious software from computers that are running Microsoft Windows Server 2003, Microsoft Windows XP, or Microsoft Windows 2000. For more information about the Microsoft Windows Malicious Software Removal Tool, click the following article number to view the article in the Microsoft Knowledge Base:
890830 ( ) The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Vista, Windows Server 2003, Windows XP, or Windows 2000

Performance loss reported with Microsoft SQL and VirusScan Enterprise (issue: VSE Exclusions)


Sample Summary

Here is a summary of the recommendations.
* Do not scan the paging file(s) on the system.
* Do not scan the SQL Server database file extensions: .mdf, .ndf, and .ldf.
* Do not scan extensions for backup files.
* Do not scan Full-Text directories.
* Do scan system directories.
* Do scan program directories.
Concluding Remarks
This article presents my opinion and recommendations for how to handle SQL Server and anti-virus agents in conjunction. Yours may differ and I hope this article spurs some discussion on the topic. I've tried to explain why I've made a recommendation to offer up for consideration. Ultimately your organization is the final arbiter of how you go about implementing anti-virus agents in your environment. Carefully consider all the factors when determining how to implement anti-virus and SQL Server on your systems.

Windows Server Checklist

Ensure Windows Server processor scheduling is set to “Background services”
Ensuring this configuration setting on all computers running Windows Server in your environment will improve the overall system performance. Follow these steps to ensure Windows Server is configured to favor background services:
1. Click Start, click Run, and then type sysdm.cpl in the Run box.
2. In the System Properties dialog box, click the Advanced tab, and then click Settings under Performance.
3. In the Performance Options dialog box, click the Advanced tab, make sure the Background services option is selected under Processor scheduling, click OK, and then click OK again to close System Properties dialog box.

Firewall enabled and added the required files in Exclusion lists.

Stop or disable any Windows services that are not strictly necessary on all computers in the Server environment.(VNC also)
Running unnecessary services on a production server uses system resources


Virus protection software requires some system resources to execute. You must perform testing before and after you install your antivirus software to determine if there is performance impact to the computer that is running SQL Server.

Related Articles
There are no related articles

Viewer Comments Add Comment
No viewers have posted comments

Powered By AutoKB