I am looking for best practices to run the endpoint protection client on a SQL server. Best exclusions, best time to run scans. Currently, .ndf, ldf and mdf files are excluded, as well as the paths to MS SQL.
configuring SQL should be in accordance with Microsoft recommendation. For exclusion of MS SQL on SEP installed client, you can check this URL
http://www.symantec.com/business/support/index?page=content&id=TECH105240
Installing a Symantec Endpoint Protection (SEP) client to a cluster server
http://www.symantec.com/docs/TECH91154
How to exclude 2008 R2 Cluster Shared Volumes from Symantec Endpoint Protection
http://www.symantec.com/docs/TECH140062
What scan exclusions should be applied to all Windows clustered server nodes
http://www.symantec.com/docs/TECH105581
Symantec Endpoint Protection 12.1 - Virtualization Best Practices
http://www.symantec.com/business/support/index?page=content&id=TECH173650
Check this thread
http://www.symantec.com/connect/forums/what-best-practice-or-exclusion-clustered-sql-server-sep-deployment
http://www.symantec.com/connect/forums/best-practices-sql-servers-sep
Hello,
Check these Articles:
Best Practices guide for Installing the Symantec Endpoint Protection Manager with a SQL Server 2005 Database http://www.symantec.com/docs/TECH104405
Best Practices guide for Installing the Symantec Endpoint Protection Manager 11 RU5 with a SQL Server 2008 Database http://www.symantec.com/docs/TECH96451
Microsoft SQL Server requirements for Symantec Endpoint Security 11.0 and Symantec Network Access Control 11.0
http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/216db2f2828c1274ca25737b0040d3e5?OpenDocument
Also, check this Thread with similar issue:
https://www-secure.symantec.com/connect/forums/best-practices-sql-servers-sep
Hope that helps!!
HI,
Also check artical
Top "Best Practices" Articles for Symantec Endpoint Protection (SEP) 11.0x
http://www.symantec.com/business/support/index?page=content&id=TECH181685
Thank you both. We have a SQL server on site here that runs an active scan nightly, and there are performance issues during such time. Once the scan has stopped or been stopped manually, performance returns back to normal. Any suggestions aside from what I find in the articles, or changing the scan time to a different time?
Hi,
Check this
Randomizing scans to improve computer performance in virtualized environments
http://www.symantec.com/docs/HOWTO55262
https://www-secure.symantec.com/connect/forums/randomize-scan-sep-121
Is this still suggested eventhough this is not a virtualized environment?
Check this may be help
Adjusting scans to improve computer performance
http://www.symantec.com/business/support/index?page=content&id=HOWTO55250
Thanks. I will look these over and give them a try.
As far as I know SEP will not exclude MSSQL files automatically from scanning.
If you want to know which all folders/Files are excluded from scanning in a particular system you may refer registry keys as described in below KB article
How to understand the file or folder exclusion in the registry by Symantec Endpoint Protection
How to Verify if an Endpoint Client has Automatically Excluded an Application or Directory
For creating exclusion policies you may refer this KB
Can Symantec AntiVirus or Symantec Endpoint Protection scan a MS SQL database?
How to exclude MS SQL files and folders using Centralized Exceptions
If each of your SQL servers users data in different paths you may go with file extension based exclusion.
OR
If the SQL servers keep the data files in similar path you may create exclusion based on directory as well.
Please refer below KB for more information regarding Centralized exceptions.
Creating Centralized Exceptions Policies in the Symantec Endpoint Protection Manager