Antivirus--do they not scan .mdf files?

[jsteph]

Hi all,

I'm wondering what the best practice is for setting up antivirus on a sql-server box.

I'm assuming the OS doesn't see it as 'file access' when data is read or written from the database, but would an antivirus attempt to scan the .mdf (or any sql-server data/log files) when accessed by the OS, say when space is extended? Is is generally accepted to set antivirus to ignore these files?
--Jim

 

[MDXer]

I've always had exclusion rules set up for the directories where my db files are located.

Paul
---------------------------------------
Shoot Me! Shoot Me NOW!!!
- Daffy Duck

 

[mrdenny]

As have I.

Denny
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / Microsoft Windows SharePoint Services 3.0: Configuration / Microsoft Office SharePoint Server 2007: Configuration)
MCITP Database Administrator (SQL 2005) / Database Developer (SQL 2005)

My Blog

 

[SQLBill]

Scanning a .mdf, .ndf, or .ldf file can be a bad thing. The issue is that SQL Server data and log files are always in use. This can cause the anti-virus program to 'lock' and become a 'runaway' process.

We had this happen a few times at my first job until we figured what was causing it and excluded the SQL Server files.

Lastly, make sure that your backups (to disk, or from disk to tape) do not happen at the same time as your virus scanning of those files.

-SQLBill

The following is part of my signature block and is only intended to be informational.
Posting advice: FAQ481-4875

 

[opus06]

Antivirus scanning is bad practice on sqlserver will lead to performance issue. Strongly advised to disable it

 

[BootMeUp]

Depending on the uptime required for your systems, you could just shutdown sqlserver service(say 7:00 PM once a week) and run your antivirus on the mdf/ldf files. I would assume hackers can get into these files just like any others - so this would provide some security without a lot of coding.